Electronic Data Security Act to Protect Private Information Implemented to M365

The Challenge

Information security, compliance, and risk management are essential pillars of the modern workplace.

In 2019, New York joined California, Massachusetts, and Colorado in adopting a law requiring that businesses collecting private information implement reasonable cybersecurity safeguards to protect that information. The New York Stop Hacks and Improve Electronic Data Security (SHIELD) Act mandates the implementation of a data-security program, including measures such as risk assessments, workforce training, incident-response planning/testing, and secure data-destruction protocols.

The Problem

SoHo’s client, myHR Partner, ranks in the top third of Entrepreneur Magazine’s best entrepreneurial companies in America. myHR Partner handles the HR iissues that small- and mid-sized organizations face.

By handling the compliance and risk management, regulatory and legal requirements, managing payroll and benefits, myHR Partner assists companies to recruit and retain excellent labor. A consequence of myHR Partner’s success that it has large volumes of confidential information stored on its systems.

myHR Partner undertook SoHo’s Compliance Workshop to ensure that their systems were fully compliant with the regulatory landscape.

The Solution

SoHo’s Compliance Workshop identifies all the data held by a client, where it is, and how it is being used. With this information in place, SoHo identifies any compliance risks that may exist. SoHo provided a detailed assessment of myHR Partner’s IT and compliance priorities as well as initiatives. A report was formulated to provide short- , mid- , and long-term recommendations on a compliance strategy that fits with myHR Partner’s budget.

The Outcome

As a result of the engagement with SoHo, myHR Partner is now well placed to support its clients in one of the more tricky of the business administration arenas – regulatory compliance. 

Compliance and risk management strategies are "must haves," not "nice-to haves."

Systems were put in place to:

  • Review and acquire licenses
  • Configure and enable findings and insights from SoHo’s automated discovery process
  • Outline actionable recommendations and suggestions for improved mitigation and governance

In short, myHR Partner was provided with the processes to discover, protect, and govern its entire corporate data set.



Human Resources



Compliance & Security





Our Role

  • Explain MS license 
  • Advise on compliance 
  • Reconfigure M365 compliance features 

Project Success

  • Risk mitigation deployed
  • Compliance regulation road map navigated
  • Compliance regulation obtained
Project duration

Project duration

Less than 3 months

Want to know more on this case study? Call us: +1 (929) 257-1581