GDPR - The Data Heist in Recruitment

The Upgrade

If you cast your mind back to 1998, Microsoft release their most popular UI, Bill Clinton and Monica Lewinsky did not have sexual relations and the DPA came into effect – aka the UK Data Protection Act. Something you will be very familiar with hearing. DPA & GPDR are similar in more ways than one. The GPDR is essentially an extension of the DPA. It works on the concept of ‘controllers’ and ‘processors’ of data and if your business falls into one of those two categories (which nearly every business these days would) then the new regulation will apply to you. And despite what is going on with Brexit the process will still come into effect – so don’t hold on to that.

The Effect

The legislation focuses on stricter rules on data gathering, consent, storage, increased individual rights on personal data and the power to have your information deleted upon request. The main areas to focus on is:

• You will have direct responsibility over your own GPDR compliance and must be able to prove a true paper trail of agreements.
• Individual consent has to be given for separate actions (for example, when a candidate has given details for a vacancy you will not be able to add them to a generic mailing list). Implied consent will no longer be enough to share information.
• All candidate submissions must be for a valid role, contacted by the recruiter and given the vacancy details – before the CV is sent to the client. But this should be happening already!

It also recommends companies with data over two years old to delete it in order to keep records fresh. This is going to cause companies to spend substantial amounts on personnel to handle data. However some question whether records that have been gathered with prior consent should be so stringently scrutinised.

The Fallout

The main outcome of this is you need to have tighter processes and management of your data moving forward. But what about the data from before?

When it comes to recruitment, databases are the life blood of the industry. And best practise is to keep it as clean as possible. Nevertheless this information has normally been built up over the years and could have seen several touch points with the same candidate. However, sometimes how this data has been originally gathered is lost, but the GDPR requires you to maintain records of how you process all information within the company, what they have agreed to and not to, and certain criteria which is allowed to be shared. This puts a real spanner in the works for when it comes to the agencies that have stood the test of time.

The Purpose

Now this might all sound like a great deal of work in a short amount of time. And frankly it is. A lot of companies are being forced to create new departments, roles, or pay for third parties to help make sure they are compliant before May. But as data gathering grows thanks to the IoT, social media, search engines, commercial enterprise, you name it, more and more unique information will be gathered about us. So the transparency and control of this information is vital to avoid a big brother style future.

Digital Minister, Matt Hancock, who is leading the proposed overhaul said:

“It will give people more control over their data, require more consent of its use, and prepare Britain for Brexit.”

The Resolve

With the clock ticking, and the duty of the legislation, GDPR is an unavoidable truth. It is simply, like in most things with business, something that must be taken care off despite the work load attached. It will make an impact on the recruitment sector, but nothing that will rock its core. What is really making this duty seem so scary is the fines, and the tight deadline. But again, this is common in business.

If companies start now, it will make the beginning of 2018 far easier and cheaper. Plus with a good thought-out process in place when it comes to data gathering, and assessment, it will only help speed up recruitment.

But regardless, buckle up, as you will hear a lot about it in the coming months, and we will all be making large changes as a sector to get ready.