www.mattnj.com
HIPAA COMPLIANCE
CONCERNS FOR
NON PROFIT
ORGANIZATIONS
HIPAA COMPLIANCE
CONCERNS FOR
NON PROFIT
ORGANIZATIONS
There are many non profit organizations
that are bound by HIPAA compliance
regulations. If you handle sensitive data
or deal with Electronic Patient Health
Information (ePHI) through health and
human services software, then you need
to ensure your organization becomes
and maintains HIPAA compliance.
IS YOUR NON PROFIT A COVERED
ENTITY?
Some organizations may not be fully
aware that they are considered a “covered
entity” and they must comply with
HIPAA regulations. HIPAA regulations are
designed for covered entities, which are
defined as healthcare clearing houses,
healthcare providers, and health plans.
Health providers include hospitals, schools,
pharmacies, and non profits dealing
with sensitive data or ePHI. Business
associations of covered entities must
also comply with HIPAA regulations, and
2 | mattnj.com
include legal service providers, medical
billing companies, software providers, IT
providers, and business services providers.
If you use web-based applications and
health and human services software
in the course of providing your non
profit services, you must become HIPAA
compliant to avoid penalties and steep
fines for violating the regulations.
HIPAA does not differentiate between
for-profit businesses and non profit
organizations and the same rules apply
for everyone handling PHI and ePHI.
CONFIDENTIAL DATA CONCERNS
You will want to understand how you use
individuals personal information, whether
it is in person, through the mail, or via
electronic health and human services
software. Who can access and edit data?
How is it transferred from one person to the
next or from one organization to another?
Is the data protected from outside access?
MAINTAINING HIPAA COMPLIANCE
WITH HIGH EMPLOYEE TURN-OVER
One of the unique challenges a non profit
organization faces when it comes to HIPAA
compliance is the high rate of employee
turn-over. Non profits are often unable to
pay employees as competitively as other
organizations, which results in a higher turnover. As people leave your organization,
you need a system in place to ensure
3 | mattnj.com
they no longer have access to confidential
information, as well as a system in place
to help you quickly get a new employee
access to the data he or she needs.
PREPARING FOR INSPECTIONS AND
AUDITS
From time to time, non profit organizations
may be audited for HIPAA compliance.
Organizations including DHS, SAMHSA,
grantees, funders, and Federal agencies
may conduct a walk-through of your
current systems. If found in violation
of HIPAA requirements, you can face
penalties that can prevent your non profit
organization from fulfilling its mission.
Becoming HIPAA compliant won’t cost
you as much as paying the fine, and
Matthijssen can help you spread out
4 | mattnj.com
the cost of becoming compliant over
a period of several years rather than
trying to come up with it all at once.
AVOIDING HIPAA VIOLATIONS
You will want to choose an IT provider
who is familiar with HIPAA requirements
to eliminate concern for HIPAA violations.
Matthijssen is an IT provider with
extensive experience working with non
profit organizations. We have partnered
with a law firm that specializes in HIPAA
compliance issues, giving you a onestop-shop experience for everything
your non profit needs to become
and maintain HIPAA compliance.
We can work with you to upgrade your
computerized infrastructure to handle
user access and network security properly,
ensure secure storage of your files, and
even help you meet regulations that will
allow you to bill Medicaid and Medicare. We
understand the unique challenges non profit
organizations face and offer technology
solutions that help you overcome them.
5 | mattnj.com
CONTACT US
14 ROUTE 10
E A S T HANOVER , NJ 07936
(80 0) 8 45 -220 0
MAT TNJ.COM
ADDITIONAL LOCATIONS
57 WES T 38TH S T
12TH FLOOR
NE W YORK , NY 10 018
10 0 DE AN S T
NE WARK , DEL AWARE 19711