AI can be transformational for social impact—when implemented securely.

Actually. Let’s back up.

Data-driven decision-making can be transformational—when implemented securely.

The consequences of data vulnerabilities in social impact work go far beyond misplaced funds or wasted resources—they can come with real risk. AI amplifies that risk. It can also help mitigate it—but only if we understand the layered nature of:

1. The core principles of cybersecurity;

2. How those principles relate to social impact data; and

3. How AI introduces new risks and opportunities

This post brings a grounded perspective: where the rubber hits the road for social impact orgs navigating data and AI. It’s a long one, so buckle up. Scroll further to find the tl;dr, but first: if you want a quick tool to assess whether you and/or your organization are ready to use AI with your social impact data, check here for a cursory quiz.

*Instead of footnotes, I’ve included the list of resources in an annex at the end.*

The TL;DR: First Steps in Mitigating Data Vulnerabilities in Social Impact and AI

Begin with a Data Map
Know exactly what you’re collecting, where it’s stored, who owns it, and how sensitive it is. No AI should touch your data until this is clear.

Apply Strong Governance and Encryption
Encrypt sensitive data, restrict access to those who need it, and set clear retention policies.

Build AI-Specific Safeguards
If you’re using generative AI, verify how data is processed and whether you’re using a secure, private deployment. Never pass sensitive data into public models unless fully anonymized.

Educate Continuously
Train your team—not once, but regularly. Risks evolve fast.

Core Principles of Cyber and Data Security

Let’s begin with plain old cybersecurity. There are excellent resources out there that explain the principles. Whole papers, books, courses, programs. This isn’t trying to be one of those. This is for people working in social impact and evaluation who are suddenly being asked, “Can’t we just run this through ChatGPT?”

Whoa, Nelly! When you’re working with financial info from rural farmers, reports from survivors, logs of informal settlements—you’re not managing risk in the abstract. You’re managing risk that could lead to real harm.

Before we jump on that bandwagon, we need to pause. The question isn’t whether AI can help us—it’s whether we have a solid enough foundation to use it responsibly. So let’s ask ourselves: Do we know where our data lives? Do we know who can touch it? Do we know what we’re exposing when we feed it to an LLM?

That’s where core security principles come in. They give us a framework not just for compliance, but for protecting the people behind the data. These aren’t just IT best practices—they’re frontline protections:

The CIA Triad (Foundational Principles)

· Confidentiality: Ensuring sensitive data is only accessible to authorized individuals.

· Integrity: Maintaining data accuracy and trustworthiness.

· Availability: Making sure data and systems are reliably accessible when needed.

Modern Cybersecurity Principles

· Authentication: Verifying that users are who they say they are before granting access.

· Non-Repudiation: Keeping secure logs to ensure users can’t deny their actions later.

· Least Privilege: Giving people only the minimum access they need—no more.

· Defense in Depth: Layering multiple safeguards so one failure doesn’t expose the system.

· Separation of Duties: Splitting responsibilities across people or teams to reduce misuse.

· Security Awareness Training: Teaching everyone—not just IT—how to spot risks and act safely.

· Incident Response: Having a plan to respond quickly and effectively if something goes wrong.

· Data Backup and Recovery: Making sure data can be restored if it’s lost, damaged, or stolen.

Before using powerful AI, social impact practitioners need to understand these—not as a technical checklist, but as real-world ethics and safety.

Adapting Security Principles for Social Impact Work

While these principles are universal, applying them in social impact contexts requires a heightened sense of duty. The data we work with isn’t about customers—it’s about individuals and communities, many of whom may be navigating precarious or high-risk situations. The consequences of failure go beyond reputation—they can be life-altering.

In addition to the core cybersecurity principles already discussed, stewards of social impact data should also adopt a set of ethical and contextual practices tailored to the heightened stakes of this work:

The “Do No Harm” Imperative
This is about prioritizing the safety and privacy of the individuals and communities we serve—because in social impact work, a data breach doesn’t just hurt reputations; it can put real people in danger.

I once worked on a project in Lebanon supporting small agricultural businesses. We collected and reported organizational-level financial data—business profits, contact details, everything—in an Excel file. Not even password-protected. At the time, that was standard practice. It shouldn’t have been.

We eventually overhauled our system, introduced anonymization, and enforced stricter controls—well before the funder’s requirements. That was the right call. In a politically sensitive environment, exposure could have caused serious harm.

