Content taken from Cluen's article in Recruitment Grapevine's 2016 December Magazine.
The General Data Protection Regulation (GDPR) is a regulation adopted by the European Parliament on 14 May 2016. The GDPR is meant to safeguard the data privacy rights of European Union citizens and affects any organisation that is based in the EU or does business in the EU. The new GDPR law goes into effect in less than two years, requiring search firms to be compliant by May 2018.
The GDPR law will affect executive search firm’s that:
- Work in the EU
- Have clients that work in the EU
- Have sources, prospects or candidates that are EU citizens
- May one day in the future partake in any of the above
- Work in conjunction with another firm that meets the above criteria
Technology Will Be Essential
The penalties for non-compliance if discovered are high and can reach up to €20 million in fines. Information security checks and specialized task functions help solve the duplication of operational efforts that can result from the GDPR.
Information Security Checks: Every executive search firm needs to assure there are strict security measures in place to safeguard personal data of EU citizens, and must have the ability to properly document it. Data floating between programs such as Outlook, Word or Excel or even your shared folders is disorganized, vulnerable and fragmented. Some databases configured this way will not meet the new standards set by GDPR. Find and partner with a data systems provider that is certified with Privacy Shield and can deliver audit details and documentation proving your recruitment software is compliant.
Specialized Task Functions: Under the GDPR law, EU citizens have the right to request their name and data be deleted from your database. How do you prevent your candidate ID process and administration from re-entering that same individual back into your database? Placing this candidate on a “hands-off list” will conflict with his or her original request. Cluen has taken a proactive approach to GDPR by innovating and integrating new technology features to solve the problem of this paradox – you can be compliant in your deletion of a record and every instance of that name, and yet, have a way to alert you should you ever try to enter the same name again.
Plan Now or Pay Later.
Start understanding all of the available solutions over the coming months and take advantage of the resources available. Review GDPR regulation information online and speak with an attorney to understand next steps. Speak with your recruitment software partner and seek their suggestions and advice.
Cluen has provided software to executive search firms globally since 1990. Cluen’s cloud-based solution, EncoreOne, allows you to track relational data and automate your recruitment process. Cluen’s experts consult with search firms around the world on best practices for relationship-driven search and data compliance. Contact us today for more information.