Privacy and Data Security Factors When Global Background Screening

August 12, 2021 | Shannon Shoemaker

Background checks and other forms of pre-employment screening are being increasingly adopted around the world and have become standard and/or mandatory for job candidates that apply to regulated industries or companies that handle sensitive data. While commonplace in America, the concept of screening is still unfamiliar to many employers in Europe, Asia, and beyond. As the marketplace becomes more global in scope, conducting checks on an international basis means that organizations need to gain a comprehensive understanding of the globally diverse safeguards for the protection of personal data privacy and data transfer security. To remain compliant and conduct background checks legally, firms should first understand how background check data is obtained, transmitted, and utilized in their specific location. However, this process can often prove quite challenging, especially as the laws governing background screening are complex, ever-changing, and varied depending on your company’s location(s) and are sometimes even unwritten, such as in many countries across Asia.

It is easy to assume that background checks are the same worldwide as they are domestically, however, firms located in the proceU.S. are permitted to ask and access a greater amount of information about their U.S. applicants than a European or Asian employer can for applicants in their own region. Additionally, U.S. employers can check information such as credit history, whereas the capability to conduct credit checks is not even an option in regions such as Japan, China, Macau, and many more. The difference between U.S. privacy laws and data security considerations and those of Asia’s and other global countries is often massive, a fact that few employers fail to realize.

Let’s take a look at India for instance, while it currently does not have any data privacy laws and “privacy” is not specified in India’s Constitution as being a formal right, there are several pieces of legislation that provide guidance in this area; this includes the Constitution of India’s Article 21, which guarantees, “[n]o person shall be deprived of his life or personal liberty except according to procedure established by law.” Article 21 has been referred to in numerous Supreme Court cases as related to upholding an individual’s right. In addition, the Information Technology Act 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011 provide insight surrounding personal data. Sensitive personal data can include, but is not exhaustive to: financial information, sexual orientation, medical records and history, physical, physiological and mental health condition, passwords, and biometric information (i.e., fingerprints, voice patterns, DNA, etc.). While it is legal for companies to collect sensitive personal information in India, this is only permitted for necessary purpose such as conducting background checks, which also requires gaining the consent of the individual before conducting any checks on them. In contrast, credit checks are permitted in Hong Kong, where the collection, processing, use, disclosure, and transfer of personal data is governed by the Personal Data (Privacy) Ordinance (PDPO).

Access to public records and other types of information required for screening may also be restricted, particularly in relation to accessing a job candidate’s criminal history. For instance, in the U.S., criminal record searches are typically conducted in each court where an applicant has lived or worked. National searches for criminal records, sex offender registration, and more are also available. However, in the Asia-Pacific region, criminal record checks are often conducted regionally or by municipality, not nationally. Additionally, comprising a complete picture of an applicant’s criminal history may in fact be composed of multiple sources of information, such as police, government agency, prosecution office, as opposed to a single national, regional, or municipal source. It is also not practical nor generally accepted practice for employers to access an applicant’s criminal records in certain regions and is often limited to scenarios of a specific nature including for the military, immigration requests from an overseas immigrations government for diplomatic ties, and so on. However, criminal history records can still be reported to employers in other ways, such as by conducting a criminality check via public record searches. In many Asian regions, the responsibility falls on the job candidate to collect and present their own information to the prospective employer in a truthful and lawful manner. However, it is inevitable that this practice presents some practicality, time-consumption and quality-of-evidence issues, as it can be difficult to verify the legitimacy of information submitted by applicants – this is where our background screening solutions come in.

For more information about how your business can conduct international background screening, please reach out to Cisive here.

 

Subscribe to the Cisive Newsletter

Supported By WordPress.org Customer Service