13 Mar 2018Previous Page
Candidate recruitment is perceived to become that bit more challenging with the introduction of GDPR on 25th May, however these changes shouldn’t feel too daunting for you and your business.
Using a GDPR compliant recruitment agency such as Eolas Recruitment to find the right candidates for your vacancies is the ideal way to ensure you meet the compliance requirements specified by the new regulations.
You’re sure to have heard of GDPR with only a matter of weeks before the implementation deadline, but you might not be sure what it really means or how it is set to affect your business – including your recruitment processes.
GDPR – General Data Protection Regulation – will unify and strengthen data protection across the whole of the EU. The regulations provide individuals (candidates) with more control than they have previously had over what companies can do with their personal data. Fines for non-compliance and data breaches are considerable.
The regulations will impact any business that collects, processes and uses personal information – with implications for anyone that recruits staff.
GDPR is intended to increase security and enforce clear legal guidelines across the EU, with the aim of increasing trust in the digital arena.
The new GDPR framework will bring the existing data protection legislation – the Data Protection Act 1998 – up to date with the changing ways that data is now used. The current legislation is out of date as it was established before internet usage and cloud based systems became the norm.
The associated risks of data exploitation – particularly with the proliferation of ‘The Internet of Things’ – should be reduced by increasing the security around data protection legislation, plus stricter enforcement and prosecution measures will be introduced.
GDPR will also establish a uniform legal framework across the EU, with identical data protection laws to which businesses must adhere.
Two main groups will be affected by the new regulations:
‘Controllers’ of data – those who state how and why personal data is processed. These range from online businesses to banks, charities and even the government – anyone who collects any element of personal data from an individual
The regulations specify that even if these data controllers and processors are not based in the EU, they still need to be GDPR compliant as the data they are handling belongs to EU residents.
It is the responsibility of the data controller to ensure their data processor adheres to data protection laws.
GDPR will change the way that recruitment agencies gather and use confidential personal information.
Agencies will have to be make it clear as to:
How candidates can access their data
Consent will be fundamental – an agency will have to ask for each individual job seeker’s consent every time they wish to use any personal information. Recruiters will no longer be able to access candidate information from social media channels and platforms such as Linkedin, unless the candidate has given their express consent for the recruiter to do so.
At Eolas Recruitment, our processes and policies are already fully compliant with these requirements.
The risk of advertising your current vacancies yourself and requesting applicants to apply directly to a job advertisement with their CV is that under GDPR you become the ‘data controller’, with the responsibility for the personal data of each applicant.
The regulations state that, as a data controller, you must keep records of how and where an individual gave their express consent for you to collect their data. You must also adhere to the individual’s right to withdraw their consent to holding their data whenever they choose.
A GDPR-compliant recruitment agency such as Eolas Recruitment will collect CVs, covering letters and other confidential candidate information for you, ensuring the data is stored, protected and maintained in line with the guidelines.
Whilst our intention is not to scaremonger, if you use a recruitment agency that is not GDPR compliant, or you do not use an agency and manage your recruitment yourself and you fail to meet GDPR guidelines, you face:
Although the regulations may seem daunting, the introduction of GDPR will be beneficial for clients and job seekers alike, with benefits for both parties.
At Eolas Recruitment, we anticipated the regulations coming into force last year, so we engaged the services of a specialist consultancy to ensure our compliance. As a result, we are among the first recruitment agencies to become fully GDPR compliant.