Starting on 25 May 2018, recruitment organizations that collect data from EU candidates must comply with the General Data Protection Regulation (GDPR). This new law aims to protect the privacy of candidates.
The GDPR puts the onus of compliance on recruiters doing business within the EU, even if they are not based there. Recruiting firms need to be on high alert, as they heavily rely on collecting and storing candidate data. Failure to comply with GDPR can incur fines up to €20 million or 4% of the annual turnover, whichever is higher.
Challenges of meeting GDPR
The fundamental compliance challenge for recruiting firms will be to identify and map all the ways that personal data is used in your organization. Understanding how and why data is collected, where it is storedand for how long, whether it is shared, and how it is secured are all important considerations for GDPR compliance.
Once personal data is identified, organizations must ensure appropriate measures to secure it. Although data security can seem intimidating, it is critical for mitigation and recovery preparedness.
The GDPR further strengthens data protection by restricting the transfer of personal data (Refer Article 44). Accordingly, organizations that handle data must regularly monitor the physical locations where data is stored. Whether in the cloud or on-premise, identifying, monitoring, and controlling where your data resides is mandatory.
Under the GDPR, subjects haverights to their data. Provisions need to be made to respond to the data subject’s requests, including rectification, deletion, and stoppage of use. Happily, cloud-based data storage makes all these things simpler and safer.
Other measures to demonstrate compliance involve proper governing structures, information notices, audit trails, breach reporting mechanisms, and more.
To reduce the liabilitiesof non-compliance, compliant cloud recruitment solutions provide agility, efficiency, scalability, and most of all, peace of mind. Zoho Recruit is ready for the GDPR.
To learn more about GDPR, read our new ebook, Everything Recruiters Need to Know about GDPR.