Page 274 - Washington Nonprofit Handbook 2018 Edition
P. 274

where  the  compromise  involves  paper  data.    Some  states  also  add  other  data
               elements such as date of birth, medical information, or mother’s maiden name.


                       Washington  requires  notification  in  the  form  of  a  physical  writing  to  the
               affected individuals.  Organizations may provide substitute notice by publication or
               e-mail in the event of larger breaches.  Washington, like many states, also requires
               notification to major credit reporting agencies in the event of breaches of a certain
               size.  A few other states also require reporting to consumer protection agencies.

                       Other requirements and certain exceptions apply under the notification laws.
               Notably, Washington and most  other states  do  not  require notification  when  the
               lost  or  stolen  data  has  been  encrypted.    If  you  have  the  type  of  data  that  could
               trigger  notification  laws,  keeping  that  data  encrypted  could  help  you  avoid  the
               requirements under these laws.


                       Because  timing of notifications  is  usually  an  element  under  state  laws and
               commonly the subject of investigation by state agencies, one of the most important
               things for an organization to do in the event of a breach is to act quickly to secure
               technical and legal advice to respond to a breach and notify individuals as soon as
               possible.


                  CHAPTER 74.  Internet Advertising and Privacy Laws

                       The internet has become an important tool for nonprofit organizations that
               allows nonprofits to more easily solicit donations, publish information via websites,
               provide e-newsletters to members, and much more.  Nonprofit organizations must
               comply with important laws governing internet advertising and privacy as well as

               ensure that any online solicitations comply with state and federal regulations.

                       One of the most important things all nonprofit organizations should do is to
               embrace transparency and accountability.  Today, donors are using the internet to
               keep tabs on the charities they support and to find out more about the ones they
               are considering supporting.  Organizations can make it easy for them by ensuring
               that  all  relevant  data  about  itself  is  easily  accessible.    If  your  organization  files  a
               Form  990  or  has  an  annual  audited  financial  statement,  consider  making  this
               information available on your website or providing a direct link to your GuideStar
               (https://www.guidestar.org) or similar listing.


                       The  internet  allows  us  to  obtain  a  wealth  of  information  about  consumer
               behavior when visitors utilize a website, purchase items, or make online donations.
               Any  website  can  easily  obtain  consumer  information  by  simply  monitoring  the






               WASHINGTON NONPROFIT HANDBOOK                -263-                                       2018
   269   270   271   272   273   274   275   276   277   278   279