Menu

Hiring Insights Blog

Why Employers Need to Reevaluate Their Data Privacy Processes and Policies
Industry Trends
Thursday, Mar 07, 2019

A staggering number of entities from banking institutions to social media to potential employers collect and use personal information - and, many times we just give it away without thinking twice. Yet, according to Pew Research Center, nearly two thirds of Americans have been a victim of data security breaches and data theft.  And, about half do not trust the federal government or social media to protect their data.

So how do we bridge this disconnect? In today’s technological world, there is an ever-increasing push to ensure data privacy and protection is a fundamental human right. Everyone from consumers to advocacy groups to titans of industry are calling for better regulation in handling data:

Microsoft CEO Satya Nadella praised the European Union’s General Data Protection Regulation (GDPR) at Davos, “My own point of view is that it's a fantastic start in treating privacy as a human right. I hope that in the United States we do something similar, and that the world converges on a common standard."

At a privacy conference in Brussels, Apple CEO Tim Cook also praised GDPR and called for United States data security standards and privacy laws, “It is time for the rest of the world, including my home country, to follow suit. We at Apple are in full support of a comprehensive federal privacy law in the United States.” In an article in Time, Cook again shared this stance and reiterated the principles that should be the foundation of the legislation including, the right to have personal data minimized, to know what data is being collected and why, easy access for consumers to correct and delete personal data and finally, the right to data security.

iCIMS own, CEO Colin Day, has also weighed in stating, “As technology providers, it’s our responsibility to take a step back from the noise made by emerging innovations and return to the basic principles of good business.”  Day went on to speak to how data should be utilized and protected in the hiring process, noting that applying for a job is an act of vulnerability in on itself and speaking to the implied contract of trust when submitting an application.

But as these calls continue, what is actually being done to protect personal data?  

GDPR was an incredible push in the right direction, applying to all companies processing personal data of EU citizens regardless of where the company itself is based.  The United States federal government has yet to pass any sweeping nationwide legislation, however various states and government agencies are beginning to jump on board.

  • California passed a data privacy law, the California Privacy Act of 2018 (CCPA), mandating enhanced consumer data protections. That law will go into effect in 2020.
  • Washington state recently proposed the Washington Privacy Act, in late January 2019. The legislation closely follows the provisions of GDPR and would impose stringent responsibilities for organizations it applies to. However, it is important to note that employee data is exempt from the Washington law, a distinction from GDPR which applies to both consumer and employee data.
  • The U.S. Chamber of Commerce announced a draft privacy legislation, calling for a federal privacy law. The Chamber’s Technology Engagement Center vice president Tim day noted, “Technology has changed the way consumers and businesses share and use data, and voluntary standards are no longer enough. New rules of the road are necessary and it is time for Congress to pass a federal privacy law. The Chamber’s model privacy legislation puts consumers in control and ensures businesses can innovate while operating with certainty and providing transparency.”
  • In April, the Federal Trade Commission will hold hearings to kick off the legislative process for federal privacy legislation. The hearings will reexamine the FTC’s approach to consumer privacy, and its rulemaking authority on data privacy and security issues.

As these regulations begin being put in place, learn more about following GDPR best practices and how to be more successful when it comes to data rights and the recruitment front in this Recruiting Daily article from iCIMS CTO Al Smith.

And, be sure to stay connected with iCIMS Hiring Insights Blog for all the latest fodder surrounding data privacy and regulation.