Following on from the many months of organisational planning, preparation and delivery of action plans to ensure GDPR readiness, what has been clear is that this mammoth task was not only a challenge for businesses, but also for the regulator alike, which continues to update and develop the information and guidance available for both individuals and businesses regarding the recent data protection changes.
This most recent update from Unlock which has been developed in conjunction with the ICO, provides the clearest guidance to date on the steps businesses must take to ensure that processing of criminal record data during recruitment is compliant with current data protection laws.
http://recruit.unlock.org.uk/wp-content/uploads/Employer-GDPR-guidance.pdf
Your organisation may have a policy on recruiting people with convictions – whether that be an inclusive policy or a blanket ban. Whatever your approach, if you are using criminal records as part of your recruitment practice, you should have a policy in place on collecting applicants’ personal data, and this should include a specific section on the processing of criminal records data. Your policy should clearly identify the purpose of collecting criminal records data, the lawful basis for collecting it, and explain how long you will retain this data, who it will be shared with and the applicants’ legal rights in relation to their information.
http://recruit.unlock.org.uk/guidance/asking/data-protection/
unknownx500
