Non-profit organizations (NPOs) in Nairobi, Kenya play a crucial role in healthcare data management and privacy compliance. However, their adherence to established guidelines can vary significantly. A mixed-methods approach was employed, combining quantitative surveys with qualitative interviews. A convenience sample of 50 NPOs was selected, and structured questionnaires were administered to assess their practices and challenges related to data privacy. The survey revealed that only 40% of the sampled organizations had implemented robust encryption protocols for sensitive healthcare data, indicating a significant gap in compliance with international standards such as GDPR. Interviews highlighted common issues like insufficient training on data protection laws and inadequate IT infrastructure support. Despite the challenges identified, there is potential for improvement if NPOs adopt more comprehensive data privacy measures aligned with recognised best practices. NPO leaders should prioritise investment in staff training programmes focused on data privacy regulations. Additionally, they should seek partnerships with technology providers to enhance IT security and compliance tools. Non-Profit Organizations, Healthcare Data Privacy, Nairobi, Kenya, Compliance Strategies Treatment effect was estimated with $\text{logit}(p_i)=\beta_0+\beta^\top X_i$, and uncertainty reported using confidence-interval based inference.