Could Your Candidate Pipeline Soon Be Illegal?
Could Your Candidate Pipeline Soon Be Illegal?

Could Your Candidate Pipeline Soon Be Illegal?

Starting a new recruiting process fresh for every new position is highly inefficient.

That’s why, to streamline recruitment, many companies leverage ‘candidate pipelines’: the process of collecting and maintaining a pool of potential candidates. When a role becomes available, companies can inform (and hire) qualified candidates faster.

Candidate Pipelines and Data Privacy

Candidate pipelines—also known as talent or recruitment pipelines—usually include:

  • Applicants who unsuccessfully applied for other roles within your company
  • Anyone who has expressed an interest in learning about future vacancies
  • Those referred by current employees

Although there are so many benefits of candidate pipelines, could they soon be a threat to your compliance?

Think about all the data your candidate pipeline houses:

  • Date of births
  • Gender information
  • Personal addresses
  • Phone numbers
  • Email addresses
  • And more

With new laws being put in place to protect personal data, it’s possible that your candidate pipeline could soon be illegal.

GDPR is Making its Way Across the Pond

The most important data privacy law to be aware of is the General Data Protection Regulation (GDPR), passed by the European Union in 2018. While GDPR only affects recruitment if a company is hiring employees who currently live in the EU, similar regulations are a hot topic in many American state legislatures—so it’s essential for HR leaders to be aware of what GDPR contains and how it could affect candidate pipelines.

What Does GDPR mean for Recruiters?

The GDPR strengthened and widened previous European data privacy laws, imposing big potential fines for non-compliance: up to 4% of global annual turnover or €20m ($21.7m), depending on which is higher. In 2019, Google was fined around $57 million for failing to disclose how it uses collected data.

Essentially, GDPR limits the data companies can keep without permission, requires companies to inform users about data collection, regulates the use of data and restricts how long data can be kept before it must be deleted.

As for recruiting, GPDR gives job candidates the right to:

  • Notification if (and for how long) their data is kept and why
  • Be told who will have access to their data
  • Be asked consent for data to be stored
  • Ask for access to their information
  • Download their information
  • Correct any incorrect information
  • Restrict how their data is used
  • Request that their data be removed

Click Here To See More On Recruiting Compliance In 2020

woman recruiting candidates into pipeline

How Can A Candidate Pipeline Remain Compliant?

If your company stores the data of candidates who are based in the European Union without their consent, then you are at risk of a big fine. However, it is possible to for candidate pipelines to comply with GDPR, if companies take certain measures:

  1. Companies must ask for consent. This can be done by explicitly asking candidates (by email or as part of the recruitment process) whether they accept that their details will be stored so that they can be considered for future vacancies, job alerts or other forms of communication. If consent is not explicitly given, the candidate’s details must be deleted when the position they applied for is filled.
  2. Companies must disclose exactly what they will do with this information and if any third-parties (e.g. those hired for the purposes of background screening) will be given the data.
  3. Companies must only retain candidate data for as long as is necessary.
  4. Companies must provide, correct or delete the relevant data if requested by the candidate.

State-Level Data Protection Laws

Since GDPR was enacted, US companies have feared similar legislation would soon be enacted at a state-level. And for good reason… In 2019, California and Nevada both passed post-GDPR privacy laws (with New York currently passing more data security laws with the potential of privacy laws being passed soon).

The California Consumer Privacy Act (CCPA)

The most prominent US-based data privacy legislation is the California Consumer Privacy Act (CCPA), applying to companies with at least $25m gross revenue offers similar protections to GDPR but with an emphasis on the right to know what data is used, rather than necessarily requiring consent.

Though effective January 1, 2020, there is a one year moratorium on regulations relating to data stored solely for employment reasons. But that doesn’t mean recruiters are entirely in the clear—you’re still obliged to inform candidates of what data you collect and big fines are still possible in the case of data breaches.

Hope for the Best. Prepare for the Worst.

So, while candidate pipelines are not currently illegal, it’s important to stay up-to-date if you want to avoid blind-side penalties. Now’s the time to ensure that you have consent for any candidate data you currently store and that procedures for collecting consent are integrated into your current recruitment process.

Keep Your Recruiting Compliant

Paycor Recruiting offers streamlined applicant tracking services while preventing compliance headaches. Data protection features include enabling you to capture candidate consent, label candidates who do not wish to be contacted, and easily delete records whenever required. To view our product, take a self-guided tour.

Take Tour

More to Discover

Webinar: National Payroll Week Webinar Series: Payroll Compliance Updates & What's Ahead in 2021

Webinar: National Payroll Week Webinar Series: Payroll Compliance Updates & What's Ahead in 2021

From new salary thresholds and social security wage increases to COVID tax relief, businesses leaders have faced quite a few payroll and tax changes in 2020. As we prepare to turn the page to a new year, what new updates are on the horizon? Join Paycor’s resident payroll expert, Arlene Baker to learn about the latest updates and what you should watch out for in 2021.Speaker: Arlene Baker Arlene Baker is a Sr Compliance Analyst with over 40 years of payroll and tax experience. Arlene is a member of the National Payroll Reporting Consortium focusing on IRS compliance. Arlene has been a member of the national and local APA for 25 years and is an active member of the American Payroll Association Hotline and SPLTF Hospitality Industry...

Terminating Employee Checklist

Terminating Employee Checklist

Letting an employee go is never easy—but when it happens, no matter the root cause, companies have to act with professionalism and follow correct procedure. It’s the right thing to do, but it’s also essential for compliance. To help you make sure everything is done by the book, Paycor is providing a checklist of the right actions to take. Download Termination Checklist How to Conduct an Involuntary Termination An involuntary termination can never be taken lightly, and before making the decision official you’ll want to confirm with your legal team or advisors that you’re following the right process. If the termination is the result of poor performance or disciplinary issues, the employee may well have been issued warnings of increasing...

How to Hire Employees in California

How to Hire Employees in California

Wherever you operate, hiring new employees means not only searching for the best talent but also staying compliant. Nowhere is this more true than in California, with businesses needing to be aware of notoriously complex labor laws, relating to all stages of the employment process.For a small business, this can seem overwhelming. How can you recruit and hire great new employees while staying compliant with numerous regulations? The good news is, Paycor can help. Recruitment Best Practice Finding star talent is the same everywhere—you need to make sure that the right people know about the open position, you need to be able to filter applications to select for the skills and attributes you need, and you want a streamlined and optimized...

Types of Wages That Small Businesses Need to Know

Types of Wages That Small Businesses Need to Know

If you’re running a small business, you’ve got a lot on your plate. Right at the top of your list of priorities will be paying employees, and you don’t have time to be confused by all the different terms for kinds of wages and salaries. If you’re just starting out in business, we’ve got you covered. Here’s a breakdown of the types of employee payments that small businesses need to know. Regular Wages Most employees receive wages as part of a regular salary or based on hourly work. Businesses will have to choose the frequency of pay periods to find what works for them while abiding by any state regulations. Salary Wages Employees who receive a salary are guaranteed a fixed sum every pay period. The pay per hour worked must meet the...