Protecting Information Privacy in M365
The HR company is now well placed to support its clients in one of the more tricky of the business administration arenas – regulatory compliance.
Information security, compliance, and risk management are essential pillars of the modern workplace.
In 2019, New York joined California, Massachusetts, and Colorado in adopting a law requiring that businesses collecting private information implement reasonable cybersecurity safeguards to protect that information. The New York Stop Hacks and Improve Electronic Data Security (SHIELD) Act mandates the implementation of a data-security program, including measures such as risk assessments, workforce training, incident-response planning/testing, and secure data-destruction protocols.
SoHo’s client, myHR Partner, ranks in the top third of Entrepreneur Magazine’s best entrepreneurial companies in America. myHR Partner handles the HR iissues that small- and mid-sized organizations face.
By handling the compliance and risk management, regulatory and legal requirements, managing payroll and benefits, myHR Partner assists companies to recruit and retain excellent labor. A consequence of myHR Partner’s success that it has large volumes of confidential information stored on its systems.
myHR Partner undertook SoHo’s Compliance Workshop to ensure that their systems were fully compliant with the regulatory landscape.
SoHo’s Compliance Workshop identifies all the data held by a client, where it is, and how it is being used. With this information in place, SoHo identifies any compliance risks that may exist. SoHo provided a detailed assessment of myHR Partner’s IT and compliance priorities as well as initiatives. A report was formulated to provide short- , mid- , and long-term recommendations on a compliance strategy that fits with myHR Partner’s budget.
As a result of the engagement with SoHo, myHR Partner is now well placed to support its clients in one of the more tricky of the business administration arenas – regulatory compliance.
Compliance and risk management strategies are "must haves," not "nice-to haves."
Systems were put in place to:
- Review and acquire licenses
- Configure and enable findings and insights from SoHo’s automated discovery process
- Outline actionable recommendations and suggestions for improved mitigation and governance
In short, myHR Partner was provided with the processes to discover, protect, and govern its entire corporate data set.