In the wake of scary GDPR penalty stories, we suggest some simple measures to avoid the worry of data loss during the recruitment process of acquiring a prospective new employee’s personal ID data:
- Avoid a lack of process that clearly defines what candidate documents to obtain
- Avoid photocopier hard copies circulating of candidate documents
- Avoid emailing, or circulating unencrypted scans of documents
- Avoid storing copies of documents in filing cabinets, or laptop/computer hard-drives
- Avoid keeping copies of documents longer than is absolutely necessary – but remember your legal obligation to retain right to work checks for two years post-employment
If you have any concerns, we would be happy to undertake a confidential diagnostic to provide you with a ‘health-check’ on how your organisation is currently protected against this critical area of data protection compliance.