A recent study found that while 70% of compliance professionals feel that they'll be ready for the May 25 GDPR deadline, doubts loom.
Building a slide deck, pitch, or presentation? Here are the big takeaways:
- 70% of compliance professionals said they believe their hiring and recruiting will be GDPR compliant by the May 25th deadline. — Lever, 2018
- Despite confidence in GDPR readiness, 61% of compliance professionals are worried about how it will impact future hiring and recruiting. — Lever, 2018
Despite the looming impact of the General Data Protection Regulation (GDPR), 70% of compliance professionals said they believe their recruiting and hiring processes will be compliant by the May 25 deadline, according to a new study from Lever.
Of those that did feel ready for GDPR, it didn't come without a cost. Roughly a third said they had invested "significant time and resources" into GDPR compliance, and 73% said they had enlisted the help of legal counsel in the process, according to a press release.
GDPR is often associated with customer data, but it will undoubtedly affect the use of employee and candidate data as well. As such, despite their readiness, 61% of the respondents were concerned about how the GDPR would impact their recruiting and hiring processes, including their methods for sourcing potential candidates, the release said.
SEE: EU General Data Protection Regulation (GDPR) policy (Tech Pro Research)
Concerns were widespread across a host of different processes. According to the release, here's how the biggest concerns broke down:
- "Maintaining full records of recruiting processing activities" - 52%
- "Determining when to get consent from candidates" - 50%
- "Determining how long to store a candidate's personal data before deleting it or obtaining consent" - 47%
- "Selecting software vendors who will enter into GDPR compliant contracts and meet data security requirements" - 46%
Despite these worries, 90% of those surveyed who already handled sourcing will continue that job under the GDPR, the report said.
The GDPR states that a company must have "lawful basis" for processing personal candidate data, the release said, but many respondents were confused about what this means. Other points of confusion were when consent was needed, and how long data could be stored. The GDPR states that data can be stored "no longer than is necessary for the purposes for which the personal data are processed."
"The GDPR deadline is quickly approaching, but few are discussing the potential impact these regulations will have on how organizations source, recruit and hire their talent," Mike Walsh, director of product marketing of Lever, said in the release.
- Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic)
- GDPR and the cloud: How to manage suppliers in a changing world (ZDNet)
- EU General Data Protection Regulation (GDPR): A cheat sheet (TechRepublic)
- GDPR: These are the organisations which are least prepared (ZDNet)
- Time is running out on GDPR compliance: Find out if you're affected (TechRepublic)