The Challenge
San Diego’s Planning Center serves churches and ministries, providing evolved worship scheduling and other applications. Calligo was enlisted for security.
Based in San Diego, Planning Center is a church management software company serving churches and ministries across the US and Europe.
Since it was set up fifteen years ago, the platform has evolved from a worship scheduling tool for organising volunteers, facilities and service programs to now including multiple applications for membership, managing donations, event registrations and child check-in tools.
With more than 50,000 customers, Planning Center currently holds millions of special category records and any data breach could potentially devastate their business. In their quest for thorough, honest and practical engagement, Planning Center turned to Calligo.
The Action
Calligo examined Planning Center’s processes to see if they met GDPR requirements, identified non-conformance, and oversaw remedial work.
Calligo’s first step was to examine how Planning Center’s existing processes and technologies stood up to GDPR requirements. After an in-depth analysis, Calligo identified a series of quick wins as well as areas of non-conformance. With the report presented and next steps agreed, work quickly began to implement resolutions. Calligo supervised all the remedial work to ensure it was carried out correctly and efficiently.
Due to the extreme sensitivity of the data that Planning Center processes, the platform is required to appoint a Data Protection Officer (DPO) to monitor the organisation’s ongoing adherence. Calligo was duly appointed and continues to serve as Planning Center’s DPO. This outsourced service covers a broad spectrum of responsibilities including advising on data protection and information security matters pertaining to the GDPR, reviewing and advising on privacy policies, procedures and documentation and serving as the contact point for data protection authorities for all data protection issues.
Churches and ministries are the heart of what we do at Planning Center…As their data management providers, trust is our number one most valuable asset. By working with Calligo, we’ve greatly increased the trust our churches have with us and the trust their congregations have with them, empowering them to do their jobs even better. The impact of our work with Calligo has consequences that reach far beyond our business and our bottom line.
Daniel Murphy
Product Manager, Planning Center
The Impact
Calligo’s engagement with Planning Center improved data security, privacy, and compliance culture, resulting in pre-planning privacy adherence, risk management, and ongoing data privacy.
The benefits of Calligo’s engagement are significant – data security and privacy have become part of the natural language of Planning Center and embedded within its culture. Whereas privacy used to be addressed towards the end of the project, it has been moved to the beginning and this pre-planning privacy adherence has proved far more effective. Any privacy weaknesses can now be identified and remedied right from the get-go.
As Planning Center has realised, Calligo’s capabilities stretch far beyond privacy and the value of their GDPR project has been multi-faceted. Calligo’s expertise in technology, infosecurity and information management means that, in addition to the compliance framework, Planning Center’s entire risk profile has been addressed. Looking at how data flowed through the organisation, Calligo worked with the wider team to design and deliver a robust foundation for Planning Center to minimise its risk to emerging and developing regulations without sacrificing time to market. In essence, achieving ongoing data privacy by design and default.