3.5 Misconceptions About GDPR
It is less than 6 months until GDPR becomes law.
There is an unending stream of blogs and whitepapers giving advice on how to become GDPR compliant – typically from solution providers claiming to have “the answer”.
In time, tested solutions will evolve but for now, there is no one size fits all – all recruitment businesses are heavy users of personal data, using data in a range of different ways.
100% compliance is unrealistic and the ICO is not expecting this: prioritising key compliance measures is crucial at this stage.
Compliance outputs (such as new privacy notices and contract updates) need to reflect how each recruiter collects, uses and retains data. Short-circuiting this data analysis process is likely to prove a false economy in the long run.
“Noise” in the market is leading to an increasing number of misconceptions about what GDPR actually means for recruiters, including:
- I need to obtain consent from all those whose details I hold on my database
- I can rely on LinkedIn’s or other job sites’ data privacy notices to lawfully process candidate data I download from those sites
- The CRM can deliver full GDPR compliance
- My recruiters will not have to change how they work.
Misinformed “advice” is leading some recruiters to develop compliance programmes based on wrongful analysis and assumptions. As a result many are unworkable, leaving the business exposed to GDPR risk.
In our second GDPR Webinar with Frances Lewis from Osborne Clark, we tried to dispel some of these misconceptions.
Why will this webinar be different from all the others?
Becuase, we have no GDPR solution to sell,
Our goal…….to help recruiters better understand what it means to them and focus their GDPR projects in an informed way.