Legal and Tech FAQ's
MPDX Global Transition
Legal and Technical Frequently Asked Questions
See the general FAQ here
Global 250 announcement here
1. Is MPDX legal in Europe?
2. How will the registration of local donations be done so that the staff can have them in his report?
3. How will Donorwise and Dataserver migrate to MPDX so that historical data is not lost?
4. Would it be possible for national leaders and finance team to have access to all MPDX staff reports for MPD accountability?
5. Is it possible to use MPDX if you do not have FCX?
6. Where are the servers for MPDX?
7. Why is it not feasible for an individual country (or all countries in one Area) to host their own data (on dataserver or DonorHub) and continue to use TntConnect?
8. What about a nation like Korea that is not using TntConnect and has their own system? Do they need to move to MPDX?
9. How do we uphold the value of partnering with nations and giving them freedom of choice?
10. Isn’t storing all our data in one place more of a risk than each country storing their own?
1. Is MPDX legal in Europe?
MPDX will comply with the stringent European Union data protection laws. The EU regulators require organizations that move data out of the EU to meet certain requirements when they do so. CCC is putting model contracts in place to meet these requirements. This is essential for protection of the data and for compliance with EU laws. Third party tools where the primary database is stored on an individual’s laptop do not comply with EU laws. While some data is downloadable from MPDX, the primary database is controlled by CCC and we can change what is downloadable at any time.
Second, in the event of a breach, CCC is obligated to give notice to the individuals affected by the breach. This cloud based solution avoids the problem of having individual computers loaded with donor data that are virtually impossible to secure or to give proper notice in the event of a breach, as the data on the individual computer is neither known nor controlled by the organization.
2. How will the registration of local donations be done so that the staff can have them in his report? As MPDX is not on the FCX platform, how will the accountants use it? What is the difference between all of these systems?
MPDX is not a replacement for Donorwise or Dataserver.
- Donorwise is the system that your office uses, mainly to book and track donations.
- Dataserver is the system that makes donation information accessible to other tools on the internet.
- Dynamics is the Financial Accounting tool
- FCX is the environment that both of these tools sit on.
You will continue to use all of these systems after the move to MPDX.
There is a separate project (NextGen Finance), where we are looking to replace FCX (Dynamics, Donorwise etc) with a greatly enhanced cloud based solution (called Netsuite). But this is unrelated to the MPDX move.
MPDX receives its information from Dataserver, just like TnTConnect. So you will continue to use donorwise on FCX, which will send your donor data to dataserver. This is not changing in the move to MPDX. But as of Sept 2017, TntConnect will no longer be able to retrieve donor data from dataserver - meaning that your staff will need to switch to MPDX.
3. How will Donorwise and Dataserver migrate to MPDX so that historical data is not lost?
Staff can upload their TntConnect database to MPDX, so that they will retain their historical data. MPDX will talk directly with Dataserver and retrieve ongoing donor information.
4. Would it be possible for national leaders and finance team to have access to all MPDX staff reports for MPD accountability?
You will still be able to do this in dataserver. Many MPD coaching features are also being added into MPDX as well.
5. Is it possible to use MPDX if you do not have FCX?
Yes! We have many ministries using MPDX, who are not on FCX.
6. Where are the servers for MPDX?
MPDX is hosted on Amazon Web Services (AWS), which has servers all over the globe. (more here)
7. Why is it not feasible for an individual country (or all countries in one Area) to host their own data (on dataserver or DonorHub) and continue to use TntConnect? Let’s give them that choice.
If the ministries intend to pass data across borders, they must do that in a way that is legal. If data is leaving the EU, there must be model contracts in place to legalize the transport of the data.Even if there was an option to "wall off" a country or the EU (which is not possible if you want to operate effectively as a global organization), the country or area office would still have to comply with the EU laws, which include items such as notification, and the TNT model simply does not allow for proper compliance. Individuals control data on their personal hard drives and the organization (whichever organization that may be, whether it is a national ministry, an area office, etc.) has no control of that data, or even knowledge of what all is on a personal hard drive. This is a problem because if a hard drive is lost/stolen, the organization will have a duty to inform the individuals whose data was compromised, and the organization not be able to do this. This is dangerous for the donors data primarily, but is also dangerous at a system level for the organization as regulators will not be impressed that the system is setup to store data on local hard drives.
8. What about a nation like Korea that is not using TntConnect and has their own system? Do they need to move to MPDX?
We need to work with all our Areas and nations to ensure that excellent tools are in place and that we’re abiding by data privacy law. The more national ministries we can see on common systems, the better we can work together and see our vision worked out. We’ll engage with countries using their own systems now to evaluate what changes might need to be made.
9. How do we uphold the value of partnering with nations and giving them freedom of choice?
In this case we want to partner in helping to make a needed change. We also want to continue to engage with countries to help understand needs and continue to develop MPDX as a better and better tool. As we noted, we usually desire freedom of choice in our systems, but the complexity of global data privacy issues and our desire to move money and information around the world, requires that we approach this from a global perspective.
10. Isn’t storing all our data in one place more of a risk than each country storing their own?
Cloud based systems, where data is stored in large databases is more and more common practice. Therefore the security around cloud based data is as high as possible. Even though data is in the cloud, that doesn’t mean that anyone will have access. There is still strict security on who has access and we are putting internal protocols in place to ensure that national data is protected and handled appropriately.