As a consumer, you may have noticed a spike recently in the number of data sharing agreements you’ve had to make when you use apps and websites. There’s a reason for this, and it originates in the European Union. Officially called the “General Data Protection Regulation” 2016/679, the EU GDPR is a new law that updates and enforces data protection and privacy for all individuals within the EU and the European Economic Area.
It was approved in April of 2016 and went into effect on May 25th of this year. Since the Internet doesn’t have borders, most companies have found they need to follow the rules. This includes anyone engaged in a hiring process that might touch EU and EEA citizens since these investigations involve collecting a lot of personally identifiable information.
How Does the EU GDPR Work?
Primarily, the rule governs personally identifiable information (personal data) of individuals in the EU, and applies to any enterprise doing business – even virtual business — in the EU, regardless of location. Essentially, it doesn’t matter where your organization is located…if you have any European customers or employees, the data protection rule applies to you.
The rule requires that you disclose any data collection as well as why you’re collecting the data and tell consumers how long the information is being retained. You must also inform consumers if the information will be shared with any third parties.
The EU GDPR gives consumers certain rights over their personal data. For starters, they have the right to request a copy of the data being collected (in a portable and “common” format), and they have the right to have their data erased under certain circumstances.
Public authorities and businesses who collect data are required to employ a data protection officer (DPO) who is responsible for managing compliance with the regulations. In addition, businesses must report any data breaches within 72 hours if they have an adverse effect on user privacy. Violators could be fined up to €20 million ($23 million) or up to four percent of annual worldwide turnover (whichever is greater).
Do You Have Any Employees or Applicants in the EU?
If so, the EU GDPR applies to you. Background checking potential employees could be a minefield of regulation violations. A pre-employment background check company such as DataCheck can help you screen your potential employees to protect your own organization while remaining compliant with GDPR rules.
As a full-service background investigation company, we at specializes in obtaining pertinent information via criminal background checks, past employment, and background history information, and background investigations for DMV history, credit reports, drug screening, and many other issues. As professionals, we understand regulations like the EU GDPR and can ensure that your screenings of employees won’t land you with expensive violation fees.
Contact DataCheck via our Web site or call 800-253-3394 to discuss your employment background investigation needs today.