Last month a cyber-attack compromised the personal information of thousands of employees at the Department of Homeland Security. Reports say it was a state-sponsored attack that put the personal information of tens of thousands of DHS employees at risk. Mistakes are an unavoidable part of life, but when it comes to your candidates’ information, you have a responsibility. You can start fulfilling that responsibility by making sure you chose a screening firm that makes cyber-security a top priority.
All companies will tell you they take great care with personally identifiable information (PII) like social security numbers, addresses, birthdays and so on, but saying they protect information and actually doing it are two very different things.
The background screening process involves the processing, handling and storage of a candidate’s sensitive information. Background screening companies that are focused on data security incorporate strict measure in all facets of information security. Be sure your company has a security policy in place with solid training and documented procedures on how to deal with security incidents.
Be sure your provider has a solid grasp on both domestic and international data privacy and security, and be sure to choose a partner that does not off-shore sensitive data overseas. Once sensitive data leaves the United States there are no guarantees it will be protected.
Look for affiliations and accreditations that show a dedication to information security, like Safe Harbor Certification and accreditation by groups like the National Association of Professional Background Screeners (NAPBS). The companies that are most dedicated to information security will go through the rigorous process of getting their ISO 27001:2005 Certification. Systems maintained under this certification are designed to protect the confidentiality, availability and integrity of information. As I said earlier, mistakes happen, but companies that follow these protocols and have solid systems in place can greatly reduce any damaging impact if there is ever a security incident.
Big names and big offices do not guarantee big security. Before you hand over your clients’ and applicants’ data, do your homework.
**** Employment Background Investigations is a technology driven leader in domestic and global pre-employment background checks, drug testing, occupational health screening and I-9 compliance. We specialize in development, implementation and management of customized employment screening programs for large and multi-national clients. We are dedicated to information security.
EBI is the only NAPBS Accredited background screening company to hold both an ISO 27001:2005 certification for information security and an ISO 9001:2008 certification for Quality Management. All content provided by EBI is published for the convenience of its readers and should never be deemed as legal guidance or advice. Always consult your legal counsel for specific advice on state laws and industry regulations.