When a disaster such as Hurricane Katrina strikes, most of us think first in terms of saving people, animals, and property.  We grab the babies, the dogs, and the family heirlooms; the network file server and the backup tapes aren't such high priorities.

Thinking first about babies, dogs, and heirlooms is very appropriate in life-threatening situations, but if you work for a nonprofit organization, you should also be thinking about and planning for potential information technology failures that can occur along with more urgent disasters. If the aforementioned file server at your agency is damaged or destroyed, how will you carry out your mission?  What sort of ethical or legal problems will you have if you can't account for lost (or stolen) records?  Will you be able to operate from an alternate site if your headquarters have to be evacuated? How quickly will your information systems be back in business after a disaster, and who will be responsible for making it happen?

It should be obvious that the time to address these questions is long before disaster strikes. 

Here are a few suggestions for getting started:
Ask around for recommendations.  Comparable organizations in your town may be willing to share copies of their disaster recovery plans, or to refer you to technology professionals who have helped them with these tasks.

Look up "disaster recovery" on TechSoup, TechFinder, Google, and Wikipedia. There are plenty of publications, organizations, and conferences that focus on this topic, and some of them will be happy to provide you with checklists and other helpful materials.

Consider making an investment in first-rate professional services.  There are plenty of small nonprofits that have a contingency plan that consists of having a secretary copy all of the organization's computer files onto a spare disk once a week, which he/she then takes home and puts in his/her sock drawer.  This is a strategy that is not only unsecure but incomplete.

Think in terms of having a written plan, and review it with your colleagues at least twice a year.  It also helps to have a periodic rehearsal of some of the physical tasks involved in disaster recovery, such as evacuating the agency or restoring files to the server.

Remember all the fuss about Year 2000 compliance?  For most nonprofit organizations, even the ones that rely on complex information systems, things were pretty quiet in the days that followed the new year, and nothing very terrible happened.  This was mostly because everyone did a lot of advance preparation. Let's try to learn from that experience.

Have I mentioned lately that I'm a fan of TechSoup?  The good folks there have posted an article by Don Cameron that we all need to review: "Technology Planning for Civil Emergencies:   Prepare your organization to deal with the unthinkable.