Information security, compliance, and risk management are essential pillars of the modern workplace.
In 2019, New York joined California, Massachusetts, and Colorado in adopting a law requiring that businesses collecting private information implement reasonable cybersecurity safeguards to protect that information. The New York SHIELD (Stop Hacks and Improve Electronic Data Security) Act mandates the implementation of a data-security program, including measures such as risk assessments, workforce training, incident-response planning/testing, and secure data-destruction protocols.
The Problem
SoHo’s client, myHR Partner, ranks in the top third of Entrepreneur magazine’s best entrepreneurial companies in America. myHR Partner abstracts away the HR issues that small- and mid-sized organizations face.
By handling the compliance and risk management, regulatory and legal requirements, managing payroll and benefits, myHR Partner assists companies to recruit and retain excellent labor. A consequence of myHR Partner’s success that they have large volumes of confidential information stored on their systems.
myHR Partner undertook SoHo’s Compliance Workshop to ensure that their systems were fully compliant with the regulatory landscape.
The Solution
SoHo’s Compliance Workshop identifies all the data held by a client, where it is, and how it’s being used. With this information in place, SoHo identifies any compliance risks that may exist. SoHo provided a detailed assessment of myHR Partner’s IT and compliance priorities as well as initiatives. A report was formulated to provide short, mid, and long-term recommendations on a compliance strategy that fits with myHR Partner’s budget.
The Outcome
As a result of the engagement with SoHo, myHR Partner is now well placed to support its clients in one of the more tricky of the business administration arenas – regulatory compliance.
Compliance and risk management strategies are must-haves, not nice-to-have!
Systems were put in place to:
- Review and acquire licenses
- Configure and enable findings and insights from SoHo’s automated discovery process
- Outline actionable recommendations and suggestions for improved mitigation and governance
In short, myHR Partner was provided with the processes to discover, protect, and govern their entire corporate data set.
