GDPR and Security Recruitment
GDPR (General Data Protection Regulation) is nearly upon us and there’s no avoiding it. The new laws coming into force on 25 May 2018 strengthen the rules around personal data and require organisations to be more accountable and transparent. It also gives people greater control over their own personal data.
Zitko customers can rest assured that we are already following the ICO approved process to prepare for GDPR and will be fully compliant come 2018. More details on how we manage our own data can be found here.
GDPR poses several issues for the industry, and the current widespread misuse of candidate information. We have already experienced numerous instances of CV farming and more commonly CV submission without permission of the job seeker. Whilst GDPR clearly restricts any organisation mismanaging individual data this way, there could also be compliance issues for any client acting on that data.
The terms and conditions for job boards like CV Library, Jobsite and Reed all clearly state that the ‘express consent’ of the job seeker must be granted for an agency to send their details to a client. Whilst current outdated data protection laws allow for these actions to largely go unpunished, GDPR will significantly increase the repercussions to any agency and potentially by default their clients should a candidate explore their options once their data has been misused.
We are actively engaging with our IT and legal partners to provide our clients with clear and concise information on GDPR and its implications for the security recruitment industry. Further information will be provided in due course. For any additional questions on the matter, contact the team here.