Risk. A four-letter word, to be sure. Organizations are subject to all sorts of risks and apply carefully-developed, painstaking steps to eradicate it.
Actually, that’s the wrong word. Risk can’t be totally eliminated. Controlled and managed — yes. Hence “Risk Management.” Organizations will always face risks. Many come from external sources, such as threats emanating from unsecured communication devices including computers and phones. Or Ransomware. Phishing. The list is long, and you probably know it all too well.
Social media can pose a significant external threat. Facebook, Reddit, Glassdoor and many other sites and platforms offer disgruntled current and former employees a forum to vent their dissatisfaction with an organization. And the word “viral” is apt to describe how vicious, untrue posts can spread like wildfire and decimate an organization’s brand and financial value in hours.
Some risks may arise from failure to recognize or comply with laws and legislation related to employment. These may include OSHA, EEOC, FCRA, and GDPR. Failure to adhere to these myriad and constantly evolving federal, state, and local laws carry significant penalties.
But many serious risks also originate within. And that’s where we come in.
Of course, you conduct thorough background checks on new workers — including execs — right? Employees with tarnished backgrounds, including seasonal, temporary, and gig workers, may steal property, walk away with and/or sell vital sensitive data, pollute other employers with negative innuendo about your company and management, and so forth. Background checks reduce risk, and their efficacy continues to increase. As we noted in HireRight’s 2019 Employment Screening Benchmark Report: “(This past year), more companies reported a better quality of hire as the top background check benefit, as compared to last year’s survey — 60% in 2019 vs 53% in 2018. In addition, respondents stated that more consistent safety and security and improved regulatory compliance remained among the top reasons to conduct checks.”
Thorough background checks deliver such value for well beyond typical desk jobs. Healthcare professionals who interact with vulnerable patients, including the elderly and disabled, masseurs, real estate agents, and all workers, should be carefully screened. If they represent your organization, they pose potential risk regardless of job description or seniority.
But things change. People are dynamic. And background checks deal with what happened in the past. That’s why conducting backgrounds checks after candidates become employees is so necessary. A star candidate who passed their initial background check with flying colors may later have run afoul of the law. Mounting debts may have influenced others to engage in illegal activities. Drug use may have negatively impacted an employee’s life – at home and in your workplace.
Rescreening is an obvious best practice. Monitoring employees for issues as they happen is even better. While this idea is not new, recent advancements in technology make this concept efficient and effective. And it’s here now.
Attributes that are pertinent to an employee’s position may now be monitored and reported. For example, a transportation company can be alerted if a commercial driver is cited for a DUI or an accident. If the licensure or certification of a healthcare worker lapses, the employer may be notified when it happens. Employers sensitive to arrests of their workers can be alerted when an individual is booked. While employers who are more concerned with criminal convictions can establish a monitoring program to alert them when a worker has been charged with a crime. Ongoing monitoring may lead to a safer and more secure work environment.
However, while evaluating and before initiating an ongoing monitoring program, organizations should seek authoritative legal guidance well-versed in current federal, state and local compliance legislation; there are many critical considerations involving disclosures, ongoing employee consent, FCRA certifications, alteration of your current policies, and the type of action an organization can or should take when addressing adverse findings, including notification to the employee in question, amongst many other issues.