This work often involves highly sensitive personally identifiable information (PII)—health status, trauma history, political affiliation. The ethical stakes are much higher than with commercial data. And the tools we use need to reflect that.

Rigorous Data Minimization
Collect only the data that is absolutely essential to the mission—nothing more. In social impact work, every extra column in your dataset costs funding dollars that could be spent on producing impact. It costs your participants time spent answering your questions and can also represent unnecessary risk. From a practical standpoint, fewer data points mean less to secure, store, pay for, audit, and potentially expose. Ethically, this principle asks us to interrogate our data collection practices at the design stage. If you wouldn’t want it leaked, don’t collect it unless it’s absolutely necessary to your mission.

Human-Centered Risk Assessment
Evaluate risks based on their potential for real-world harm to individuals, not just the organization. The integrity of monitoring and evaluation data is paramount. It’s not just about accuracy—it’s about consequences. If data is altered or compromised—whether by accident, negligence, or attack—it can lead to poor or even dangerous decision-making. For instance, an evaluation that erroneously shows a program is underperforming might lead donors to withdraw funding from an initiative that is actually saving lives. Conversely, compromised data might mask a failing or harmful program, allowing it to persist unchecked. I’ve seen both of these happen. Many times.

Maintaining integrity also involves having clear standards for how data is collected, validated, and audited. This is especially relevant when dealing with longitudinal or indicator data in impact evaluations, where small shifts can have disproportionate effects. In fragile settings or humanitarian contexts, the downstream impacts of poor data integrity can be not just waste, but harm.

Inclusive, Accessible Security
Design security systems and processes that are usable and empowering—especially for non-technical teams and historically marginalized communities. If people can’t use a security system, it doesn’t work. In social impact settings, stretched teams and limited tech access mean overly complex tools often lead to risky workarounds.

Accessible security means choosing tools that meet people where they are—like mobile-first encryption apps or simplified multifactor authentication—and investing in ongoing coaching so teams feel confident using them. It also means ensuring that communities understand how their data is handled. Dashboards and findings should be in plain language and usable formats so people can participate meaningfully and speak up when something’s off.

Trust and Transparency as the Foundation
Build data systems on openness, shared ownership, and cultural respect—not just compliance.

Communities aren’t just data sources—they’re stakeholders. They deserve a clear say in how their data is collected, used, stored, shared, and deleted. That includes knowing who controls it, who can access it, and how they can opt out or request removal.

When people understand their rights, they’re more likely to engage—and more likely to speak up when something feels off. Building trust also means aligning with cultural norms: consulting elders about consent, offering opt-outs, or keeping data within local jurisdictions.

As AI grows in our sector, we need to keep our data practices grounded in the relationships that make this work possible.

Unique Data Security Risks When Combining Social Impact and AI

AI is moving at warp speed. New tools are emerging constantly, vendors are multiplying, and the technical jargon—from model types to encryption protocols—can feel overwhelming fast. Even with solid security fundamentals, AI introduces new risks—especially in social impact work where the data is sensitive, infrastructure is limited, and many AI systems are black boxes. But that’s not a reason to check out. It’s a reason to get literate.

Remember the Lebanon example, where financial data sat in an unprotected spreadsheet? Now imagine uploading that to ChatGPT without knowing where it goes, who can access it, or whether it’ll be used to train future models. That’s not just risk—it’s exponential risk, with less visibility and control.

AI systems vary widely, but there are several core dimensions where AI tends to create—or amplify—vulnerabilities. And from each, a principle emerges:

Human Expertise and Capacity Gaps → Build Internal Literacy
Most organizations don’t have internal AI or data security experts. This foundational gap makes it hard to vet tools, challenge vendor claims, or manage systems safely.

Principle: Invest in staff training and internal understanding of AI systems. Don’t outsource judgment—build capacity.

Baked-in Bias and Fairness → Audit for Equity
AI models trained on historical data often replicate systemic bias around race, gender, income, or geography.

Principle: Interrogate both inputs and outputs for bias. Build in equity reviews, participatory design, and fairness audits

Opacity and Emergent Properties → Demand Explainability
AI systems often behave unpredictably or opaquely—even to their creators.

Principle: Avoid black-box tools for high-stakes use cases. Choose vendors or models that offer transparency and interpretability.

Specific AI Attack Vectors → Plan for Adversaries
AI systems are vulnerable to manipulation through attacks like data poisoning or adversarial prompts.

Principle: Assume attacks are possible. Use adversarial testing, secure your training and input pipelines, and monitor for misuse.

