Understanding the Impact of Data Legislation for Recruiters – Part Two
In the second of this blog series Toby Conibear, European Business Development Director at Bond International Software provides his tips on data use and strategy ahead of the imminent EU Data Protection legislation changes due to be implemented late 2015 into 2016.
Understanding that your business culture needs to change due to the upcoming legalisation introduction is one thing, but actually implementing any changes is another challenge entirely. Here are the first top five tips on how best to approach data security in the recruitment industry:
- Clearly outline your data protection policy on your website – It is highly likely that your potential candidates and clients will meet your website before they meet you in person. Being open, transparent and honest about how you collect and store personal data will ensure that you are not only meeting the legislation changes, but also being seen as a reputable business from that perspective.
- Update legacy candidate data to comply with data protection rules – Whilst you have your new processes in place, there is still a bank of legacy information stored on your database or CRM. Don’t get caught out by old candidate information saved incorrectly.
- Be prepared to handle ‘right to be forgotten’ requests – Hold team training sessions on best practice ways to handle situations with candidates, because having one response as a business is important. There will be requests, so ensure your team is comfortable and happy with the business process of handling them.
- Beware of how you handle information – What can seem like a simple email can potentially lead you into trouble. It is important to handle your data correctly no matter what channel or format it may be in. There are different options available, such as Outlook Add-ins which can help. Take a look at all of your processing practices to ensure every touch-point with data meets the new legislation.
- Select the right software provider – So you have spent time and effort ensuring your business processes, strategy and culture fits with the new legislation – then you realise your software provider doesn’t have adequate Cloud security. This might seem in hand at your software provider, surely they have the right security in place, but internal processes and security standards can differ. Make sure your provider has rigorous Cloud security standards and recognised accreditation to protect against any shortcomings or cyber-crime.