7th September 2017

GDPR and recruitment: Upping the stakes on privacy protection for candidate Personal Identifiable Information


New privacy standard for individuals means better business IT security

Barely a week passes without some news of a major information security incident. Recently, we’ve had ransomware attacks exploiting the ageing population of Windows XP computers that are still being operated by the creaking NHS, and media and entertainment giants like HBO, who really should be locking things up better, being blackmailed over stolen episodes of Game of Thrones which are yet to be broadcast.
However, across the globe, information security is set to get a shake-up. On 25 May 2018, GDPR, or formally the European Union General Data Protection Regulation (EU-GDPR) comes into force. It is one of the most significant changes to the regulatory frameworks which govern business practice for many years.
Ostensibly, GDPR is a legislative instrument aimed at protecting privacy and the rights of individuals in regard to how Personal Identifiable Information (PII) is controlled and processed by businesses and public bodies. While this may seem to be of benefit mainly to citizens, it is actually a very strong premise from which to build a universal security framework.
Adhering to the framework enables businesses to achieve a better standard of security and helps to promote a more consistent approach to information security. For recruitment agencies this means greater confidence when sharing information with clients and supplier organisations as well as delivery partners and other third parties.
Following the framework also means the processes that support achieving compliance become embedded. The GDPR is designed to provoke a change in culture, and it doesn’t just include IT security measures and the practice of technology staff; it includes each and every user of business technology in your recruitment firm.

GDPR overview – the quick facts recruitment firms need to know

A good way to get a handle on GDPR is to consider the following key points about the legislation.

Implications of GDPR for the recruitment industry

Recruitment businesses hold important and valuable information about significant numbers of people. In fact, with the exception of medical records, recruitment firms often hold some of the most valuable personal information that individuals possess.
If, address, phone numbers and email seem like run of the mill pieces of data, DoB, educational achievement, professional qualifications and accreditations and work histories certainly are not. Then, there may be copies of passports, driving licence and immigration documents.
And it’s not just the information your agency holds. It’s also about what data you share and who you share it with. The GDPR requirements around obtaining permission to process data, data breach notification and the penalty system are going to focus minds across the business world.

Best advice on GDPR and ETZ

The best advice is for all recruitment firms to take control of preparing for GDPR as soon as possible. With the GDPR set to enter force on 25th May 2018, some might be forgiven for wondering: “Why the rush to take control of it now?”
However, there are no quick fixes to GDPR compliance. The best approach is a comprehensive assessment of where your recruitment business currently stands on IT security. Engaging with a good IT support company that is able to audit, identify gaps and work out how to get you to where you need to be to meet the GDPR standard is a good approach.
ETZ is developed and hosted from cloud infrastructure operated in line with ISO 27001, the internationally recognised standard for information security. Where appropriate, our systems will be updated to meet any changes to the standard required to accommodate GDPR.
For more on GDPR click here to take a look at ‘Preparing for the General Data Protection Regulation (GDPR) 12 steps to take now’ from the Information Commissioner’s Office (ICO).

Download your free guide

7 smart ideas to grow your recruitment agency.

Download Now
Download your free guide

Latest Posts

Recruitment, RecTech

Efficient recruitment back office operations: A guide to advanced automation with ETZEfficient recruitment back office operations: A guide to advanced automation with ETZ

15th September 2023

Boosting operational efficiency in the recruitment back office The back office of a recruitment agency plays a pivotal role in...

Read more
AI, Recruitment

Thought leadership? The most progressive recruiters will aspire to ‘thought readership’!Thought leadership? The most progressive recruiters will aspire to ‘thought readership’!

1st September 2023

Does ‘thought readership’ have a place in recruitment? In recruitment, in the battle for audience engagement, just like any other...

Read more

Unleashing the power of RecTech: The recruitment agency investment that keeps on givingUnleashing the power of RecTech: The recruitment agency investment that keeps on giving

28th August 2023

Mastering RecTech determines your level of success The operating environment is dynamic and fast-moving. The opposition is aggressive and hungry...

Read more

See what ETZ could do for your agency with an online demo

Save hassle, time and money with our powerful software.

Book a Demo

Sign Up To Our Newsletter