Data Privacy Risk Assessment for Nonprofit AI Projects

Begin by thoroughly documenting what your AI project does and what data it processes. This foundational step establishes the scope of your assessment and ensures all stakeholders understand the privacy implications.

• Purpose and functionality: What problem does the AI tool solve? What specific functions will it perform?
• Data catalog: What types of personal information will be collected, generated, or analyzed? Include direct identifiers (names, addresses, email) and indirect identifiers (demographic data, behavioral patterns, IP addresses).
• Data sources: Where does the data come from? Is it collected directly from individuals, imported from existing databases, obtained from third parties, or generated by the AI system itself?
• Data flows: How does data move through the system? Map inputs, processing steps, storage locations, outputs, and any sharing with third parties.
• Affected populations: Who are the data subjects? Consider donors, beneficiaries, staff, volunteers, and any other individuals whose information the system processes.

Privacy law and best practice require that data collection be necessary for the stated purpose and proportional to the benefits sought. This principle of data minimization is particularly important for AI systems, which often have the capacity to process vast amounts of information.

• Necessity test: Is each data element truly necessary for the AI system to function? Can you achieve the same outcome with less information or less sensitive information?
• Purpose limitation: Will data only be used for the stated purpose, or could it be repurposed for other AI projects or organizational functions?
• Proportionality balance: Do the benefits of the AI project (improved services, operational efficiency, better outcomes) outweigh the privacy intrusion? Are there less privacy-invasive alternatives that could achieve similar results?
• Retention limits: How long will data be retained? Is there a clear retention schedule tied to operational or legal requirements rather than indefinite storage?

Systematically identify the privacy risks that could arise from your AI project. Consider risks from the perspective of affected individuals, not just risks to your organization. Common AI privacy risks include:

• Unauthorized access or disclosure: Could the AI system or its vendor expose data through security breaches, inadequate access controls, or data sharing practices?
• Lack of transparency: Will individuals understand how their data is being used in AI decision-making? Are AI processes explainable and transparent?
• Algorithmic bias and discrimination: Could the AI system produce biased outcomes that unfairly impact certain groups? Have training data and model outputs been evaluated for bias?
• Inadequate consent: Do individuals have meaningful choice about whether their data is processed by AI? Have they been adequately informed?
• Re-identification: Even if data is pseudonymized or aggregated, could the AI system or its outputs be used to re-identify individuals?
• Function creep: Could the AI system gradually expand beyond its original purpose, processing data in new ways without additional privacy review?
• Loss of control: Do individuals lose meaningful control over their information once it enters the AI system? Can they access, correct, or delete their data?

Not all privacy risks carry equal weight. Evaluate each identified risk based on likelihood and impact to prioritize your mitigation efforts. Use a simple risk matrix to categorize risks as low, medium, high, or critical.

• Likelihood assessment: How probable is this risk? Consider factors like the vendor's security track record, the sensitivity of data, the number of access points, and technical safeguards in place.
• Impact assessment: If this risk materializes, what harm could result? Consider financial harm, safety risks, reputational damage, discrimination, emotional distress, and regulatory penalties.
• Vulnerable populations: Give higher priority to risks affecting children, refugees, domestic violence survivors, individuals with health conditions, or other vulnerable groups.
• Regulatory context: Risks that could trigger regulatory penalties or legal liability typically warrant higher priority.

For each significant risk, identify specific measures to eliminate, reduce, or manage the risk. Document who is responsible for implementing each measure and the timeline for implementation.

• Technical safeguards: Encryption, access controls, data minimization techniques, pseudonymization, secure data transmission, regular security testing
• Organizational measures: Staff training, vendor contracts with privacy requirements, data governance policies, incident response procedures
• Transparency mechanisms: Privacy notices, consent forms, clear explanations of AI use, individual rights procedures
• Accountability measures: Regular audits, privacy impact reviews, documented decision-making processes, designated privacy responsibilities

Document your entire assessment process, findings, and decisions. This documentation serves multiple purposes: demonstrating compliance, supporting organizational decision-making, providing accountability, and enabling future reviews.

• Assessment record: Maintain a complete record including project description, data mapping, risk analysis, mitigation measures, and approval decisions
• Decision rationale: Document why certain risks were accepted and others required mitigation
• Approval process: Obtain sign-off from appropriate stakeholders (leadership, legal counsel, board privacy committee)
• Review schedule: Establish when the assessment will be reviewed and updated (typically annually or when the AI system undergoes significant changes)

The data minimization principle requires you to identify the minimum amount of personal data you need to fulfill your purpose, and to only process that information and no more. Before sending data into an AI tool, organizations should strip out identifying details using techniques like pseudonymization, masking, or tokenization, and the principle of data minimization, or sharing only what's absolutely necessary, further reduces the risk of leakage.

• Collect only the data elements truly necessary for the AI function
• Use synthetic or aggregated data to replace raw records when possible
• Establish clear retention schedules and delete data when no longer needed
• Implement technical controls to prevent purpose creep and unauthorized secondary uses

For nonprofit organizations specifically, training staff is a must, developing clear limitations on AI usage is essential, and other protocols and safeguards may be important to provide warranted accountability, to protect confidentiality of sensitive information, and to address related data retention aspects.

• Provide comprehensive training on what types of information should never be entered into AI systems
• Establish and communicate clear acceptable use policies for AI tools
• Implement approval processes for new AI tools before staff can use them
• Create simple reference guides showing privacy-safe vs. privacy-risky AI uses

Establishing a formal review policy for third-party tools, including vetting vendors for data security practices, ensuring compliance with privacy laws, and providing regular staff and volunteer training, is key to maintaining data security for the organization.

• Review vendor security certifications (SOC 2, ISO 27001, etc.)
• Ensure contracts prohibit using your data to train AI models or for other vendors' purposes
• Require clear data retention and deletion commitments
• Include breach notification requirements and liability provisions
• Verify that vendors will support your compliance obligations (responding to individual rights requests, etc.)

Organizations must ensure proper data minimization, consent management, and monitoring so AI developers and teams handle sensitive information responsibly. Transparency mechanisms help individuals understand how their data is being used and exercise their privacy rights.

• Update privacy notices to clearly describe AI use and automated decision-making
• Obtain meaningful informed consent when required (not just blanket permissions)
• Establish processes for individuals to access, correct, or delete their data
• Provide clear explanations of AI-generated decisions that significantly affect individuals
• Create accessible channels for privacy questions and concerns

Technical safeguards form the foundation of privacy protection. Organizations should implement data minimization principles by collecting only what is strictly necessary for the intended AI use cases, and use encryption, access controls, and other security measures.

• Encrypt data in transit and at rest
• Implement role-based access controls limiting who can access AI systems and underlying data
• Maintain audit logs of system access and data processing activities
• Conduct regular security testing and vulnerability assessments
• Use secure data destruction methods when deleting information

Privacy risk assessment is not a one-time exercise. Establish ongoing monitoring and regular review processes to ensure privacy safeguards remain effective as AI systems evolve and new risks emerge.

• Schedule annual privacy risk assessment reviews
• Trigger new assessments when AI systems undergo significant changes
• Monitor AI outputs for potential privacy violations or bias
• Track privacy incidents and near-misses to identify systemic issues
• Stay informed about evolving privacy regulations and adjust practices accordingly