It takes a special kind of person to run a non-profit: the budgets are as tight as the stakes are high, but whether you’re a charity, veteran’s organization, animal shelter or any other type of 501(c), the payoff is knowing your hard work is changing the world. But with all of the hustle that goes into running a non-profit, where does information security fit in?
For any organization, whether NPO or for-profit, keeping technology up-to-date and security locked down is often relegated to an afterthought. After all, security and privacy technology usually don’t show their ROI unless something actually goes wrong. You have donations to collect, member drives to run, volunteers to train and newsletters to send out — there’s not a whole lot of time left for thinking about security.
Even though the work you do is high priority, investing in and using encryption technology is essential for NPOs. All it takes is a single data breach to incur disastrous financial penalties and fines, as well as damage to your reputation.
Why Email Encryption is Good for Any Organization
Before we get into the importance of email encryption for non-profits, let’s look at why organizations (and even individuals!) of all kinds should be using encryption to protect their sensitive data, emails and attachments.
Encryption is written into many organizations’ security policies for a reason: it provides an extra layer of protection in case a hacker, or even a rogue employee without the right permissions, manages to gain access to a file or email message that wasn’t intended for him or her. Encryption provides an extra layer of protection to your files and emails by scrambling them using complex algorithms, and then decoding them for whomever possesses the key.
Let’s say that a cybercriminal somehow gets a hold of your email password, and then tries to get into your inbox. If you’re using email encryption, your email messages and attachments will be unintelligible and unreadable to the hacker unless he or she also has the encryption key.
Why Email Encryption for Non-Profits is Especially Important
Non-profit organizations frequently have to deal with personally identifiable information (PII) that, by law, must be protected. While a breach of any kind of PII can result in lawsuits, costly fines and other financial penalties, given the type of work your non-profit does, the compliance protocols can stack up.
For example, if you’re considered a covered entity by HIPAA (this includes healthcare providers, hospitals, healthcare clearinghouses and insurance providers), you probably already know the stakes of a HIPAA violation: a single breach, which could be as simple as a single email containing protected health information (PHI) going to the wrong person, can run your organization anywhere from $100 to $50,000. Given that the HIPAA Breach Notification Rule specifically levies fines for organizations that don’t promptly send notifications for breaches of “unsecured” data, one of the best ways to keep your non-profit HIPAA compliant is to secure your data. How do you do that? Use strong encryption.
Of course, HIPAA isn’t the only compliance protocol many NPOs need to worry about. If your organization processes credit card transactions (say for online donations), then you also have to worry about Payment Card Industry (PCI) compliance. PCI guidelines for protecting customers’ or donor’s credit card data include using strong encryption, as well as documenting all procedures used to protect your encryption keys. While you’re hopefully not sharing any credit card information via email, it’s also best practice to use email encryption to protect anyone engaging in financial transactions with your organization.
Obstacles to Email Encryption for Non-Profits
Granted, while implementing email encryption for non-profits might seem like a nice thought, there can be a lot of barriers — especially if you’re just starting out. Obviously, there may be budget or bandwidth constraints, and hiring the type of talent necessary to implement something like a PGP email encryption solution can be cost-prohibitive. If you have the talent on-hand, traditional email encryption solutions are very complex to set up, and you might be sinking more hours than you’d hoped into the operation.
Thankfully, email encryption no longer needs to be that complicated. With Virtru, it’s as easy as downloading a browser add-on. Virtually anyone can do it.
Convenient Email Encryption for Non-Profits with Virtru
Virtru is an easy, cost-effective solution for implementing email encryption for non-profits. With turnkey email encryption functionality and a suite of premium features like message revocation and forwarding control, Virtru is an ideal solution for NPOs. Since Virtru works with your current business email provider, it requires no new accounts, plus there are no portals to configure or keys to exchange. Just simple, seamless email encryption.
If you’d like to see Virtru in action, contact us today to set up a demo.