Case Study

Compliance and risk management; meeting SHIELD regulations

Project Summary

Information security, compliance, and risk management are essential pillars of the modern workplace.

In 2019, New York joined California, Massachusetts, and Colorado in adopting a law requiring that businesses collecting private information implement reasonable cybersecurity safeguards to protect that information. The New York SHIELD (Stop Hacks and Improve Electronic Data Security) Act mandates the implementation of a data-security program, including measures such as risk assessments, workforce training, incident-response planning/testing, and secure data-destruction protocols.

The Problem

SoHo’s client, myHR Partner ranks in the top third of Entrepreneur magazine’s best entrepreneurial companies in America. myHR Partner abstracts away the HR issues that small- and mid-sized organizations face. 

By handling the compliance and risk management, regulatory and legal requirements, managing payroll and benefits, myHR Partner assists companies to recruit and retain excellent labor. A consequence of myHR Partner’s success that they have large volumes of confidential information stored on their systems.

myHR Partner undertook SoHo’s Compliance Workshop to ensure that their systems were fully compliant with the regulatory landscape.

The Solution

SoHo’s Compliance Workshop identifies all the data held by a client, where it is, and how it’s being used. With this information in place, SoHo identifies any compliance risks that may exist. SoHo provided a detailed assessment of myHR Partner’s IT and compliance priorities as well as initiatives. A report was formulated to provide short, mid, and long-term recommendations on a compliance strategy that fits with myHR Partner’s budget.

The Outcome

As a result of the engagement with SoHo, myHR Partner is now well placed to support its clients in one of the more tricky of the business administration arenas – regulatory compliance.

Compliance and risk management strategies are must-haves, not nice-to-have!

Systems were put in place to:

  • Review and acquire licenses
  • Configure and enable findings and insights from SoHo’s automated discovery process
  • Outline actionable recommendations and suggestions for improved mitigation and governance

In short, myHR Partner was provided with the processes to discover, protect, and govern their entire corporate data set.

Sector

Human Resources

Practice

Compliance & Security

Technology

O365

Our Role

  • MS License explanation and configuration
  • Compliance advice an implemented
  • MS O365 compliance features switched in and configured

Project Success

  • Risk mitigation deployed
  • Compliance regulation road map, navigated
  • Compliance regulation obtained

Technology

  • Office 365
  • MS Security & Compliance Center
  • E3, E5
Want to know more on this case study. Call us +1 (929) 257-1581