7th September 2017

GDPR and recruitment: Upping the stakes on privacy protection for candidate Personal Identifiable Information


New privacy standard for individuals means better business IT security

Barely a week passes without some news of a major information security incident. Recently, we’ve had ransomware attacks exploiting the ageing population of Windows XP computers that are still being operated by the creaking NHS, and media and entertainment giants like HBO, who really should be locking things up better, being blackmailed over stolen episodes of Game of Thrones which are yet to be broadcast.
However, across the globe, information security is set to get a shake-up. On 25 May 2018, GDPR, or formally the European Union General Data Protection Regulation (EU-GDPR) comes into force. It is one of the most significant changes to the regulatory frameworks which govern business practice for many years.
Ostensibly, GDPR is a legislative instrument aimed at protecting privacy and the rights of individuals in regard to how Personal Identifiable Information (PII) is controlled and processed by businesses and public bodies. While this may seem to be of benefit mainly to citizens, it is actually a very strong premise from which to build a universal security framework.
Adhering to the framework enables businesses to achieve a better standard of security and helps to promote a more consistent approach to information security. For recruitment agencies this means greater confidence when sharing information with clients and supplier organisations as well as delivery partners and other third parties.
Following the framework also means the processes that support achieving compliance become embedded. The GDPR is designed to provoke a change in culture, and it doesn’t just include IT security measures and the practice of technology staff; it includes each and every user of business technology in your recruitment firm.

GDPR overview – the quick facts recruitment firms need to know

A good way to get a handle on GDPR is to consider the following key points about the legislation.

Implications of GDPR for the recruitment industry

Recruitment businesses hold important and valuable information about significant numbers of people. In fact, with the exception of medical records, recruitment firms often hold some of the most valuable personal information that individuals possess.
If, address, phone numbers and email seem like run of the mill pieces of data, DoB, educational achievement, professional qualifications and accreditations and work histories certainly are not. Then, there may be copies of passports, driving licence and immigration documents.
And it’s not just the information your agency holds. It’s also about what data you share and who you share it with. The GDPR requirements around obtaining permission to process data, data breach notification and the penalty system are going to focus minds across the business world.

Best advice on GDPR and ETZ

The best advice is for all recruitment firms to take control of preparing for GDPR as soon as possible. With the GDPR set to enter force on 25th May 2018, some might be forgiven for wondering: “Why the rush to take control of it now?”
However, there are no quick fixes to GDPR compliance. The best approach is a comprehensive assessment of where your recruitment business currently stands on IT security. Engaging with a good IT support company that is able to audit, identify gaps and work out how to get you to where you need to be to meet the GDPR standard is a good approach.
ETZ is developed and hosted from cloud infrastructure operated in line with ISO 27001, the internationally recognised standard for information security. Where appropriate, our systems will be updated to meet any changes to the standard required to accommodate GDPR.
For more on GDPR click here to take a look at ‘Preparing for the General Data Protection Regulation (GDPR) 12 steps to take now’ from the Information Commissioner’s Office (ICO).

Download your free guide

7 smart ideas to grow your recruitment agency.

Download Now
Download your free guide

Latest Posts


How to organise your agency’s data to get new business insights and gain competitive advantageHow to organise your agency’s data to get new business insights and gain competitive advantage

12th October 2021

Get your agency’s data to work harder The world of recruitment can be very cut and thrust. Agencies have a...

Read more

Hidden Workers: Tapping overlooked talent pools to reduce worker shortagesHidden Workers: Tapping overlooked talent pools to reduce worker shortages

4th October 2021

Solving worker shortages requires more than just tweaking visa policy So, the government U-turn we predicted a few weeks back...

Read more

Worker shortages? Where are the robots…?Worker shortages? Where are the robots…?

27th September 2021

The promise of automation and robotics… In recent times, one of the big debates about the future of work has...

Read more

See what ETZ could do for your agency with an online demo

Save hassle, time and money with our powerful software.

Book a Demo

Sign Up To Our Newsletter