Written By ESR News Blog Editor Thomas Ahearn
Applicant Tracking Solutions (ATS) operators will review ATS integrations with their background screening partners to address emerging legal risks involving areas such as data breaches and litigation over consent forms in previously accepted processes and revise those integrations accordingly in 2016. This is the number 8 trend selected by Employment Screening Resources® (ESR) Founder and CEO Attorney Lester Rosen for the 9th annual ESR Top Ten Background Check Trends for 2016.
“There are a large number of ATS and background screening choices in the market place today,” explains Rosen, author of ‘The Safe Hiring Manual.’ “Because of the complexities in both areas, employers and HR professions are getting an understanding that they are better served where the ATS and the screening firm have a tight integration and close relationship as opposed to using systems that just exchange data with anyone and do not account for the many complexities and legal issues involved in hiring. Although plug and play is a useful model in many areas, it may not serve employers well when it comes to regulated and litigated areas like hiring.”
An Applicant Tracking Solution or System (ATS) is defined as a software application that enables the electronic handling of recruitment needs that can be implemented or accessed online and is designed for recruitment tracking. An ATS can filter applications automatically using criteria such as keywords, skills, former employers, years of experience, and schools attended. Almost all recruitment agencies and most major corporations with an in-house recruitment function use some form of an ATS to handle job postings, applicants, resumes, and interviews.
Rosen explains that there has been a trend towards more sophisticated ATS integration of workflow that includes two way data transfers so that a background check can be ordered and status updates can be returned at the click of a mouse. However, with the dramatic growth of class action lawsuits over alleged violations of the federal Fair Credit Reporting Act (FCRA) and well documented instances of data breaches reported in the news, many ATS operators are beginning to realize that:
- ATS operators do not want to control or have responsibility over the applicant consent forms. Some systems try to have the applicant consent on the platform and that is an unnecessary risk.
- ATS operators do not want to house background screening data due to data breach issues.
- ATS operators do not want to be a party to the background check in order to avoid any possible applicant form reports that are alleged to have errors.
- ATS operators should only facilitate communicate between an employer and a background screening firm, but stay out of the process as much as possible.
- ATS operators are rethinking who is in charge of the forms used for background checks and who stores the data used for background checks.
Rosen says ATS operators should be wary of potential data breach issues judging by recent news. In September 2015, ESR News reported that credit reporting agency Experian discovered a data breach where an unauthorized party accessed records containing Personally Identifiable Information (PII) of T-Mobile users including names, addresses, dates of birth, Social Security numbers (SSNs). The Sony data breach lawsuit settlement underscores why businesses must ensure information security for ATS operators.
Even the U.S. government has come under fire for data breaches. In July 2015, ESR News reported that the Office of Personnel Management (OPM) announced that the PII of 21.5 million people was compromised in a database breach involving the background check records of Federal employees and contractors. In addition, the 2015 Q1 IBM X-Force Threat Intelligence Quarterly report revealed that the number of security incidents in the U.S. (74.5%) was far higher than in other countries.
According to Rosen, ATS operators may also seek to somewhat distance themselves from their background screening partners because of the legal risks involved in screening and the specialization of the process due to the increasing complexity of screening consent forms. ESR News has reported on the rise of FCRA class action lawsuits. In 2015 alone, companies such as Food Lion, Home Depot, Chuck E. Cheese, BMW, Whole Foods, and Calvin Klein paid settlements in FCRA lawsuits ranging from $716,400 to $3 million.
Rosen explains that statutory damages can range from $100 to $1,000 per FCRA violation even if the plaintiff is not actually harmed. By far the most common claim made is that the employer allegedly violated §1681b(b)(2)(A)(i) of the FCRA that requires “a clear and conspicuous disclosure has been made in writing to the consumer at any time before the report is procured or caused to be procured, in a document that consists solely of the disclosure, that a consumer report may be obtained for employment purposes.”
As reported earlier by ESR News, the question as to whether or not a plaintiff has the legal right to bring a class action lawsuit for a technical violation of the FCRA if that individual suffered no actual concrete harm from the violation was argued in the case of Spokeo, Inc. v. Robins in the Supreme Court of the United States on November 2, 2015. According to analysis of the arguments, a ruling that plaintiffs only have to allege a violation of a right created by a statute without showing real harm “did not seem likely.”
Rosen has also written a complimentary whitepaper titled ‘Common Ways Prospective or Current Employees Sue Employers Under the FCRA’ in response to the rising trend of class action lawsuits filed for alleged violations of the FCRA. Rosen says that “more often than not, employers are sued for violating FCRA 101 – simple rules and procedures that are clearly set out in the law.” This whitepaper is available at http://www.esrcheck.com/Whitepapers/Ways-Employees-Sue-Employers-Under-FCRA/.
ESR SOC 2 Type 2 Report Ensures Data Protection for ATS Operators
Employment Screening Resources® (ESR), a leading global screening firm, has successfully completed a SOC 2® Type 2 Audit Report that confirms ESR meets high standards set by the American Institute of Certified Public Accountants (AICPA) for the security, confidentiality, and privacy of consumer data and systems used in background checks. ATS operators who wish to learn more about the ESR SOC 2® Type 2 Audit Report that ensures data protection during background checks should visit http://www.esrcheck.com/SOC-2/.
© 2015 Employment Screening Resources® (ESR) – Making copies or using of any part of the ESR News Blog or ESR website for any purpose other than your own personal use is prohibited unless written authorization is first obtained from ESR.