Pros and Cons of Donor Database User Permission Security

This often debated function for donor databases or CRM’s can truly carry consequences in both directions. Any organization debating this issue would do well to view the following reasons before deciding what is best for them. Unfortunately, the consequences of too much or too little in the way of user permissions can be far reaching in regards to the impact on funding your mission.

Pros of Donor Database User Permission Security

Here are some key ones to consider.

1. At least one person should be designated as the system administrator. As the administrator, they should have very special access in order to ensure consistency of field structure and data entry/data import/data integration options. Only if proper structure is kept in place can the reporting be sound and the data being used by the fundraisers accurate. This is one area where too many cooks in the kitchen can spoil the meal so make sure this person has special access rights!

2. Read-only access for certain volunteers that you do not want changing any data elements. For example, they might need to view information while checking people into an event of some nature.

3. Read-only access for staff not directly involved with fundraising. In any nonprofit with a rich culture of philanthropy everyone should be aware of all donors and their impact on the organization. Too often key front line employees who interact daily with volunteers and donors are just not aware of donor interests and needs.

Cons of Donor Database User Permission Security

Before key ones are listed below here is a key case in point to review.

Over the last 36 years of presenting and implementing donor databases for organizations ranging in size from $50,000 in annual revenue to over $500 million in annual revenue there were extensive levels of user permission security put in play about ten percent of the time.  

In at least half of those implementations, the user permissions were removed within a year due to unfortunate incidents involving key donors, reports being inaccurate, or when mail list pulls missed certain segments entirely!  

Several of the unfortunate outcomes will be explored in more detail in the list below.

1. Limiting access to certain records and their key data such as donations and other personal data such as age, number of children, and interests can wreak havoc with this same person creating, editing and in some cases even using filters and queries. If access is not allowed for viewing or editing then using that same information to filter data will not be allowed in most user security schemes. We have seen this happen over and over as mailing and/or special event invitations are created.

2. Limiting access to certain donors while allowing access to others. This means this individual could accidentally communicate with a key donor without knowing the pertinent background details. Usually this leads to improper communications and many times a double solicitation. This case has resulted in more user permission security levels being removed than any other. Many times it is the CEO reaching out to us as a database vendor requesting immediate removal of most of the user permission security levels!

3. Keeping fundraisers or volunteers working with donors from entering or viewing financial transactions. Just like the examples above, numerous embarrassing situations can occur. There needs to be enough trust so that the donor is treated as the special person they are. We have seen cases where volunteers were handling credit card information at special events, but were not allowed to know who key donors were. The ramifications of credit card misuse could be far more devastating than knowing the amount donated last year.

We often hear about a culture of philanthropy. Here is an excellent explanation from a dear friend Simone Joyaux on creating a culture of philanthropy:

Creating a culture of philanthropy

“Effective organizations embrace a culture of philanthropy. Each volunteer and every employee feels it. Clients and donors recognize it whenever they connect with the organization.

Everyone in the organization embraces customer-centered and donor-centered…not just mission-centered and client-centered. Everyone in the organization, from the janitor to the chair of the board, understands that philanthropy and fund development are critical to organizational health and that each individual (both the janitor and board chair) has a role in the process.

First and foremost, everyone is an ambassador for the organization’s service, and for philanthropy and fund development. Being an ambassador means doing one’s own job well, understanding how all the various jobs in the organization create one integrated system, and—most especially—treating all of the organization’s customers (clients, donors, volunteers, community people, etc.) with care and respect.”

Such teamwork can’t be initiated and maintained without TRUST among everyone on the team. This trust can and must be extended to all items involving the donors and prospective donors. Yes, this includes database access.

Only by sharing information can anyone touching/communicating with the donors be properly informed and thereby ready to be the ambassador your organization desires in a full blown culture of philanthropy.

Summary

Every nonprofit engaged in philanthropy needs to fully aware of the pros and cons of user permission security. Those permissions and the trust surrounding them just might have a much bigger impact on on your culture of philanthropy than previously thought. The extent of your organization’s culture of philanthropy will be a key factor in funding your mission as the future unfolds.