Our website uses cookies. By continuing we assume your permission to deploy cookies, as detailed in our Cookie Policy.

Quick Job Search

Get in Touch

Whether you are looking to partner with us on your latest recruitment drive, are in the market for a new role or want to join our team, get in touch and one of our team will get back to you.

PHONE: +44 1273 320 860

EMAIL: brighton@mrlcg.com

MRL
Contact Us
Language
EN

These four letters could be sending shivers down your spine: GPDR The General Data Protection Regulation comes into effect on the 25th of May 2018, leaving less than nine months for businesses to prepare and cleanse years’ worth of data. Companies across Europe are having the same reaction, as Executives scramble to prepare for the looming deadline, and try to get their heads around the nuances of the requirements and the widely contradictory demands. Some have already opted to just stop using email as a form of comms all together.

The Upgrade

If you cast your mind back to 1998, Microsoft release their most popular UI, Bill Clinton and Monica Lewinsky did not have sexual relations and the DPA came into effect – aka the UK Data Protection Act. Something you will be very familiar with hearing. DPA & GPDR are similar in more ways than one. The GPDR is essentially an extension of the DPA. It works on the concept of ‘controllers’ and ‘processors’ of data and if your business falls into one of those two categories (which nearly every business these days would) then the new regulation will apply to you. And despite what is going on with Brexit the process will still come into effect – so don’t hold on to that.

The Effect

The legislation focuses on stricter rules on data gathering, consent, storage, increased individual rights on personal data and the power to have your information deleted upon request. The main areas to focus on is:

  • You will have direct responsibility over your own GPDR compliance and must be able to prove a true paper trail of agreements.
  • Individual consent has to be given for separate actions (for example, when a candidate has given details for a vacancy you will not be able to add them to a generic mailing list). Implied consent will no longer be enough to share information.
  • All candidate submissions must be for a valid role, contacted by the recruiter and given the vacancy details – before the CV is sent to the client. But this should be happening already!

It also recommends companies with data over two years old to delete it in order to keep records fresh. This is going to cause companies to spend substantial amounts on personnel to handle data. However some question whether records that have been gathered with prior consent should be so stringently scrutinised.

The Fallout

The main outcome of this is you need to have tighter processes and management of your data moving forward. But what about the data from before?

When it comes to recruitment, databases are the life blood of the industry. And best practise is to keep it as clean as possible. Nevertheless this information has normally been built up over the years and could have seen several touch points with the same candidate. However, sometimes how this data has been originally gathered is lost, but the GDPR requires you to maintain records of how you process all information within the company, what they have agreed to and not to, and certain criteria which is allowed to be shared. This puts a real spanner in the works for when it comes to the agencies that have stood the test of time.

The Purpose

Now this might all sound like a great deal of work in a short amount of time. And frankly it is. A lot of companies are being forced to create new departments, roles, or pay for third parties to help make sure they are compliant before May. But as data gathering grows thanks to the IoT, social media, search engines, commercial enterprise, you name it, more and more unique information will be gathered about us. So the transparency and control of this information is vital to avoid a big brother style future.

Digital Minister, Matt Hancock, who is leading the proposed overhaul said:

“It will give people more control over their data, require more consent of its use, and prepare Britain for Brexit.”

The Resolve

With the clock ticking, and the duty of the legislation, GDPR is an unavoidable truth. It is simply, like in most things with business, something that must be taken care off despite the work load attached. It will make an impact on the recruitment sector, but nothing that will rock its core. What is really making this duty seem so scary is the fines, and the tight deadline. But again, this is common in business.

If companies start now, it will make the beginning of 2018 far easier and cheaper. Plus with a good thought-out process in place when it comes to data gathering, and assessment, it will only help speed up recruitment.

But regardless, buckle up, as you will hear a lot about it in the coming months, and we will all be making large changes as a sector to get ready.

Related posts

Copyright MRL Group , Designed by Venn Digital

Apply for:

To send us your CV, please use the form below, including any additional information regarding your requirements.

CV Upload

Looking for opportunities?

Upload your CV and we’ll find a role for you.

Upload CV