In few areas is this more pertinent than when conducting pre-employment background checks, which necessarily involves collecting, storing and processing personal data.
Here’s how you can create and run an effective and compliant pre-employment screening program.
Understand your companys risk profile
While many organisations consider brand and reputational risk among the top reasons to conduct pre-pre-employment screening, not all businesses face the same types and levels of risk. While organisations understandably wish to avoid bad publicity, risk profiles inevitably vary between companies and industry sectors. For example, the HR and risk team of a widget manufacturing company are likely to take a very different view of bad-hire risk than their counterparts in a dynamite manufacturer.
Other risk-profile considerations include whether or not the company has regulatory responsibilities to demonstrate due diligence in hiring, such as financial institutions and those working with sensitive or vulnerable people.
Build a strong policy
Pre-employment screening sets the tone of an organisation and establishes expectations for potential and existing employees. (In a purely operational sense, is also provides the framework and principles on which the day-to-day screening program depends.) When developing a screening best practice policy, it is important to consider:
Consistency applying the same package and depth of checks for all employees of the same level, to ensure fairness and integrity of reportin.
Transparency the existence and nature of your pre-employment screening program must be well communicated and universally understood. In some countries, any measures a company takes in relation to its employees need be discussed with local works councils.
Proportionality ” this tenet of privacy applies equally to pre-employment screening. In short, the background screening and collection of information should not be excessive, or disproportionate to the risk. So, while it would be considered proportionate to conduct a credit check on a person who is handling money, it might be considered excessive to do so for all employees (unless they were working in financial or payment card industries, for example).
Determine who owns pre-employment screening
In some organisations, HR owns screening as part of recruitment/on-boarding whilst in others particularly regulated ones risk/compliance teams may take responsibility. Establishing ownership is important as it also establishes accountability. In addition, you should:
Draft a consent form. In the privacy frameworks of the European Union, some Asia Pacific countries, the United States and the United Arab Emirates, it is required that the individual understands the purpose of data collection, along with how the information will be used and stored. As pre-employment screening is the collection and verification of candidate-supplied information, consent is a must in countries with privacy frameworks and best practice everywhere else.
Build packages of services. Creating pre-defined service packages ensures that your screening policy will be consistently applied. Best practices basic packages include:
- Criminal check
- Global sanctions and watchlists
- Verification of identity documents (e.g. passport)
Depending on the position level or banding, the following checks may also be appropriate:
- Adverse Media
- Academic qualifications
- Employment history
- Adverse media
- Employment gap