Confidentiality Policy: Finance Committee

About this policy

Finance committee staffers, due to the nature of their role, can have access to a lot of detailed information about OTW members, volunteers and contractors, such as their legal names and addresses. They also have access to accounts that can do significant damage to the OTW if they are viewed or modified by a third party with malice, such as Quickbooks, PayPal and Bank of America.

It’s essential that Finance committee staffers are aware of their responsibility to the OTW to keep these accounts secure and not to share detailed identifying information about transactions with anyone. While our general expenses themselves are widely known and information about them can be shared according to the guidelines below, personal information about donors or payees should be kept confidential.

All Finance committee members and the OTW Treasurer must agree to this policy prior to their induction.

It will apply during the staffer’s work in the Finance committee and will continue to bind the individual after they leave their position, including during any future service for the OTW in any other capacity.

Definitions

Confidential Transaction Information

This policy covers all Confidential Transaction Information: personally identifying information received by OTW staffers serving on the Finance committee which pertains to any donation, payment or reimbursement made to the OTW or on its behalf, including the name, address or any other identifying information regarding the other party. This does not include the amount of an expense or its general purpose (e.g. premiums; banking fee; servers; colocation).

Confidential Account Information

This policy covers all Confidential Account Information: account information including logins and passwords allowing for viewing and modifying ledgers, making payments, accessing detailed transaction history in tools and services used by the Finance committee, such as Bank of America, PayPal and Quickbooks.

Private spaces

Spaces where confidential information can be shared and/or discussed: Finance committee mailing list; Finance committee private Slack channels; Vault.

Confidentiality

Confidential Transaction Information and Confidential Account Information must be kept secure and shared only within Finance committee staff in private spaces. All password information must be shared among Finance staff only via the Vault.

Donor information can be discussed with Development & Membership staff.

Payment information can be discussed with the Board of Directors and, in case of information pertaining to each specific payment, with the requesting committee or volunteer.

Disclosure of expenses

In all cases, the amount of an expense and its purpose can be disclosed.

In case of payments to external companies or persons, the payee’s name may be openly shared within the OTW. In case of reimbursements to OTW volunteers, internal discussions should refer to the payee by their OTW name.

In reports or discussions outside the OTW, as per general policy, specific names are not identified, only the service the company or person provides (e.g. We paid US$X for “Project management tool” not “Basecamp”).

Disclosure of donations

Donations can be discussed openly, but only in aggregate and anonymised—e.g. “We’ve received 10 donations over US$500 this year” not “We received a US$800 donation this year from X.”

With the exception of communication with Development & Membership, donor information should never be disclosed outside of private spaces.

Backups

Any backups of Confidential Transaction Information and Confidential Account Information must be stored in the Vault.

Enforcement

Failing to uphold these terms while serving in the OTW will be addressed under the Constructive Corrective Action Procedure, and may result in warning, suspension or direct termination, depending on the severity of the misconduct, to be decided by the chair(s) of the Finance committee in consultation with the Legal committee and the Board of Directors.

  • This field is for validation purposes and should be left unchanged.