We invest in insurance for a reason: To safeguard our future and to prepare ourselves for the inevitable harder moments in life. Your organization can insure its future as well with both the purchase of literal insurance plans, and the creation of clear safety and communications strategies. This can help you better estimate your organization’s recovery time objective (RTO), or the amount of time necessary to get your organization back up and running.
For nonprofits, disasters can be anything from bad press to an earthquake. Depending on the type of disaster, we’ll first walk you through how to stabilize your situation. Then, we’ll discuss steps to communicate with the public in order to secure the health and reputation of your organization.
Part I: Safety and Stability
There are several different types of disasters your organization might face over the course of its lifetime, all with different degrees of severity. We’ll discuss three different categories of setbacks in order to help you consider how the approach will differ in each situation.
In order to provide you with a useful structure for working through these scenarios, we’ve grouped possible disasters of the greatest concern to your organization in the following way: Public Relations (PR), System Failures or Security Breaches, and Natural Disasters and Robbery. As with any disaster, the safety of your team is most important and should be ensured before you initiate any external protocols. Then you can look at the next steps you need to take to stabilize the situation and communicate to the public.
Depending on your perspective, this is a less extreme disaster scenario in the sense that it likely does not affect the physical safety of any individual associated with your organization. And yet, the word “disaster” still applies, as a truly disastrous PR incident has the potential to irreversibly damage your organization’s reputation, and thus cease your organizations ability to serve its mission and the lives connected to it.
Public relations disasters typically stem from the actions of an individual staff member or affiliate or your organization itself. They can also arise, however, when an individual or entity outside your organization publicly ridicules or places blame on your organization. PR disasters can also happen when your brand is guilty by association, or directly responsible for the incident from which the bad press stems, according to a recent fastcompany.com article.
Today, human errors on social media are an example of a more common form of PR disaster. In 2011, a tweet about alcohol consumption intended for a personal account was tweeted from the American Red Cross’ account. In reply, they removed the tweet and responded to their followers humorously, saying, “We’ve deleted the rogue tweet but rest assured the Red Cross is sober and we’ve confiscated the keys.” In this instance, the American Red Cross sets a good example for recovering from such an incident and reminds us of a few important tips.
In cases like these, it’s important to respond quickly and with a sense of poise. To achieve this, consider these tips:
- A quick response time is important to help mitigate any negative intensification of the issue.
- Acknowledge and admit mistakes to regain support and trust.
- “We don’t know at this time,” or “We’re working on it,” is always better than silence.
- Show the human side of your organization in order to build common ground.
- Don’t be afraid to poke fun at yourself. Use humor when appropriate to move past the situation.
Your organization can take steps to help prevent these PR issues from occurring.
- Use software to help automate processes when possible and eliminate the possibility for human errors.
- Provide your entire staff with social media training and guidelines to use on their own pages. Your staff should have a clear understanding of what information is confidential and what they can feel empowered to share with their networks.
- Review protocol for dealing with sensitive information with any staff directly in charge of your organization’s outward communications including social media, social media management software, email newsletters, direct mail, and your website.
System Failure and Security Breach Disasters
System failure and security breach disasters pose serious threats to your organization. They can occur in isolation, or also as symptoms of a natural disaster or robbery. In the case of data recovery and system failures, much less can be done in the aftermath of the crisis. Implementing preventative measures is essential to weathering technical storms and saving data valuable to your organization and to your donors. Tech Impact, a nonprofit organization that helps other nonprofits and communities navigate technology to better serve their causes, recommends preparing for system failure in the following ways:
- Stay connected with your organization’s IT team and hardware needs in order to understand how long hardware will last and when repairs or replacements might need to occur for each piece. For example, you should know how much time your server has before it needs replaced.
- Have a budget in place for a system disaster. When you need a new server, you don’t want to have to delay the recovery process by moving money around.
- Consider low cost hardware alternatives, such as moving to the cloud so your organization is less reliant on hardware in the event of a disaster.
- Identify what data is essential to your operations and develop a plan to retrieve this critical data. Your recovery point objective or (RPO) is how far back in time you need data to be restored from to continue your normal operations.
- Complete regular back ups.
- Have a back up server—similar to a back up generator—that takes over in the event of server failure.
In addition to system failures, a technology disaster could also take the shape of a breach in your organization’s security. In order to secure donations, you frequently collect sensitive information from donors. What if that sensitive information was jeopardized? How would that impact your relationships with your donors? The University of California, San Diego, recommends the following practices to help avoid breaches in your organization’s security.
- Protect sensitive and proprietary information and make sure it is not accessible to the public via the Internet.
- Use strong, cryptic passwords and different passwords for different accounts.
- Shred paper documents with sensitive personal information.
- Wipe hard drives before disposal.
- Have trained professionals regularly check for any vulnerabilities hackers may exploit.
Natural Disasters and Robbery
Though very different circumstances, both natural disasters and robberies are entirely out of your organization’s control and can be extremely devastating to the health of your organization. Hurricanes, floods, tornados, earthquakes, fires, power outages, and armed robbery are all examples of situations your organization may need to be prepared for. Safety protocols in response to each follow a similar structure.
In the event your organization is impacted by a natural disaster or robbery, you’ll want to be sure you already have a safety plan in place. This plan should be communicated to all staff members and enforced regularly with the use of quizzes or drills. While these events are impossible to prevent, you can take steps to lessen their impact and help your organization weather the storm.
- Create a safety binder. Aggregate all important emergency contact numbers and an employee phone tree and keep the binder in a readily accessible location at all times.
- Drill your staff on any physical steps that need to be taken in the event of an emergency, such as exit strategies and a rendezvous location.
- After the physical safety of your team is established, consider what essentials your organization needs in order to continue to function. Internet? Email? Phones? A safe location?
When you take the time to consider the different types of disasters ahead of time you save your organization valuable time, resources, and possibly even lives. As you plan ahead, it’s also important to address what funds, if any, will be necessary to carry out these steps in the event of an emergency. The amount of time it takes to recover has a lot to do with available funds. If you reserve a budget for an emergency, your organization will have a lifeline to ensure the necessary action steps outlined above and below may be taken immediately.
How your organization shares these internal practices with the public eye is important to help preserve your organization’s reputation and maintain positive relationships with your supporters. Complete the following communications checklist to prepare your organization for communicating to the public about any disaster.
Part II: Communications Checklist
Appearances are everything. If your organization is silent, or appears ill informed or unprepared to make a statement, your reputation among your supporters will suffer, which will likely result in a decline in financial contributions.
To prevent this, your organization needs to appear as poised and informed as possible in the face of a crisis. Remember, it’s not how you fall, it’s how you get back up again. Review this checklist, inspired by Joanne Fritz’ article “6 Tips For Effective Crisis Planning,” to understand what work you can do before, during, and after an emergency to get your organization back on its feet as soon as possible. Complete this checklist to help strengthen your relationship with donors and supporters in the midst of a crisis and to contain the disaster as much as possible.DOWNLOAD YOUR EMERGENCY COMMUNICATIONS CHECKLIST