February 8th, 2019 | Sterling

The background check compliance mistakes you may not realise you’re making

Background screening plays a fundamental role in the recruitment process for many organisations, however there can often be a degree of complexity when it comes to background screening compliance. To assist in streamlining your screening process and to help ensure you meet regulatory obligations, we’ve put together a list of the most common pitfalls to avoid when conducting background checks.

Want to find out more about this topic in person? Sign up for free to attend In-House Recruitment Expo in London on 26-27 February, where Steve Smith, Managing Director of Sterling, will be presenting in the Masterclass theatre.

Social Media Check #fails

Studies show that many employers perform social media checks on candidates during the hiring process, yet research conducted by Sterling found that only 40% do so as part of a formal background screening programme. Organisations that carry out ‘unofficial’ social media screening could face compliance issues because hiring managers may discover information about a candidate on social media that they aren’t allowed to use when making a hiring decision – and the applicant can potentially claim this played a part in the decision not to recruit them.

For example, if you discover information on a candidate relating to one of the protected characteristics, such as race, religion or sexual orientation, and you then decide to deny employment, you could be at risk of a discrimination claim, and the applicant, if successful in their claim, can be awarded compensation.

Social media searches must be compliant with discrimination and privacy laws, so make sure any social media searches that you carry out are part of a structured and documented screening programme, and that any information you use is relevant to the job role.

GDPR Headaches

The General Data Protection Regulation (GDPR), which came into force in May 2018, is an EU law that regulates the collection, use, disclosure and processing of personal data. Hiring managers and HR professionals often handle large amounts of personal candidate information when performing background checks, so it’s vital your screening programme is GDPR compliant.

However, there are a number of employers that still appear to be confused about their obligations under the GDPR. “Some hiring firms display a lack of clarity around the grounds on which they process data and therefore fail to include this in their privacy notice,” remarks Steve Smith. “Similarly, there are organisations which fail to have the correct processes in place to provide a candidate with all the information they hold on them upon request as required.”

Another obligation relating to GDPR, which may be one to look out for in the future, endeavours to ensure a human is involved in the decision-making process of programmes where candidate data is processed (background checks may fall into this category). With the pace of HR automation and technology only set to increase in the coming years, it is not difficult to see how some organisations could go on to fall foul of this regulation.

Criminal Record Check Confusion

Employers must ensure they perform the right type of criminal record check that is proportionate and relevant to the role in question. It sounds simple, but in truth, criminal record checks can be incredibly complex, and there may be legal risks if you get it wrong. Any criminal record check must comply with the Rehabilitation of Offenders Act (ROA) 1974, which protects individuals convicted of minor offences from future discrimination, and enables certain convictions to become ‘spent’ or ignored, after a rehabilitation period.

Research suggests, however, that some employers risk breaching the ROA by asking questions in job applications about criminal records, in a potentially unlawful or misleading way. Recruiters will also land themselves in hot water if they request information about spent convictions, as this is unlawful under the ROA unless the role, profession or industry falls within its list of exceptions.

While employers are not prohibited from asking job applicants about their criminal record, the ROA restricts the amount of information that an applicant needs to disclose, and limits the extent to which employers may base their decisions on the information provided.

To ensure compliance, be transparent in your approach and consistent and fair in your hiring practices. For more information, read this guide on tips for recruiting ex-offenders safely and fairly.

Inconsistent Decision Making

It’s crucial that all background checks, no matter the role, seniority or location, are thorough and consistent. However, the reality for most hiring firms is that a range of people manage different parts of the recruitment process, and it’s not typical that a single individual is responsible for every element of a hiring decision.

“The HR function can be split across multiple offices or regions, HR team members leave and new staff arrive, and discrepancies exist between what is managed by HR and what is managed by the hiring managers themselves,” comments Smith.

Unfortunately, this will often lead to inconsistent decision making and a lack of adherence to the documented process. A well-written and well-communicated background screening policy is therefore a must, to ensure that no matter who is involved in your background screening programme, they will understand what checks are suitable for which role, how each should be carried out and the compliance steps to follow.

The Contract and Temporary Workforce ‘Gap’

Research conducted by Sterling found that just 60% of employers screen their contingent workforce, such as contractors, freelancers and temporary workers, compared to the 89% who perform checks on their full-time employees.

There are a few reasons why some organisations fail to screen their contingent workforce. For instance, some may assume the recruitment agency has already performed checks, while others may feel as though they don’t have sufficient resources to screen non-permanent, short-term workers. This demographic often has the same access to company resources and sensitive information as their full-time counterparts, meaning that gaps in the screening process could bring about significant risks, including fraud, theft or data security breaches.

With increasing numbers of contingent workers entering the labour market, it’s important you are consistent with your screening, have effective policies in place, and carry out the same checks for both your contingent and permanent workforce.

This publication is for informational purposes only and nothing contained in it should be construed as legal advice. We expressly disclaim any warranty or responsibility for damages arising out this information. We encourage you to consult with legal counsel regarding your specific needs. We do not undertake any duty to update previously posted materials.