Thread Options
#1610644 - 09/29/11 04:53 PM GLBA - H R Vendors
jubank Offline
New Poster
Joined: Sep 2011
Posts: 11
Are Human Resource vendors (such as payroll, medical plan, life insurance companies, where the bank shares or provides employees' information) subject to vendor risk assessment and require the GLBA language in place?

Return to Top
Audit
#1611946 - 10/04/11 01:20 PM Re: GLBA - H R Vendors jubank
AFaquir Offline
Platinum Poster
AFaquir
Joined: Jan 2011
Posts: 763
Top of the world... and never ...
Are some of your employees account holders at your institution?

It is my thought that yes, they are high risk... however I do not think specifically under GLBA... with maybe the exception of payroll.

At our institution any vendor with whom we share covered personal information gets the full due diligence, risk assessment process, whether they are performing those duties at an account level or on our employees or customers in general.

Cheers!
_________________________
In life, there is a lot less that could get better and a lot more that could get worse.

MBA Fin/MBS HR

My views only!

Return to Top
#1619978 - 10/25/11 10:38 PM Re: GLBA - H R Vendors AFaquir
DerrickAuditor Offline
Member
Joined: Mar 2008
Posts: 91
USA
Don't forget HIPPA language for those receiving personal health information (PHI).

Return to Top

Moderator:  Andy_Z