Employers need to be careful with job candidates' personal info

by

Employers typically conduct background checks on job candidates because they want the people they choose to be honest and trustworthy. Knowing who they’re hiring protects employees and customers, improves the quality of hires, protects their brand’s reputation, and reduces the risks of theft and other criminal activities.

To ensure job applicants possess these traits, employers often ask them to provide detailed information about their backgrounds to ensure they are worthy candidates. But how much personal information is too much? What does a company do if the sensitive information they’ve collected gets into the wrong hands?

Risks associated with collecting job applicants’ data

Companies indisputably have to collect, process, and store data of all kinds. Of course, there are risks associated with utilizing data including:

  • Malware infections leaving data exposed to cybercriminals to exploit.
  • Employees stealing data and selling it for personal gain.
  • IT staff responsible for safeguarding data around the clock becoming fatigued.
  • The company isn't creating and/or adhering to good data retention policies.
  • Employees accidentally causing a data breach by weak passwords, emailing sensitive information, or falling victim to a phishing or other social engineering scams.

 According to some statistics, 69% of companies have already experienced a data breach by an internal threat, despite protective mechanisms being in place. External threats are a reality as well.

Major laws passed regarding data breaches

The consequences of data breaches are becoming harsher as time passes. In 2016, the European Union passed the General Data Protection Regulation (GDPR) which U.S. companies must follow if they are hiring people or sending data through the EU. This law has been a major game-changer for companies to protect consumers (including job applicant) data.

On the domestic front, in January 2008, the U.S. passed the “Red Flags Rule” to get companies to take data breach risks seriously. Businesses must also follow the newly enacted California Consumer Privacy Act, and consider the possibility other states have already passed their own laws or are going to soon follow the lead of California’s new stringent law.

Protect yourself by limiting data you collect in-house

Candidate data is valuable on a multitude of levels, but it’s a smart strategy to only collect the information you absolutely need at the hiring stage. While few would argue once a candidate is selected to fill a position, you would be required to collect personal and sensitive information, most of the data collected during a background check on a candidate doesn't need to be stored in-house for those not hired. Data breach concerns have led to an increased focus on the security of candidate data. Many experts believe employers should consider turning to companies that specialize in background checks to handle sensitive data. Working with a screening service, like Microbilt, can eliminate many of the risks associated with collecting candidate information.

Microbilt understands the importance of hiring a trustworthy candidate while maintaining the integrity of sensitive data. We are compliant with all laws related to collecting data for the use of performing background checks and our background screening products can help you to make smart hiring decisions while remaining in compliance with these laws. To learn more about our services, contact us today.