A brief history of GDPR
Almost 2 years ago in May 2018, the EU implemented the General Data Protection Regulation law. What this essentially meant is that the GDPR aims primarily to give control to individuals over their personal data and strengthen privacy of that data. In the case of companies receiving any personal data, most of the burden to comply with the regulations has been placed on them.
This was change that primarily affected companies with recruitment processes. Businesses could no longer simply receive applications and resumes, choose the best candidate and move forward – there now needed to be strict guidelines that need to be followed.
How it changed the recruitment process
The main things recruiters and companies needed to do differently was to be completely transparent with the data they were processing, allow the candidates to have constant access to their data in order to be able to change it at any time and clearly map all of the types of candidate data you are collecting. But above all, most important for recruiters to comply with GDPR was being able to gather and store consents from candidates to keep and process their data.
With that said, recruitment teams had to keep in mind: what kind of data are they collecting, are they collecting personal data (and for what purposes), where the data is being stored and who has access to the data, what are their processes to making sure they can delete any data – and this list goes on. Just focusing on the changes mentioned above, for many companies (especially larger ones) this was not an easy task – as they would operate with thousands of resumes and personal data sets, across different departments and teams.
A lot of companies had to do a data cleanse of personal data they did not have consent from, but more importantly companies had to figure out quickly how to comply with all of these changes quickly for future recruitment, because of the threat of very large fines.
Try our Applicant Tracking System today!
The best way to comply with GDPR
For many recruiters the easiest, fastest and safest way to comply with the GDPR laws was conduct their recruitment processes through applicant tracking systems. ATS’ were forced to quickly create and apply functionalities into their systems that would allow companies to comply with guidelines during recruitment: automating consent emails, giving logins to candidates to manage their personal information, and organizing the flow of personal data stored. Applicant tracking systems automates and keeps recruiters up to compliance with the necessary information and management systems – but an ATS can only do so much to make the work manageable – companies and recruiters still need to manage the necessary information to pass on to candidates when collecting their data, and it is suggested that they hire a data security manager to keep everything running smoothly.
But once companies and recruiters have the tools, technology and information – their recruitment processes will run just as smoothly and quickly as before May 2018.
One of these technologies is Hello Astra, an applicant tracking system that is built to be GDPR compliant and take on that responsibility. Hello Astra offers features such as a candidate panel, which is a personal site for candidates that applied where they can see their consents and personal data and modify or delete them at any time. It also complies by being able to instantly remove personal data from the platform when requested, making sure the candidate has full control over their information storage.