Recruitment practices must change to protect the personal data of job candidates

Employers are risking fines of €20 million if they don’t change their recruitment and development practices to comply with the new General Data Protection Regulation on processing personal data, warns cut-e, the international assessment specialist.

The General Data Protection Regulation (GDPR), which comes into force on 25 May 2018, will strengthen and standardise European laws relating to the use of any ‘personal data’ that is collected from European Union citizens, even if the company concerned is located outside of the EU. Personal data includes an individual’s identity, contact details, social media posts and health information. Employers now need the consent of EU citizens to process their data and individuals have greater control over what companies can do with their information.

GDPR gives EU citizens the right to know exactly what information is held about them and it entitles them to have their personal data rectified if it is inaccurate or incomplete. Individuals will also be able to block the processing of their personal data and object to it being used for purposes such as direct marketing or research.

- Advertisement -

cut-e recommends that employers take proactive steps to: review their data collection processes to ensure that the purpose of the data is clear and legally compatible; enhance their internal data processing activities, to ensure personal data is processed lawfully and transparently; review their data transfer practices with subcontractors and service providers; understand how they can use aspects such as data encryption and the automated profiling of individuals for talent analytics purposes; introduce new data documentation measures for auditing, monitoring and evaluation, and design training programmes and resources to ensure employee compliance.

cut-e will host a webinar on GDPR compliance, and the implications for assessing job candidates, on 24 January 2018 at 11.00am CET. Register online for this webinar here:

For further information about compliance and GDPR, please email [email protected] or visit cut-e.com.

- Advertisement -