As workforces become more and more distributed across geographical boundaries, the efforts to effectively manage employees (and prospective employees) becomes more and more complex. This is particularly true when dealing with the issues of background checks and credential verification.
The employment laws of various states have limitations on what one can ask on an employment application. However, most of the limits on prospective employee screening are centered on what an employer can use information for.
A prime example of this is the Fair Credit Reporting Act (“FCRA”) and its limitations on “permissible purpose” and “adverse action”. In general, if an employer has a permissible purpose for using data covered by the FCRA, the employer can go to a background screening company and get a report on an individual (with their consent).
When a company starts to have employees across multiple country jurisdictions, the number of laws increase exponentially. Not only does the employer have to worry about a country’s version of the FCRA, if any (e.g. South Korea’s Use and Protection of Credit Information Act), but many countries now have enacted general purpose (or “omnibus”) privacy legislation.
This creates an additional umbrella of regulation which impacts not only consumer background report information, but all information which is personal in nature and can be related to a specific individual.
The EU has had data protection obligations since the ‘90’s. And while the intent of the EU’s Data Protection Directive was to have a level of consistency in data protection across European borders, the reality is that each European country has enacted a slightly different set of laws around privacy.
With each of these slightly different sets of rules, it is important to have both internal resources as well as external partners who understand the challenges “on the ground” when dealing with enabling a company to effectively manage its hiring processes.
Asia has also been busy in enacting omnibus data protection laws. Eleven different countries in Asia have data protection laws on the books. This includes such diverse economies as South Korea, Hong Kong, Japan, and the Philippines.
A number of these countries have also included criminal penalties in their data protection legislation. Additionally, many of these laws have not been around long – adding to the uncertainty of how they will be interpreted and enforced. At least in the EU, there is a pattern of enforcement across the different member states, which some level of risk analysis can be applied against. This is not the case in Asia.
Clearly, businesses have a legitimate need to be able to obtain background on prospective employees —whether it is to verify educational credentials, or to see if the candidate is a risk to the company. As such, it is critical, now more than ever, to have a team of experts to help manage the widely diverse rules around how to collect and use background data.
This team needs to have elements from within the organization, as well as external resources that have an understanding of both strategic and tactical requirements for the company to effectively manage both its hiring process and its workforce.
Free Report: How Can Motor Carriers Reduce Their Potential Liability?
Discover ways to exceed the minimum requirements of the FMCSR and help reduce liability by downloading:
How Can Motor Carriers Reduce Their Potential Liability?