Friday, June 23, 2006

Keep personal info off your site

In Microsoft's article, "9 Things Not to Have on Your Web Site", one often overlooked by churches is not including personal information about staff and members.

Everyone likes to see their name or photo on the web. In these days of increasing data theft, though, churches need to do more to protect identity-type information about their members and staff.

Do not show the following on your web site:
  • Full names (the most common exception is the pastor)
  • Home street addresses (even for the pastor)
  • Home or cell phone numbers (even the pastor's cell)
  • Members' personal email addresses
  • Personal names as staff email addresses
  • Staff or member photos (again, the common exception is the pastor)

Coping

  • Use email attachments, rather than the web, to give members electronic access church newsletters, advance copies of the Sunday bulletin, and even the church directory.
  • If you put your newsletter or similar articles on the web, identify people by position (no name) or by first name only. You may find, like I did, that you'd need to "scrub" the newsletter so much that the effort isn't worth it.
  • When you show photos, either avoid using names, or use first names only. Be general. Consider what a thief might do with the information you provide.
  • For staff email addresses, use the generic position, not their name. Use pastor@mychurch.org or music@mychurch.org, for example. An added advantage to this is that the staff email address is valid even if (when) the person changes.
  • Be very careful when adding names to email lists for bulletins, newsletters, and directories. If someone in your church doesn't personally know them, require them to appear in person and fill out a request form. Don't "assume" that a request by email is an honest one.
  • Advertise your personal information policy -- your members will appreciate your concern.

No comments: