This post is the fifth of a 7 part series on mastering Talent Data - The 7 C's of Talent Data!
In this post, we're talking about Compliant talent and recruitment data. Compliant means ensuring everything you do with data complies with laws and regulations for every industry and jurisdiction in which you operate. And we know that can be a LOT of compliance to worry about. Well - now you can worry a lot less.
Remember that there are seven areas of data management you’ll really want to think about for best practices. Having connected, current, convenient and clean data is a great start, but you’ll want to know about a few more C words before your talent data is everything you need it to be.
Clean and compliant are the C words people used to worry about most with data and if you are a Compliance Officer for your company, or in HR at all, this is a critical part of your job. Helping your company maintain policies and procedures to remain within the regulatory framework of the industries and geographic areas in which you operate.
Data Compliance In Recruiting and HR: HIPAA, OFCCP and GDPR to start!
Having clean data is a nice advantage, however, maintaining compliant data is something you must do. For example, if you work with healthcare data, you better be paying attention to HIPAA. If you work with the US Government it's OFCCP, and if you are recruiting in Europe, the GDPR had better be top of mind. To name a few!
Compliance is good practice as well as being necessary. This is required reading for everyone involved in enforcing standards and rules, and is part of the overall general data management for your company’s talent.
HIPAA Data management and compliance
HIPAA, the Health Insurance Portability and Accountability Act, sets the standard for protecting sensitive patient data. Any company that deals with protected health information (PHI) must ensure that all the required physical, network, and process security measures are in place and followed. And this can impact talent and recruiting, depending on what data you have.
OFCCP for Recruiting in the USA
In the US, the Office of Federal Contract Compliance Programs requires that data be kept to prove compliance with Equal Employment Opportunity (EEO) requirements for Federal Contractors. And that can include everything right up to the details of any searches your sourcers do. You need to ensure you retain and make available every piece of data an OFCCP audit might require.
GDPR Data management and compliance
The European Union (EU) General Data Protection Regulation (GDPR) affects companies worldwide, not just those with operations in the EU. GDPR requires strong privacy protection for EU citizens, covering data access, retention, portability and the right to be forgotten among others. And there are BIG non-compliance fines if you don't get it right. The acronym used most here isn't PHI, it's PII (personally identifying information).
Most global companies have GDPR challenges, not least because while the compliance areas are clear, there is no single approach to compliance prescribed. This means that recruiting and HR departments need flexibility so that they can comply with GDPR in the way that their own compliance and privacy departments require.
Regulations Across the Globe
These are just a few of the compliance requirements global organizations face. There are candidate data retention requirements in lots of different countries, EEO and diversity requirements and many, many more. You'll need a flexible approach across your data and systems, and hopefully you can get one that doesn't completely ruin your analytics and your future machine learning efforts!
Takeaway: You'll have a wide range of overlapping compliance needs - be flexible
How SwoopTalent Supports Data Compliance
Here are some of the features our talent data management platform offers to help with your compliance:
No non-compliant data: Every piece of data in SwoopTalent is either from your records or explicitly in the public domain. No browser scraping, no sharing customer data, no nefarious data gathering.
Right to erasure, right to restrict processing: Full opt-out functionality in any of your systems integrated and/or displayed in EVERY system.
Right to rectification, right of access, right of portability: One click download of data with detailed sources. Dedicated service to help people find and remove or update any public data.
Compliance indicators visible everywhere: opt-out in any system (or manually) is integrated and visible across EVERY system recruiters use including LinkedIn
All compliance statuses and data displayed
Opted out data removed except for sufficient data to track
Enforce opt out
Stale and non-compliant data managed
internal data can be refreshed from external data and/or erased when non-compliant.
Set and forget “data freshness” management.
Data suppression and erase: highly configurable choices.
Anonymization: Algorithms that can de-identify your own records so that PII is purged but anonymous professional records remain available if desired
Data retention and tracking: You can keep EVERYTHING for compliance in your data lake for very little cost or effort. That means even if you change systems, you no longer need to pay for read only copies, because you have everything you need for compliance - even OFCCP.
Build lists to circulate new privacy statements:
prior candidate data easily gathered
Compliance support: for passive talent and other practices, recruiters are guided to enforce compliant processes.
Compliance actually can be “set and forget” when you work with a partner who knows data and a platform that automates everything. Compliance can be managed as regulations and processes adapt over time, freeing up your team to focus on high-value efforts rather than legal compliance.
Takeaway: Technology can simplify and speed up compliance, and retain all of your data with ease
Now that you know how important, even if a little unsexy, Compliance may be within the 7 C’s of Talent Data, what comes next? After connected, current, convenient, clean, and compliant, it’s time to discuss Canonicalized.
Part six of this seven part series covers canonicalization, which you might also call normalization...or you might not have heard of. This is where Granny Smith, Delicious and Baldwins all get called Apples (and never Oranges!)...and it's how you'll never have to clean your job title data ever again!