Publications & Products
Office Space: Sharing the Wealth of Confidential Data
Office Space: Sharing the Wealth of Confidential Data

A prospect research privacy policy respects potential donors and protects vital fundraising information

By Brooke Burke


Justine Beckett

As a prospect researcher, I routinely comb through a bevy of publicly available information—such as news articles, real estate records, court documents, and U.S. Securities and Exchange Commission filings—and frequently turn up information on divorce settlements, medical problems, corporate malfeasance, criminal activity, and other legal issues. The goal: Determine whether individuals have the capacity and inclination to become prospective donors.

Prospect researchers come across all kinds of information—often mundane, but sometimes colorful and even downright scandalous. What we find can offer important clues about a person's ability and willingness to give and whether a development officer should pursue someone as a viable prospect. For instance, a person embroiled in a legal dispute may not be in the best financial place (or mindset) to remember to send a monthly donation to his alma mater, while the recently divorced Mrs. Smith may suddenly have a much larger bank account for funding a new project or professorship.

My goal is to synthesize the material I uncover into a brief, unbiased overview for the hungry eyes of my frontline fundraisers. While a Nick Nolte–style mug shot, a racist Twitter account, or an alleged infidelity might be interesting tidbits of information if I were writing a biography, I exclude such details from our printed reports if they don't affect a prospect's capacity to give.

Our routine handling of sensitive data led to a sudden realization in 2012: The development research department needed its own privacy policy. Northeastern University and many of its divisions and units already have a variety of privacy policies and statements in place, but none was specific to our work. So last year we contacted dozens of prospect researchers at other colleges and universities, museums, and hospitals to determine if their shops had a privacy policy. None did, but they immediately saw the benefits. In addition to protecting prospective donors' privacy and securing the data that we collect and the work that we produce at our Massachusetts institution, creating a policy would outline the purpose of our research and how we expect others to handle it.

One policy to protect it all

We began drafting our guidelines by reviewing the university's various privacy policies and statements, including the one used by the development office. Each college has its own—as does the employee portal, all four campus libraries, and the employee credit union. We used Northeastern's overarching policy as a template and borrowed ideas from other institutions while crafting a document that's tailored to our work.

I believe a prospect research privacy policy needs to answer the following questions:

  • What is being researched?
  • Why is this research being done?
  • Where might this research end up?
  • With whom will this research be shared?

We created a policy that clearly states our main principles: 1) to respect our constituents' privacy and ensure that all advancement staff always handles confidential information in an appropriate manner, and 2) to seek out only the information that is necessary for effective fundraising and present only the data that is relevant to a prospect's potential as a donor. We believed that laying out our mission would help avoid any confusion about the work our office produces.

The document also emphasizes other key points, such as reminding staff that research profiles and prospect data are confidential and should be shared on an extremely limited basis and that only staff directly involved with fundraising will have access to confidential prospect data.

Deciding what to include in prospective donor reports is a major dilemma for many researchers, who must approach their jobs with a just-the-facts mentality. When I'm making such judgments, I think it's also important to objectively assess the research material and consider what outsiders—or even the potential donors—would think if they saw the reports. Would the information embarrass or anger someone? Is it relevant to the development officer's or the university's relationship with the person? At the same time, if relevant information that affects a person's ability to give is publicly available, such as a pending lawsuit or another well-documented financial issue like a divorce settlement or a foreclosure proceeding, I believe it belongs in our research documents.

Determining how our research will be used can be difficult, but asking myself whether the information I include in my reports is pertinent to a person's capacity to give has helped me customize my work to fundraisers' specific needs. For example, if a development officer is raising money for research on a new type of building material, there's no need to mention that a prospect's spouse has a rare genetic disorder. But if the development officer is looking for funding to study this genetic disorder, that information is relevant and should be included.

Finally, and most importantly, who gets to see the information we create? I'm often not sure what happens to my work once it leaves my outbox, but my colleagues and I have all learned of fundraisers who improperly (yet innocently) shared our research with people outside of development, such as professors or volunteers who are helping solicit gifts. We addressed such disclosures in our policy by outlining what information can and can't be shared externally. We also created guidelines on storing our confidential research, which prohibit saving data to unsecured locations like personal hard drives or cloud storage services such as Dropbox.

Passing on the personal

Nearly as difficult as deciding what material to include in a prospective donor's report is determining what additional information is worth mentioning to a frontline fundraiser in a separate email or conversation. Should I let her know that her newest prospect is a suspect in a recent murder? Absolutely! Should I include that in the prospect's research? No! In this situation, I would typically email the fundraiser a link to an article about the case or visit her office to provide the background she needs to determine her next steps. The decision of whether to pursue a prospect belongs to our fundraisers. While this is a gray area that our privacy policy intentionally doesn't address, asking myself the four questions at its foundation helps me decide which information to include in my written reports and which to discuss privately with a fundraiser on a case-by-case basis.

Six months have passed since we completed our privacy policy, a project that helped us both examine how our development research department operates and educate frontline fundraisers about our work and how we expect them to treat it. We've also added the policy to the research orientation packet that each new frontline fundraiser receives. Most of the information that the privacy policy contains seems fairly obvious, but seeing it in black and white is a reminder to experienced development staff members and the new people we bring on board. It has proved to be a policy worth sharing.

About the Author Brooke Burke

Brooke Burke is the assistant director of development research and prospect management at Northeastern University in Massachusetts.




Add a Comment

You must be logged in to comment . Your name and institution will show with your comment.