Is your data safe?


12 data security tips for you and your ministry

According to the Federal Trade Commission, each year, nine million Americans have their identities stolen. Many of these thefts occur to individuals and small businesses, but recently, churches have become targets as well.

Why worry about data security?

You may be a church, but you're handling sensitive personal and financial information. Churches can develop policies that help protect them and the people they serve.

Persons seeking to obtain personal and financial information of others may view churches as potential targets. You will want to be prudent and responsible in protecting the personal data of your members who trust you to handle such information appropriately.

What your ministry can do

To help protect the church and its members, staff and volunteers, develop data security policies and make sure they are communicated and explained as necessary and appropriate. Train staff and volunteers to be on the lookout for suspicious activity. Here are more data security tips:

  1. Never give out church members' personal information over the phone, through the mail or over the internet without verifying the requester. Avoid sending sensitive data through email; it's not secure.
  2. Never leave the offices unlocked and completely unattended, even for a short time.
  3. Secure employee, volunteer and member records in locked cabinets. Never leave papers or files unattended on desktops.
  4. Shred papers with identifiable member or church personal data. Don't just throw them away.
  5. Send and receive business mail from a secured mailbox or post office box.
  6. Put passwords on business computers and change them often.
  7. Install a firewall to protect your computer network against unauthorized access. A firewall protects against hackers accessing your computer and having access to your files or using your computer to commit crimes.
  8. Install anti-spyware software and keep it updated. Set your virus protection software to run automatic updates each week.
  9. If you allow members to make tithes and offerings with a credit or debit card, follow security rules set by the major card companies. Visit to learn more.
  10. Turn on the security features for your wireless network. Be sure to test that they operate properly. Keep network servers in a locked room.
  11. Turn off computers when not in use.
  12. Back up all data regularly and keep backup disks in a locked area.

The suggestions above are general in nature, and there may be additional steps that are necessary or appropriate for your church's situation. For more information on what to do in the event of a data or identity theft, visit the Federal Trade Commission's.

This article is for informational purposes only. It is not intended to be construed as legal advice. Readers should use this article as a tool, along with best judgment and any terms or conditions that apply, to determine appropriate policies and procedures for your church's risk management program.