GDPR compliance for recruiters still holds true at home

Recruiters will still need to comply with GDPR during the coronavirus pandemic.

This is according to an expert in helping recruitment businesses meet the regulations, despite the ICO (Information Commissioner’s Office) saying it will soften its approach to take into account the exceptional circumstances.

In a statement on its website, the data protection watchdog says: “The ICO recognises the unprecedented challenges we are all facing during the Coronavirus (Covid-19) pandemic.”

In response to organisations’ concerns that their data protection practices might not meet their usual standards, or their response to information rights requests will be longer, the ICO says it will not take regulatory action. “We understand that resources, whether they are finances or people, might be diverted away from usual compliance or information governance work. We won’t penalise organisations that we know need to prioritise other areas or adapt their usual approach during this extraordinary period.

“We can’t extend statutory timescales, but we will tell people through our own communications channels that they may experience understandable delays when making information rights requests during the pandemic.”

Anna Wisdish (pictured), director of Comply GDPR, whose clients are almost exclusively recruitment agencies and executive search firms, told Recruiter that she welcomes the ICO’s statement that it will adopt a sympathetic approach to penalising businesses during the pandemic, but recruitment businesses and executive search firms “will still need to comply with GDPR and meet their obligations to keep personal data secure”.

Wisdish says among the data protection measures recruitment businesses should consider are:

  • Provide staff with the guidance, tools and resources they need for homeworking – for example, online access to documents and secure apps for using your recruitment database via Smartphone or tablet.
  • Keep regular proactive communications with staff so that they can continue to seek your guidance and ask advice from colleagues.
  • Document and assess the risks that come from employees working from home or other changes to your day to day business and take action to address them.
  • Remind employees of your company policies and procedures for GDPR, eg. for protecting personal data and for data breaches, and ensure they have had recent relevant training.
  • Update your ‘Bring your own device’ policy to give clear guidance to employees if you will be asking them to use their own personal devices.
  • If you need to collect additional personal data, such as whether an employee suspects having coronavirus, do it confidentially and keep both the amount of data and how long you keep it to a minimum.

• Comment below on this story. You can also tweet us to tell us your thoughts or share this story with a friend. Our editorial email is [email protected]

Employment minister says ‘structural challenges’ in labour market must be fixed

A pivotal part of the government’s myriad employment schemes is to fix the “structural challenges” in the labour market, employment minister Miriam (Mims) Davies told Recruiter.

People 21 October 2020


This week’s appointments include: Flint Hyde, Harvey John, Lily Shippen Secretarial Recruitment, Mercer, New Street Consulting Group, Perkbox, The Portfolio Group, Walter James Group

People 19 October 2020

Short promoted to CEO Randstad UK & Ireland

Managing director Randstad UK Vicky Short (pictured) has been promoted to CEO for Randstad UK & Ireland from 1 January 2021.

People 16 October 2020

Recruiters reveal resilience issues in latest UK Recruitment Index

Recruitment firms with £50m+ annual net fee income are confident about their operational resilience but much less so about their organisational resilience.

15 October 2020