GDPR compliance for recruiters still holds true at home

Recruiters will still need to comply with GDPR during the coronavirus pandemic.

This is according to an expert in helping recruitment businesses meet the regulations, despite the ICO (Information Commissioner’s Office) saying it will soften its approach to take into account the exceptional circumstances.

In a statement on its website, the data protection watchdog says: “The ICO recognises the unprecedented challenges we are all facing during the Coronavirus (Covid-19) pandemic.”

In response to organisations’ concerns that their data protection practices might not meet their usual standards, or their response to information rights requests will be longer, the ICO says it will not take regulatory action. “We understand that resources, whether they are finances or people, might be diverted away from usual compliance or information governance work. We won’t penalise organisations that we know need to prioritise other areas or adapt their usual approach during this extraordinary period.

“We can’t extend statutory timescales, but we will tell people through our own communications channels that they may experience understandable delays when making information rights requests during the pandemic.”

Anna Wisdish (pictured), director of Comply GDPR, whose clients are almost exclusively recruitment agencies and executive search firms, told Recruiter that she welcomes the ICO’s statement that it will adopt a sympathetic approach to penalising businesses during the pandemic, but recruitment businesses and executive search firms “will still need to comply with GDPR and meet their obligations to keep personal data secure”.

Wisdish says among the data protection measures recruitment businesses should consider are:

  • Provide staff with the guidance, tools and resources they need for homeworking – for example, online access to documents and secure apps for using your recruitment database via Smartphone or tablet.
  • Keep regular proactive communications with staff so that they can continue to seek your guidance and ask advice from colleagues.
  • Document and assess the risks that come from employees working from home or other changes to your day to day business and take action to address them.
  • Remind employees of your company policies and procedures for GDPR, eg. for protecting personal data and for data breaches, and ensure they have had recent relevant training.
  • Update your ‘Bring your own device’ policy to give clear guidance to employees if you will be asking them to use their own personal devices.
  • If you need to collect additional personal data, such as whether an employee suspects having coronavirus, do it confidentially and keep both the amount of data and how long you keep it to a minimum.

• Comment below on this story. You can also tweet us to tell us your thoughts or share this story with a friend. Our editorial email is [email protected]

ONS revealed more new companies set up in beginning of August

Company incorporations per working day for the first week of August were higher than those from the Q3 2019 average.

13 August 2020

‘Desperate’ consultants scam candidates to find out IT market info

A technology recruiter says jobseekers are being contacted by individuals trying to learn about which companies are currently hiring by falsely claiming to work for certain recruitment companies.

13 August 2020

Be flexible with employee quarantines says employment specialists

What should you do if your employees are planning a holiday trip to France to brush off months of lockdown in the UK?

Legislation 13 August 2020

How best to discourage high volume ‘no chance’ hires

With jobless numbers at extreme highs as a result of the Covid-19 pandemic, what’s a recruiter to do when bombarded by unqualified applicants that have no chance of being hired?

12 August 2020