What is GDPR?
The GDPR, which will become effective as of May 2018 is a data compliance regulation which affects companies operating within the EU. It relates to the manner in which companies can collect, use and retain customer data. The penalty for violation is set at 4% of global annual turnover – ouch!
The area of customer data is relatively new, and to this point, it has lacked a clear and comprehensive set of regulations to discern what is and what isn’t an appropriate use of customer data.
Particularly in light of some recent high profile political events on both sides of the Atlantic, where troves of data on individuals within the relevant electorates were collected, retained and used in a rather laissez-faire manner. The GDPR (General Data Protection Regulation) has been drawn up and will be implemented by the European Parliament, the European Council and the European Commission to create a stronger and more unified effort to protect the data of all individuals living within the EU.
What Does This Mean for Your Company?
If your company is based in the EU, or has any customers in the EU then the GDPR will have a massive impact on you and the way you handle your collected customer data. With the aforementioned penalty of 4% of annual global turnover looming overhead, the onus is on the companies to educate themselves and to start implementing compliance plans.
Your company will now need to start drastically revising its practices when it comes to your use of customer data. The new regulations impose the following requirements;
- Transparency – a clear and justifiable reason for gathering data
- Purpose Limitation – data can only be used for specific determined reasons
- Data Minimisation – only necessary data should be collected
- Storage Limitation – data can only be kept as long as is relevant
- Integrity and confidentiality in storage
How Will This Affect Recruiters?
Whether you work in-house or in an agency environment, your current practice around handling candidate data will need to be reviewed, and a plan put in place to ensure compliance by May 2018. Companies that handle and process data on behalf of their clients will be liable for any breaches, as will their clients.
In particular you might need to ask yourself;
- Do I need all of the information I’ve requested on the job application?
- Do I need it now?
- Does the data you’ve requested have a clear and reasonable purpose?
The new regulations will also affect how you can use the data on LinkedIn, how you conduct interviews, and for how long you can retain candidate information.
So, What Do I Need to Do?
Fear not! SocialTalent has two of the best mind in the business on hand to help you wade through the murky waters of uncertainty. We have created specialized GDPR content with the help of Tricia Higgins and Marie Murphy from FortPrivacy to bring you a lean and to-the-point take on this hefty bill, geared specifically to recruitment professionals.
Learn more anout our GDPR training and our other solutuion offerings!