QUESTION
Which vendor has access to personal information?
1:35:18
·
52 sec
Matthew Fraser clarifies that IBC conducts QA in a test environment and does not necessarily have access to personal identifiable information (PII), and most data is managed by city resources or vetted screen vendors.
- IBC, a vendor, performs QA on the system's back end in a test environment, not typically accessing PII.
- Salesforce is identified as the platform the application runs on, with speculative access by some global administrators.
- The majority of constituent data is managed by city resources or specifically vetted screened vendors to protect PII.
- There are few vendors with the type of access to personal information as mentioned.
Jennifer GutiƩrrez
1:35:18
which vendor, I guess, has access to personal information of of of people?
Matthew Fraser
1:35:23
Which so I I think that between the portfolio of people, the 5 or 6 people that the deputy commissioner managed and budget has mentioned, IBC would be a vendor that does QA on the back end of the system, but they usually do that in a test environment.
1:35:38
So that doesn't necessarily mean they have access to PII.
1:35:40
And under and under that, I there there are very few that have that kind of access.
1:35:48
The platform that the application is built on is Salesforce.
1:35:51
So arguably Yeah.
1:35:54
The folks that are in Salesforce, some global administrative somewhere, but that speculative may have some sort of access.
1:36:01
I can attest to that, but most of the constituent data or all the constituent data is managed by city resources.
1:36:08
And if it's a vendor, it's a screen vendor that's vetted.
