BLACK FRIDAY DISCOUNT
Get 30% off on toolkits, course exams, Conformio, and Company Training Academy yearly plans.
Limited-time offer – ends December 2, 2024
Use promo code:
30OFFBLACK

Expert Advice Community

Guest

Employee background check

  Quote
Guest
Guest user Created:   Dec 11, 2017 Last commented:   Dec 11, 2017

Employee background check

Can you please provide clarity on employee background checks as it relates to ISO 27001 and GDPR? My understanding is from an ISO 27001 standpoint it’s not necessarily required but it should be part of the risk assessment as to whether or not to perform them. With GDPR, my understanding is that it actually won’t even be allowed anymore?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Dec 11, 2017

Answer:

There is nothing wrong with performing a background check as long as the processing activity is lawful and proportionate.
So, if based on a risk assessment conducted the company, it results that some categories of employees or potential employees would need to be checked, you can do that providing you do the following :
- get the express consent of the potential employee and for the existing employees provide an adequate notice. The consent form template can be found in folder 4 of the EU GDPR implementation toolkit https://advisera.com/eugdpracademy/eu-gdpr-documentation-toolkit/ and the notice for employees can be found in folder 2.
- because this processing activity is quite intrusive (depen ding on the extent of the background check) and special categories of personal data (such as criminal records) might be processed, a DPIA would be required as well. You can find guidance on DPIAs in folder 5 of the EU GDPR implementation toolkit.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 11, 2017

Dec 11, 2017

Suggested Topics

Guest user Created:   Mar 21, 2018 EU GDPR
Replies: 1
0 0

Using DPIA

Guest user Created:   Jun 06, 2018 EU GDPR
Replies: 1
0 0

GDPR on employees