Welcome to The Explorer

The Premier Online Knowledge Base for Information and
Statistics About Social Good

Browse The Explorer

Data with Privacy Implications

Nonprofit organizations manage heaps of personal and sensitive information about the people they serve. From social security numbers and financial records to reputational data like criminal background checks, this sensitive information is easily worth more than any other item on an organization’s balance sheet. The value of this data and the responsibility of organizations to protect it provide clear impetus for social good professionals to prime themselves in a few fundamentals of data privacy.

Upcoming Legislation

Although there is not a comprehensive federal law regarding the treatment of personal information in the United States, there are commonly recognized standards for what constitutes ‘data with privacy implications.’ While it varies by country and state, many consider personal information to include an individual’s first and last names as personally identifying when they appear together with a social security number or another identifier such as a name, an identification number, or location.

In the United States, the California Consumer Privacy Act (CCPA) defines personal information as information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked–indirectly or directly–with a consumer or household. These identifiers may include a real name, postal address, email address, social security or driver’s license number, and more. Learn more about legislation like the CCPA from the California Legislature.


Types of Data with Privacy Implications

Many organizations collect a type of data with privacy implications known as protected health information, or PHI. Made up of information in medical records that can personally identify someone, PHI could include data like a patient name or birthdate, billing information, and even the results of medical tests. This particularly affects organizations like hospitals, foundations, community health centers, and medical research associations. The United States maintains a privacy law covering PHI practices known as the Health Insurance Portability and Accountability Act of 1996, commonly known as ‘HIPPA.’ For more information check out these resources from the U.S. Department of Health and Human Services.

For more information on this topic, please visit: Privacy