Data Breach Concerns Lead to Increased Focus on Information Security with Screening Firms in 2019

ESR Top Ten Background Check Trends for 2019

Written By ESR News Blog Editor Thomas Ahearn

Background check firms in the United States (U.S.) will have to show their data breach protection and information security capabilities as well as compliance with privacy laws on domestic and international fronts in 2019. This trend has been chosen by global background check provider Employment Screening Resources® (ESR) as first on the list of “ESR Top Ten Background Check Trends” for 2019.

In light of recent data breach incidents, the U.S. screening market will conduct greater due diligence on information security in 2019 and look for screening firms to have third-party certifications and audits such as SSAE 18 SOC 2® Type 2 reports and accreditation from the National Association of Professional Background Screeners (NAPBS) Background Screening Agency Accreditation Program (BSAAP).

On the international front – particularly in the European Union (EU) – U.S. background screening firms will have to prove their compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks that govern the transfer of personal data from the EU and Switzerland to the U.S. and the General Data Protection Regulation (GDPR), the primary law regulating how companies protect the personal data of EU citizens.

The massive data breach suffered by nationwide credit reporting agency Equifax in September of 2017 that impacted more than 145 million Americans – almost half of the country – was a wake up call for all industries to improve their information security. The need for background screening firms that handle the personal data of job applicants to ensure information security has become mission critical.

Data breaches remained in the news in 2018 as Uber agreed to pay a $148 million settlement for a 2016 data breach, California passed the Consumer Privacy Act of 2018 in response to data breaches, New York state issued regulations to protect New Yorkers from data breaches, and the Federal Trade Commission (FTC) investigated the privacy practices of Facebook after a data breach involving 50 million users.

The FTC also enforces compliance with the EU-U.S. Privacy Shield Framework and did so in 2018. In September of 2018, the FTC announced that four companies agreed to settle allegations that they falsely claimed certification under the EU-U.S. Privacy Shield. In July of 2018, a company agreed to settle FTC charges of falsely claiming on its website to be in compliance with the EU-U.S. Privacy Shield.

Employment Screening Resources® (ESR) announced in October 2018 that the company had received notification from the U.S. Department of Commerce’s International Trade Administration (ITA) that its annual submission for self-certification of adherence to the EU-U.S. and Swiss-U.S. Privacy Shield Framework had been finalized and was effective as of September 26, 2018.

Organizations must self-certify their adherence to Privacy Shield to the ITA annually to remain on the Privacy Shield List. ESR was one of the first adopters of the EU-U.S. Privacy Shield Framework with an original certification date of August 12, 2016, less than two weeks after the official launch date. ESR originally self-certified with the Swiss-U.S. Privacy Shield Framework on March 5, 2018.

On May 25, 2018, enforcement of the GDPR began as the primary law regulating how companies protect the personal data of EU citizens. U.S. companies need to comply with the GDPR when performing international background screening in the EU in order to avoid stiff penalties of up to four percent of annual global turnover or €20 million Euros (approximately $23 million U.S. Dollars in December 2018).

The 28 member countries of the EU – an economic and political partnership between European countries – include Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom.

Employment Screening Resources® (ESR) – a leading global background check firm – has incorporated fully compliant GDPR policies, procedures, and technologies to help employers screen EU residents. The award-winning ESR Assured Compliance® system has been augmented to provide ESR’s clients with required GDPR related tools and supports the various GDPR rights of the data subjects in the EU.

ESR won the 2018 TekTonic Award from HRO Today Magazine that recognizes innovation and disruption in the world of HR and recruiting technology. The ESR Assured Compliance® system revolutionizes background screening and enables employers to mitigate risk when it comes to maintaining compliance with the ever-changing patchwork of background screening laws such as the GDPR.

In addition to GDPR, employers and screening firms have to comply with a number of privacy laws. For example, in 2018 California Governor Jerry Brown signed into law a comprehensive internet privacy and data breach protection bill called the California Consumer Privacy Act of 2018 (Assembly Bill 375) in response to the data breaches that affected the personal data of millions of consumers in the state.

The Act – which takes effect on January 1, 2020 – expands the rights of consumers to know what data is being collected about them online and to even delete it, empowers consumers to decline the sale of their information and to report violations which must be addressed by the violator or risk civil action, and provides a private right of action for unauthorized access and theft or disclosure of personal data.

Employers who conduct domestic and international background checks must comply with a dizzying array of laws and need third party screening providers to be in compliance with a myriad of regulations. Their screening firms should have certifications that include SOC 2® reports and NAPBS accreditation for domestic checks, and compliance with the Privacy Shield Framework and GDPR for international checks.

Employment Screening Resources® (ESR) announced in October 2018 that independent auditors conducting an SSAE 18 SOC 2® Type 2 audit of ESR’s operations for the six month testing period of January 2018 through June 2018 had issued a SOC 2 report that stated ESR management maintained effective controls over the privacy, security, and confidentiality of its background screening system.

The annual comprehensive and independent examination ensures that ESR meets the standards set by the American Institute of Certified Public Accountants (AICPA) to protect customer and third-party information. NDNB Accountants & Consultants LLP, a nationally recognized Certified Public Accounting (CPA) firm, issued the SOC 2 report. To learn more, visit www.esrcheck.com/Why-ESR/SOC-2/.

Employment Screening Resources® (ESR) has also successfully demonstrated continued compliance with the BSAAP and is recognized as NAPBS Accredited. Governed by a standard of professional requirements and measurements, the BSAAP is a recognized seal of achievement that brings national recognition to background screening firms that are also referred to as consumer reporting agencies (CRAs).

ESR is a founding member of the NAPBS, a non-profit trade association representing more than 880 member companies engaged in background screening in the United States. ESR founder and Chief Executive Officer (CEO) Attorney Lester Rosen was the chairperson of the steering committee that founded the NAPBS in 2003. To learn more, visit www.esrcheck.com/Why-ESR/NAPBS-Accreditation/.

Starting in 2008, Employment Screening Resources® (ESR) has selected background check trends that have impacted the future of the background screening industry. Each trend will be revealed on the ESR News Blog and also listed on the “ESR Top Ten Background Check Trends” web page which is available at www.esrcheck.com/Tools-Resources/ESR-Top-Ten-Background-Check-Trends/.

Employment Screening Resources® (ESR) is a global background check firm that is accredited by the NAPBS, undergoes annual SOC 2® Type 2 audits, was named to 2018 HRO Today Magazine Baker’s Dozen for Top Pre-Employment Screening Service, and won the 2018 HRO Today Tektonic Award for innovative and disruptive background screening technology. To learn more, visit www.esrcheck.com.

ESR Webinar on Top Ten Background Check Trends for 2019

ESR founder and CEO Attorney Lester Rosen – a noted background check expert and author of “The Safe Hiring Manual” – will also host a live complimentary webinar entitled “ESR Top Ten Background Check Trends for 2019” that will take place on Wednesday, January 30, 2019, from 11:00 AM to 12:00 PM Noon Pacific Time. To register, visit https://register.gotowebinar.com/register/5840930517922184451.

NOTE: Employment Screening Resources® (ESR) does not provide or offer legal services or legal advice of any kind or nature. Any information on this website is for educational purposes only.

© 2018 Employment Screening Resources® (ESR) – Making copies or using of any part of the ESR News Blog or ESR website for any purpose other than your own personal use is prohibited unless written authorization is first obtained from ESR.