12 Data Security Management Tips to Keep Sensitive Information Out of the Wrong Hands


According to the Federal Trade Commission, 1.1 million Americans had their identities stolen in one year alone.* This type of theft often occurs among individuals and small businesses, but recently, churches have become targets as well. Data security management is essential to guard personal data that could be used for identity theft.

Why worry about data security?

As a church, you handle sensitive personal and financial information. If the data ends up in the wrong hands, identities can be stolen, substantial financial losses can occur, and victims can face countless hours needed to repair the damage. Developing strong data security policies helps protect your ministry and the people you serve.

Thieves seeking to obtain the personal and financial information of others may view churches as potential targets. It’s wise to be prudent and responsible in protecting the personal data of your members who trust you to handle such information appropriately.

What Your Ministry Can Do

To help protect the church and its members, staff and volunteers, you can develop data security policies, communicate the necessary procedures and train staff and volunteers to be on the lookout for suspicious activity. Guard your data with these 12 ways to manage data security:

  1. Never give out church members’ personal information over the phone, mail or internet without verifying the requester. Avoid sending sensitive data through email — it’s not secure.
  2. Never leave offices unlocked and unattended, even for a short time.
  3. Secure employee, volunteer and member records in locked cabinets. Never leave papers or files unattended on desktops.
  4. Shred papers with personally identifiable information about church members or sensitive church data. Don’t just throw them away.
  5. Send and receive business mail from a secured mailbox or post office box.
  6. Use passwords on business computers and change them often.
  7. Install a firewall to protect your computer network against unauthorized access. A firewall protects against hackers accessing sensitive information on your computer and using it to commit crimes.
  8. Install anti-spyware software and keep it updated to maximize data security management. Set your virus protection software to run automatic updates each week.
  9. If you allow members to make tithes and offerings with a credit or debit card, follow security rules set by the major card companies.
  10. Turn on the security features of your wireless network. Test the features to ensure they operate properly and keep network servers in a locked room.
  11. Turn off computers when not in use.
  12. Back up data regularly and securely.
Minimize Data Theft and Other Risks

The suggestions above are general in nature, and additional steps may be necessary or appropriate for your church’s situation and needs for data security management. For more information on what to do in the event of data or identity theft, find helpful resources from the Federal Trade Commission.

Protecting your ministry extends beyond data breaches, and that’s what we’re here for at GuideStone. For help with risk management and cyber liability insurance, contact us at InsuranceSolutions@GuideStone.org or (214) 720-2868, Monday through Thursday, from 7 a.m. to 4:30 p.m. CT and Friday, from 7 a.m. to 4 p.m. CT.

This article is for informational purposes only. It is not intended to be construed as legal advice. Readers should use this article as a tool, along with best judgment and any terms or conditions that apply, to determine appropriate policies and procedures for your church’s risk management program.