No one particularly likes change, especially when that change requires a complete re-examination of systems and best practices. The General Data Protection Regulation (GDPR), which was implemented in the European Union in May 2018, requires fundraisers to do just that.

In simple terms, the GDPR is intended to protect the privacy of individuals by regulating how personal data is used and stored. Because this regulation applies to anyone who does business in the EU, the implications for the GDPR for fundraisers are significant. For example, if an academic university based in the United States has a significant alumni base living in the EU, the GDPR would affect how that US-based institution communicates with these alumni.

The ripple effect of GDPR has been felt by fundraisers not only in the EU, but globally. While most people agree that the aim of this regulation is an important one—protecting the privacy of individuals—its enactment requires a huge overhaul in how fundraisers go about raising funds. Many fundraisers are wondering if it will be possible to continue to raise funds using those methods that rely on direct and targeted marketing.

Meanwhile, GDPR presents an opportunity for organizations to stop and reflect on the approaches they are taking to fundraising. Are those approaches that rely on direct and targeted marketing really the most effective?

Our experience with healthcare and academic institutions indicates that successful programs prioritize a focus on major gifts as the key drivers of philanthropic success.