July 21, 2017 – A few months ago nobody seemed to have heard of GDPR. Suddenly, people in the search world are waking up to the realization that this new regulation will come into effect on 25th of May 2018, less than 9 months from now. Quite rightly, we want to know what it’s all about, why it matters, and what it will mean for us.
We’ve heard something about GDPR. What is it exactly?
GDPR – the General Data Protection Regulation – is a strengthening of existing Data Privacy laws. In essence it’s about two things: making sure that companies and other organizations take proper care to look after the personal information that they hold and protect against the possibility of data breach; and giving the individual the right to know what information is being stored on them by organizations and the right to insist that the information is accurate and up-to-date.
Who is covered by GDPR? Doesn’t it only cover the EU?
Any organization that holds personal data on EU citizens (even if outside the EU) or that directs its business in the EU is covered by GDPR. The law applies equally to charities, businesses or other bodies.
How will it affect search firms?
In order to comply with GDPR, search firms will need to make sure that their IT systems are fully secure, that they handle personal information in an appropriate manner, including obtaining affirmative consent from the individuals whose data they are handling.
What do we do about the database? Isn’t that going to be a major headache for search firms?
In order to hold personal data for the long-term, obtaining affirmative consent from candidates will be mandatory.
Dealing with the existing database (legacy data), is no different. On-going consent for holding the data will be required. If you already have a policy of regularly obtaining consent from executives who submitted their CVs / resumes, then this would probably be accepted as sufficient for GDPR purposes. Most search firms, however, still hold huge volumes of personal data where no such consent has been obtained, or where there is no process for renewing that consent on a regular basis. You might want to start by cleansing the database, removing records that are of little or no value, and then work out how you’re going to deal with the records you want to keep. Not Actively Looking can help you, as it has been designed from the outset to be fully GDPR-compliant and is more likely to be able to handle these complex requirements.
How will search firms deal with notes or correspondence which the candidates cannot self-manage?
Not Actively Looking also provides a GDPR solution for the data input by the search firm on an executive, such as notes, tags, correspondence and so on.
What about the future? How will this change the way that search firms operate?
We live in the era of the self-managed profile. Given that LinkedIn now boasts 500 million profiles, and that 99% of these are not executive level, there’s clearly a need to find a way for senior executives to manage the way that their information is handled by search firms.
Executives don’t want to share confidential information on an open networking platform. They do, however, want to make sure that confidential career information held by search firms is up to date. Not Actively Looking allows executives to manage their own profiles with search firms. Instead of having a database where 80-90% of the records are out-of-date, self-managed profiles should mean that the majority of candidate records will be up to date.
So what is the future going to look like for the search industry?
For one thing, the smart firms are going to adopt best practice and will be embracing the respect for personal information that is at the heart of GDPR. They are also going to be much more careful about what information they keep and why. We’re going to see executives managing their own profiles, updating, changing, deleting information as needed and using platforms like Not Actively Looking to share confidential information with search firms. Ultimately, this will cut down search firm workloads.
To learn more about how Not Actively Looking can help you, please email us at email@example.com