Data protection
Working within the provisions of the Data Protection Act
Employer organisations as well as background check and security clearance service providers such as GSL are required to operate within the provisions of the Data Protection Act in the UK. These relate to openness, the limitations of the use of information and the rights of the individuals. The key points are:
- The role of references is to confirm factual details supplied by applicants.
- Employers are advised to only obtain details relevant to a particular vacancy and which will be used as part of the selection process.
- The level of pre-employment screening needs to be justifiable in relation to the position applied for
- Candidates should be warned that their applications will be vetted. This should happen as early as possible and ideally in the recruitment advertisement or with the application form
- All applicants should be asked to sign a declaration that allows the background check to take place
- Applicants should be advised what type of information will be verified
- The background check should take place late in the application process and only the people selected as having potential for a position should be submitted to comprehensive pre-employment checks
- Any discrepancies between the application and background check report should be communicated to the applicant and they should have the right to reply or explain anomalies.
- There is a need to balance the information received against the source
- Under the provisions of the Data Protection Act, individuals have a right to apply to access information about them that is held by a data controller.
We would normally destroy records relating to vetting within six months, to comply with the guidance of the Information Commissioner. Clients may retain a copy of the results of the process.
Transfer of information from a report to a territory outside of the European Economic Area may require consent from the applicant. This includes to parent companies in USA.
GSL is a member of the National Association of Data Protection Officers.
