David Grundy, CEO at Invenias, gives an overview of GDPR and discusses why changes to data protection legislation provide an opportunity for the executive search profession to enhance working practices and the quality of data held.
This article was originally published in the March 2017 Issue 28 of the Recruitment Grapevine Magazine.
In an industry underpinned by data, it is unlikely that the acronym ‘GDPR’ is an unfamiliar term to those working in executive search. In May 2018, the rules and regulations regarding the way in which data is stored, shared and moved will change dramatically, and this will have a significant impact on the working practices of the executive search professional, whether working for a search firm or in-house. With a plethora of information available, this article provides a summary of the key points of GDPR, its implications for the search profession and how in partnership with the right technology supplier, GDPR can provide opportunities to enhance working practices and the quality of data held.
An overview of GDPR and its impact on executive search
GDPR or General Data Protection Regulation will come into force in the UK by May 2018 and will safeguard European Union citizens with respect to their data privacy rights. The legislation will impact all organisations that are either based in, or do business in, the EU. In essence, the legislation will give individuals greater rights and control over their data by way of consent as well as the power to access, rectify or erase information held and the right to be informed.
There is no doubt, the changes to GDPR will have a significant impact on the executive search profession. Any firm that operates in the EU, has clients that operate in the EU, or that processes data on EU citizens are subject to these changes in legislation, regardless of where information is stored, whether it is held in emails, a database or in spreadsheets. The rules will have a similar impact on technology suppliers to the industry, with those who act as a data controller or data processor also bound by and required to comply with the changes to GDPR. Executive search firms and in-house teams will have to show that their systems and technology are compliant.
It’s not all doom and gloom
However, whilst there are significant financial and reputational implications for failing to comply with the changes, it is not all doom and gloom. Instead, rather than focusing on the burden of preparing for GDPR and the penalties associated with breaches, the new rules can be viewed as an opportunity to enhance working practices and the quality of data stored.
Compliance with GDPR will foster a culture of data confidence among an organisation’s clients and candidates. Moreover, a greater level of transparency and accountability for information held and transferred will enhance working practices. GDPR is an opportunity to enhance the quality of data held as the changes will ensure businesses invest more time in thinking about the data that they capture, its future use and how it is stored and transferred. Adhering to GDPR is a demonstration of the quality of your operations and will strengthen relationships with clients and candidates through a greater level of transparency and increase confidence that you adhere to the highest standards.
Partnering with the right technology provider
At Invenias, we are committed to working in partnership with our customers to ensure a streamlined journey to compliance. Our customers benefi t from data protection being at the heart of the design, build and operation of our technologies. Whilst the changes do not come into eff ect for over a year, investing time in understanding and planning for the legalisation will ensure that any required changes can be carefully considered and that GDPR will cause minimal disruption to your organisation.