Make-A-Wish is the largest wish-granting organization in the world, granting life-changing wishes of seriously ill children. Make-A-Wish Foundation International is a global charity founded in Phoenix, Arizona, serving children in more than 50 countries around the world. With the help of donors and more than 40,000 volunteers around the world, Make-A-Wish has granted more than 500,000 wishes worldwide.
At the heart of Make-A-Wish’s operations are the children and families they grant wishes to. This is why they run a lean team, dedicating as many of their resources and funding to wish granting. Given the nature of their work, there is a significant emphasis on protecting the data of their beneficiaries, including some sensitive data, as well as consideration for the personal data of the donors that is processed.
To ensure maximum funds go towards their affiliates and beneficiaries, Make-A-Wish International runs a lean team, with under 20 people running the International office. Even prior to the GDPR coming into effect and the opening of their European operational office, Make-A-Wish International set a goal of achieving a GDPR standard privacy program. With such a small and global team, it’s difficult to get time together to talk about privacy, which is why they needed a central point to track, measure, report and action privacy processes.