Resources - Data Minimization
This is the downloadables page for my resources on the concept of data minimization/minimisation and how it relates to the acquisition and retention of donor information. These resources are free to download and don't require giving me your email. They may be shared with colleagues with proper attribution to me. Distribution without permission, commercial copying and lending are prohibited. These resources do not constitute legal advice and you must seek guidance specific to your organisation when making changes to your data and processes. Any questions on this or if you need my help, drop me a line.
Quick guides
Updated! Letting Data Go (PDF 220KB): A short guide to making data minimization your friend. Updated April 2026.
|
The Traffic Light Data Entry System: a simple method for managing information accuracy in your database (PDF 192KB). Handout from panel session at the 2023 AASP Summit from a data entry method I devised with Aldera Chisholm and Bill Connors.
|
Semi-anonymity: Can you keep inferred information? (PDF 114KB) considers whether you should store inferred information about anonymous donors and email subscribers.
|
Presentations & webinars
- Recording of AASP panel webinar June 11 2024, Data Maximalism to Data Minimalism, with Necie Liggeons and Bill Connors (recording is free to AASP members if you log in).
Useful links:
I'm not responsible for the security and content of these links.
- iData blog - data management concepts and tips: blog.idatainc.com
- National Institute of Standards and Technology blog - cybersecurity and privacy topics: nist.gov/cybersecurity-and-privacy
- Common data protection mistakes (and how to fix them), ICO: ico.org.uk/for-organisations/advice-for-small-organisations/getting-started-with-gdpr/common-data-protection-mistakes-and-how-to-fix-them/. A useful list from the Information Commissioner's Office in the UK. Although it applies to UK orgs the lessons are transferable. This one in particular is key: "The more personal data you hold, the more storage space and security measures you need to keep it safe – which will cost you time, as well as money...Have a reason to keep information, rather than a reason to get rid of it. If you’re required to keep information for a certain length of time, such as financial, medical or legal records, record your reasons in a retention policy...You should sort through your data on a regular basis and destroy personal data securely when you no longer need it."
- Jordan Francis, "Unpacking the shift toward substantive data minimization rules in proposed legislation", IAPP, May 22, 2024. iapp.org/news/a/unpacking-the-shift-towards-substantive-data-minimization-rules-in-proposed-legislation
- Data minimisation as a principle in the GDPR: ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/data-protection-principles/a-guide-to-the-data-protection-principles/data-minimisation/
