As new information and communication technology (ICT) continue to emerge, more attention is paid to the adverse effects ICTs have on individual and community data privacy and protection. In the wake of the 2015 UN Sustainable Development Goals, many humanitarian organizations began crafting their own data protection policies. However, there are currently no accepted standards or principles around the use of ICTs in humanitarian response. Using a mixed method content analysis, this study evaluates sixteen recent humanitarian data protection policies. The EU General Data Protection Regulation was used as a framework to assess the comprehensiveness of each policy. Results found significant differences in how organizations prioritize issues surrounding data and technology. This analysis provides guidance for policymakers in their efforts to develop safe and comprehensive policies surrounding the collection and use of individual and community data.