Frequently Asked Questions

Security

Learn how DonorDock works to protect your privacy and security.

How does DonorDock work to reduce the risk of data loss?

  • All data is stored in a discreet cloud database (each DonorDock customer has their own database, no database sharing or co-mingled data).
  • DonorDock data centers maintain compliance certification for the PCI, HIPAA, SOC and FedRamp frameworks.
  • DonorDock employs redundancy in our cloud infrastructure to allow for maximum uptime. If the need arises, DonorDock does have the capability to roll our     systems to another data center with minimal downtime.
  • DonorDock has established a disaster recovery plan to recover from various disaster scenarios.
  • DonorDock uses continuous point-in-time replication to a different data center. All backups are retained for a rolling seven days.

What does DonorDock do to ensure application security?

  • DonorDock is encrypted with TLS.
  • DonorDock requires HTTPS / TLS connections for all resources, including the CRM application and giving pages.
  • All DonorDock applications are housed in a PCI, HIPAA, SOC and FedRamp compliant data center.
  • Passwords are hashed and cannot be viewed by anyone, including DonorDock employees.
  • All changes to the software are peer code reviewed. In addition, DonorDock employs various QA practices for testing prior to deployment.
  • All giving pages leverage Captcha technology to stop fraudulent activity.