
Electronic Data Security Act to Protect Private Information Implemented to M365
The Challenge
Information security, compliance, and risk management are essential pillars of the modern workplace.
In 2019, New York joined California, Massachusetts, and Colorado in adopting a law requiring that businesses collecting private information implement reasonable cybersecurity safeguards to protect that information. The New York Stop Hacks and Improve Electronic Data Security (SHIELD) Act mandates the implementation of a data-security program, including measures such as risk assessments, workforce training, incident-response planning/testing, and secure data-destruction protocols.
The Problem
SoHo’s client, myHR Partner, ranks in the top third of Entrepreneur Magazine’s best entrepreneurial companies in America. myHR Partner handles the HR iissues that small- and mid-sized organizations face.
By handling the compliance and risk management, regulatory and legal requirements, managing payroll and benefits, myHR Partner assists companies to recruit and retain excellent labor. A consequence of myHR Partner’s success that it has large volumes of confidential information stored on its systems.
myHR Partner undertook SoHo’s Compliance Workshop to ensure that their systems were fully compliant with the regulatory landscape.
The Solution
SoHo’s Compliance Workshop identifies all the data held by a client, where it is, and how it is being used. With this information in place, SoHo identifies any compliance risks that may exist. SoHo provided a detailed assessment of myHR Partner’s IT and compliance priorities as well as initiatives. A report was formulated to provide short- , mid- , and long-term recommendations on a compliance strategy that fits with myHR Partner’s budget.
The Outcome
As a result of the engagement with SoHo, myHR Partner is now well placed to support its clients in one of the more tricky of the business administration arenas – regulatory compliance.
Compliance and risk management strategies are "must haves," not "nice-to haves."
Systems were put in place to:
- Review and acquire licenses
- Configure and enable findings and insights from SoHo’s automated discovery process
- Outline actionable recommendations and suggestions for improved mitigation and governance
In short, myHR Partner was provided with the processes to discover, protect, and govern its entire corporate data set.

Sector
Human Resources

Practice
Compliance & Security

Technology
M365

Our Role
- Explain MS license
- Advise on compliance
- Reconfigure M365 compliance features

Project Success
- Risk mitigation deployed
- Compliance regulation road map navigated
- Compliance regulation obtained

Project duration
Less than 3 months