By definition, a not-for-profit (NFP) organization is one that does not earn profits for its owners. Some may think that NFPs are slower-paced and less challenging in nature, but nothing could be further from the truth. The reality is that these organizations face the same business challenges as for-profit businesses. All the money earned by or donated to an NFP is used in pursuing the organization’s objectives.
Technology challenges are growing for those in the NFP world. Many NFPs choose not to rely on qualified IT support professionals to keep their hardware, software and data up to date and secure via proactive monitoring and maintenance. They make this mistake simply because their boards and donors prefer to support capital improvements over support services with recurring fees even though they help improve productivity, heighten security and reduce costs over the long term.
Just as all organizations rely on the Internet, so too do NFPs. They deal with highly confidential and personal information for many people—employees and clients. Therefore, the security and compliance issues faced by an NFP entity are multiplied here. These organizations need to ensure that their network and premises comply with a host of regulations including: HIPAA (Health Insurance Portability and Accountability Act); audits and security standards for hardware, software and processes; and PCI compliance if they are using and/or storing any personally identifiable information (e.g., credit card numbers).
As security and cybersecurity needs increase, NFPs also need to take action or they could be liable for litigation and/or shut down, denying them the chance to serve their clients and achieve their mission. IT Radix advises our NFP clients to put a variety of security measures in place. Some recommended security measures include establishing: policies that encourage strong passwords that change regularly, guidelines for use of computing devices both in and out of the office, and rules for physically securing computer hardware and backups. While other security measures require implementing tactical strategies such as: confirming anti-virus subscriptions are up to date and patched and ensuring adequate automated backup programs are in place and monitored. Additionally, proper encryption protocols should be in place for data and email both stored on your computer and while in transit.
Another technology challenge for the NFP sector is how best to embrace cloud solutions. The cloud offers a host of possibilities including remote accessibility of highly secure and backed-up data as well as cost savings over time. However, the perceived loss of control (data is not stored on a server in the office) and the need for Internet access can sometimes preclude the NFP executive from leveraging the cloud.
Like any organization, those with NFP status can benefit from a discussion of their current technology processes and systems to learn how IT can enhance their overall compliance, productivity and security—enabling them to better serve their clients. Still have questions? Why not give IT Radix a call. Our goal is to make IT work for all our clients so that they, in turn, can focus on meeting their organization’s primary objectives.
First published in our September 2015 IT Radix Resource newsletter
