I started the week by reviewing IRS’s publication about guarding taxpayer data. The publication is meant for tax firms but the concepts apply to all organizations that handle sensitive data. Last week I reviewed an accounting firm’s operations and, for the second time this year, declined to work with a service provider solely on the basis of failure to provide a statement of adequate protections for handling sensitive data. I see this as a growing risk.
Many small businesses tend to lack effective controls in this area and nonprofit organizations are even more vulnerable, in my observations.
For more information on improving performance of nonprofit organizations, request a copy of my booklet “What every nonprofit board member should know”. It is free to officers and directors of nonprofit organizations.