Data Privacy Basics
Protect the personal data your organization collects and stores.
For: Nonprofit staff and volunteers
What you’ll learn
- Tell the difference between PII and sensitive data — and protect each accordingly
- Apply data minimization across the full data lifecycle: collect, store, use, share, dispose
- Handle consent, donor data, and client data responsibly
- Use access controls and need-to-know to limit who can see what
- Recognize a breach and the first steps that follow
- Understand the shape of GDPR, CCPA, and HIPAA without needing a law degree
Screen your volunteers for $5
VolunteerBadge runs FCRA-compliant background checks for just $5 — with identity verification built in. No monthly fees, no contracts.
Create a free account →Course outline
- 1
PII vs. sensitive data: what you’re protecting
5 min
- 2
Why privacy is everyone’s job
5 min
- 3
Data minimization & the data lifecycle
7 min
- 4
Consent, donor data & client data
6 min
- 5
Access controls & need-to-know
5 min
- 6
Breach basics: spot it, contain it, report it
5 min
- 7
GDPR, CCPA & HIPAA — the overview
5 min
- 8
Putting it together: a day of good data hygiene
4 min
Sources & further reading
- Federal Trade Commission — Protecting Personal Information: A Guide for Business
- National Institute of Standards and Technology (NIST) — NIST Privacy Framework
- Information Commissioner’s Office (UK) — The principles of the UK GDPR
- California Office of the Attorney General — California Consumer Privacy Act (CCPA)
- U.S. Department of Health & Human Services — Summary of the HIPAA Privacy Rule
- Verizon — 2024 Data Breach Investigations Report (DBIR)
This course is educational and provides general information about the Fair Credit Reporting Act and volunteer-screening best practices. It is not legal advice. Laws vary by state and change over time — consult a qualified attorney about your organization’s specific obligations.