baltimore Buildings
baltimore Buildings
baltimore Buildings
20NTC Session Proposal

Privacy and Security Patterns for Nonprofits


This session defines basic privacy and security obligations and how they apply to nonprofits. Learn what privacy actually means, why security matters for you and your supporters, and what you can do to proactively improve your data handling online.

We’ll also discuss the need to map potential threats to your online infrastructure and your online supporters, how to assess your org’s privacy and security policies, and review our open source, a free tool that breaks down complex privacy rules and regulations into actionable, curated guidance that can be implemented in less than five minutes.

Learning Outcomes

  • Help nonprofits understand privacy responsibilities and make risk based decisions
  • Provide curated, specific advice on how to manage donor, employer and operational data
  • Share awareness of a free, open source tool




Josh Levy

Chief Technology Officer

Center for Digital Resilience

Josh Levy is Chief Technology Officer and co-founder of Center for Digital Resilience (CDR), a global NGO that facilitates digital security support for communities around the world. He’s also the founder and director of the Digital Security Exchange (DSX, the U.S. project of CDR. He’s been a digital rights advocate for more than a decade, working as Advocacy Director for Access Now, Campaign Director for Free Press, and other groups running initiatives to protect the free, open, private, and secure internet.

Tracy Kosa


Stanford University

Tracy Ann Kosa is a privacy researcher and advocate. She was a Non-Resident Fellow at the Digital Civil Society Lab at Stanford PACS when this work was developed. Dr. Kosa is currently teaching tech ethics at Seattle University, serving on Axon’s AI Ethics Board, and working in security engineering at Google.

Her current research work focuses on computational models for human values (ethics in privacy) to help data subjects and practitioners better understand the implications of their design and consent choices. For two decades, as a privacy director at Microsoft, privacy officer at UHN, DPIA analyst at the Government, and doctoral student, Kosa has written, taught and preached about the need to make informed choices and transparent system design. She holds a PhD in applied computer science (UOIT), Masters degrees in public policy (UM) and ethics (York), and was the founder of the first PIA Center of Excellence in Ontario.

You must be
logged in to add favorites



E143- E144


March 15, 2019


10:30am – 11:45am

CFRE Credits

NFR - 1.25

Collaborative Notes

Click here

Session Evaluation

Click here