What the GDPR Means for Recruitment

As ever increasing amounts of our lives are shifted online, data protection has never been more important. For most of us our banking will be done online – almost all of our correspondence will be – we socialise there, shop there, pinpoint our locations. Everywhere we go, on every website we visit, we are leaving a digital stream of data hollowed out in our form.

But with big businesses owning so much of this data, how do we know that we’re protected?

The EU has set plans in place which will give users more control over their data, determining who can access it and what can be done with it. Due to come into place in May 2018, the General Data Protection Regulation (GDPR) will require that businesses are safeguarding information on their clients and staff.

This is going to have a big impact on how recruitment is conducted and will mean that a shoring up of applicant data is an absolute must. A breach of the sensitive information collected on candidates could result in a fine of €20 million, or 4% of turnover – whichever is greater. For instance, a breach could include sharing information without permission, or keeping information on candidates after the agreed-upon deletion date.

Although the laws concerning social media ‘research’ on candidates are currently pretty vague, the GDPR is likely to put in place restrictions on recruiters using Facebook, Twitter and Instagram to create a profile on a candidate. A party working for data protection in the EU has stated that in most cases, a business would need ‘legal grounds’ in order to ‘snoop’ on potential recruits. However, there are no absolute terms on this, and it seems that the wording may remain vague. As such, it’s a practise probably best avoided.

GDPR and Hiring

Actually implementing best practises regarding data protection is going to require in-house experts, according to research from Robert Half UK. A study they conducted claims that 66% of Chief Information Officers (CIOs) will hire full time staff to cope with next year’s introduction. A further 64% of CIOs are looking to hire temporary staff.

On top of this, the survey found that demand for project managers, business analysts and data protection officers is also likely to increase. Therefore candidates with the following traits and skill sets will be in hot demand:

– Knowledge of analytics (44%)

– Regulation and compliance (39%)

– Project management (38%)

– Strategic thinking (39%)

– Communication skills (39%)

– Attention to detail (31%)

Speaking on the GDPR, Phil Sheridan, a Senior Managing Director at Robert Half UK said:

“GDPR is the latest piece of legislation to evolve the compliance and regulatory landscape in the UK and across Europe.

“As demand for candidates with the required technical and project management skills reaches fever pitch, business should seek out those with the transferable skills required to ensure compliance. While GDPR certified practitioners are in short supply, project managers and business analysts with experience in MiFID ll and SOX, among others, with have the requisite skills to support, particularly on an interim and project basis.”

GDPR’ and Criminal Finances Act

Whilst businesses should be readying for the GDPR, many companies have overlooked the impending Criminal Finance Act which will come into action at the end of September 2017, according to 6CATS International.

This new legislation means that organisations will become criminally liable if they facilitate, or fail to prevent tax evasion by an employee, contractor or supplier. So as you can see, it’s pretty far reaching, and the consequences include; an unlimited fine, reputational damage, the withdrawing of licenses by regulators and even prison sentences in the most extreme cases.

So be sure that you’re readying yourself for both!

[Tweet “What the GDPR Means for Recruitment”]