When you grant employers permission to run background checks and credit checks on you, where does all that confidential information go?
Last year we asked Does Human Resources go too far? Now, a subscriber who is an HR professional suggests that Pandora’s Box has been opened. He points out that in their zeal to protect themselves and their companies, HR departments may be covering up illegitimate and possibly illegal practices.
When HR outsources background checks and investigations of candidates, is HR merely doing its job, or is it ensuring plausible deniability while letting loose an investigative demon that systematically violates people’s privacy and feeds the specter of identity theft? Does HR go too far when screening job candidates? Hold onto your seats. We’re about to take a rough ride through a nasty landscape.
I’m not disclosing our insider HR executive’s name for obvious reasons. I cannot confirm every claim he makes, but we spoke and I find him credible. If some of his insider claims seem farfetched, I’d love to hear any rebuttals. Here’s what he has to say.
An HR insider speaks up
Regrettably, all these [background investigation] procedures and processes are advocated by the Society of Human Resource Management (SHRM), as reading its web site will reveal. And, just as regrettably, many HR people fall right in line, like little ducklings swimming behind the mother duck of SHRM. It’s the latest rage, and every HR person wants to be a part of it.
Background checks galore
With thousands of people applying for each job and the jobless rate for skilled and white-collar workers at a recent all-time high, the applicants, like sheep being led to the slaughter, will subject themselves to almost any practice and jump through almost any hoop to get a job. The theory is that any job is better than no job.
The background-check processes are, the majority of the time, being outsourced to security companies that have turned these processes into a lucrative business:
- background checks
- personality testing
- criminal checks
- educational checks
- military service checks
- employment verification
- reference verification
- credit checks
- drug testing
- searches into legal agreements
- scanning of your phone records
- scanning of your Internet activities and e-mail
- and so on.
This total invasion of privacy beyond your wildest dreams (actually, nightmares) is outsourced. The worst part is that much of the data and information these outsourced security agents collect is erroneous.
Have you been checked without knowing?
HR will narrow the list of candidates down, and then turn the outsourced security investigators loose on that list. Background checks are often done before the first interview, and before any sort of an agreement, authorization, or disclosure is signed by the job applicant.
You will never know about it until you order a copy of your credit report and find all the inquiries (that’s the first sign) and wonder, who in the devil is that who has run checks on you?
The larger outsourced security and investigative companies have started keeping databases of their own. One advertises they have a database of over 1.5 million people for employers to run their candidates against. If you have signed one disclosure for one employer, the investigations company that did the checks will keep the information about you in their database and then just re-sell the results to their next client.
Do you know where your background checks are?
They start with a name and phone number and e-mail address from a resume or application. Then, they cross-reference information until they get a date of birth or social security number and go from there. When an applicant walks into HR for that first meeting, they already may have been investigated. Never mind that much of the data gathered may be erroneous. The “data” was gathered at arm’s length, but the employer will treat it as absolute fact.
Security and background checking has become a lucrative business. The outsourced investigators are starting to sell that information amongst themselves, expanding their databases and increasing their profit margins. The shuffling around of this data only makes its accuracy even more questionable.
This is an industry that is almost totally unregulated. The multiple levels of outsourcing and subcontracting yield enough plausible deniability to the companies themselves, and their clients, that abuses run rampant.
The statement above was submitted to Ask The Headhunter unsolicited. I’m grateful for the permission to publish it. Once again, I cannot present it as fact — but I have encountered examples of many of the claims. If anyone in the investigations business would like to comment on these allegations, please do so below or feel free to contact me. This is worth discussing and researching further.
Where is the accountability in background checks?
When HR asks you to provide information that is confidential to you, or to sign permission for your background to be investigated, or to waive liability if your confidential information is leaked or misused, HR must be accountable to you. Whether or not we have hard evidence of abuse, I am convinced there is a serious problem with this part of the hiring process at many companies.
While some employers may be innocent, we need to ask whether they are being responsible. Others are overstepping the bounds of what is legitimate and ethical – and possibly legal — when conducting aggressive background checks on job candidates. Worse, employers may be putting you at risk because they presume to entrust sensitive information about you to third parties with whom they have only an arm’s-length relationship. Where is the accountability?
Do you know how your confidential information is being used?
Job applicants need to be aware of the risks they take when divulging information about themselves – any information. It seems that even your name, address and phone number might be enough to allow an employer’s investigator to access every nook and cranny of your life without your knowledge. If the law is being circumvented, then the law needs to be enforced – or our legislators need to start working on laws that will protect our privacy.
In this day of heightened sensitivity to security, it’s important to recognize that the problem lies not in checking people out. The problem lies in unethical, unwarranted and possibly illegal procedures conducted at arm’s-length from employers by third parties. In some cases, there’s a cascade: An employer outsources reference checks to Service A, which in turn outsources criminal and credit checks to Service B and Service C. (Read about one third-party investigations company that’s so “arm’s-length” it conducts automated background checks.) Who’s accountable — the independent investigative service, or the employer?
Time out for questions
A responsible employer should have good answers to these questions, and a job candidate should not hesitate to ask any of them before submitting even a resume. If this list seems over the top, perhaps it is. I think every item is legit, but you must decide which ones are important to you.
- What kinds of checks does the employer conduct? Are they legal?
- Is the candidate notified in advance and given the opportunity to decline to be investigated? Is the permission form clear and easy to understand?
- Who is conducting the checks — the employer, or a subcontractor who in turn subcontracts the investigations to yet another firm?
- What information is gathered? How is its accuracy determined? How valid and reliable is it?
- Does the candidate have an opportunity to review and confirm or contest the information?
- Is the information secure? Who has access to it? Is there a risk of identity theft?
- Who owns the information and what rights do they have to it?
- Is the information maintained in data bases not directly controlled by the employer? For how long?
- Is the information made available to any other parties at any time for any reason? Is the information re-used or sold?
- Does the candidate have the power to limit or rescind rights they have granted for use of the information?
- What responsibility and liability does the HR department accept regarding the collection and use of your private information?
- Last and most important, is the employer prepared to sign an agreement to protect you and your private information?
What are the risks if you apply for a job without answers to these questions?
Time for less invasive practices
Maybe the biggest question we’re left with is the one we originally asked: Does HR go too far when screening candidates? It seems that HR routinely abuses the job seeker’s frame of mind — often that of a terrified supplicant — when it indiscriminately demands all plus the bathroom sink before it consents “to proceed with your application.”
Does anyone seriously contend that HR doesn’t ask for more private information than it really needs? Having immense power over relatively helpless applicants is no justification for unnecessarily abusing them. I’ll echo our HR insider’s implied challenge to the SHRM: When’s the last time your august group recommended less invasive practices?
Until HR owns up to its responsibilities, maybe the job seeker’s best protection is to lay their own confidentiality agreement on the table – and decline to divulge anything until the employer signs it and makes itself accountable.
What’s your experience with background checks when you apply for a job? Have you encountered any of the issues our insider enumerates? If you work in HR, can you confirm or deny what he presents? What can job hunters do to protect themselves?