Data Drift and Model Misalignment → Monitor and Recalibrate
When real-world conditions change, AI performance degrades.

Principle: Establish regular evaluation, feedback loops, and retraining cycles. Define triggers for system review or deactivation.

False Confidence → Ground AI in Reality
AI tools can look sophisticated while masking deeply flawed assumptions or insecure inputs.

Principle: Don’t over-trust the output. Validate with evidence. Maintain human oversight in every critical loop.

Amplification of Risk → Fix the Pipeline First
AI doesn’t just automate decisions—it can scale bad practices.

Principle: Secure your underlying data and governance before layering on automation. Clean, safe inputs are non-negotiable.

Regulatory Blind Spots → Operate Above the Minimum
Most jurisdictions lack clear legal standards for AI in low-resource settings. My earlier post 7 Effective Tools for AI Governance Now discusses this topic.

Principle: Don’t wait for regulation. Develop your own ethical standards and guardrails aligned with the communities you serve.

This is not an argument against AI. It’s an argument for responsible use. With a clear, well-governed data foundation, AI can be a powerful tool for social impact. But when used without discipline or context, it becomes a liability—one that communities often bear the cost of.

Conclusion: Strengthen the Foundation First

AI won’t enhance social programs if the foundation—your data—is unstable. Before we scale our decision-making with AI, we need to shore up the basics. And that starts with understanding exactly what we hold and what’s at stake if we lose control of it.

In the next piece, we’ll examine infrastructure gaps that hinder effective and secure AI deployment. Subscribe to follow the series.

Anthralytic helps mission-driven teams make smarter decisions by combining human insight with AI-powered tools—safely. We build strategy, evaluation, and accountability systems that work—without the jargon. Learn more at anthralytic.com.

Share

Resources

Begin with a Data Map

• Secoda – How does data mapping facilitate data governance?

Apply Strong Governance and Encryption

• OneTrust – Top 6 Data Governance Best Practices

• Iron Mountain – Data Governance for Unstructured Data

Build AI-Specific Safeguards

• NSA/CISA – Deploying AI Systems Securely (PDF)

• SentinelOne – Generative AI Security Risks

Educate Continuously

• Wikipedia – Internet Security Awareness Training

CIA Triad

• PhoenixNAP – Confidentiality, Integrity, Availability

Authentication

• OWASP – Authentication Cheat Sheet

Non-Repudiation

• Tripwire – Your Virtual Shield

Least Privilege

• Microsoft – Secure Least-Privileged Access

Defense in Depth

• Imperva – Defense in Depth

• Cloudflare – What is Defense in Depth?

Separation of Duties

• Imperva – Separation of Duties

Security Awareness Training

• Cybsafe – 7 Reasons Why It Matters

Incident Response

• CISA – Incident Response Plan Basics (PDF)

Data Backup and Recovery

• Morgan Stanley – Importance of Data Backup

• ConnectWise – Backup Strategy Best Practices

Rigorous Data Minimization

• SecurePrivacy – Data Minimization & Retention Policies

Human-Centered Risk Assessment

• EPIC – Privacy Harms from AI (PDF)

Inclusive, Accessible Security

• NCBI – Inclusive Cybersecurity

• MIT CyberIR – Accessibility and Security

Trust and Transparency

• Open Data Watch – Building Trust

Human Expertise and Capacity Gaps → Build Internal Literacy

• UNESCO – AI Literacy and the Digital Divide

Baked-in Bias and Fairness → Audit for Equity

• FAS – Auditing Tools for AI Equity

Opacity and Emergent Properties → Demand Explainability

• UC Berkeley CLTC – Explainable AI

Specific AI Attack Vectors → Plan for Adversaries

• Wikipedia – Adversarial Machine Learning

• Wikipedia – Prompt Injection

Data Drift and Model Misalignment → Monitor and Recalibrate

• Orq.ai – Model vs. Data Drift

False Confidence → Ground AI in Reality

• MIT News – Preventing LLM Overconfidence

• Medium – The Confidence Trap

Amplification of Risk → Fix the Pipeline First

• Superna – Securing the AI Pipeline

• Pythian – Securing the Lifeblood of AI

Regulatory Blind Spots → Operate Above the Minimum

• Yale Journal on Regulation – Regulatory Sweet Spot for AI

• Responsible.AI – Navigating AI Policy Levels

Cross-cutting Security Governance Frameworks

• NIST SP 800-53 Rev. 5 – Security and Privacy Controls