Within CareerWise Recruitment we have taken General Data Protection Regulation very seriously as it is a question of trust between candidates and companies alike.
While the effects are perhaps not immediately noticeable, in reality small businesses have been hugely affected. Firstly, there is a great amount of uncertainty in relation to consequences. For example, a €20 million or 4% of global turnover fine (whichever is greater) is a huge consequence for a small to medium sized business when it has the potential to close a business.
It is really important to remember that the purpose of the law is preventative not punitive i.e. it is not designed to catch a company out but to protect the individual service users/customers of that company from disregard of privacy concerns.
Indeed, it seems that the initial consequences are being felt by big businesses whose practices have been questionable. Recently, cases have been filed against social media giants seeking €3.7 billion, including its subsidiaries (seeking €3.9m). These cases revolve around the concept of “forced consent”.
This is not the only case been taken against such companies with an investigation being launched by the Irish Data Protection Commission into the cyber-attack that allowed hackers to access on line accounts. Not to mention the Cambridge Analytical scandal.
Why does this matter to companies worth billions? – loss of trust! Eventually, the scrutiny that companies like this will face both from regulators and the public will force them into a position of compliance. But also, that loss of trust will seep out into individual’s everyday lives. They will start to think of the consequences of a data breach, ask why companies need data, ask what companies are doing with my data – it may even lead to an increase in data requests.
Large companies can only afford to maintain such losses for a period and the administrative difficulties that arise from numerous data requests, but small to medium businesses cannot afford such losses. Even if a fine is not applied to the business the loss of trust arising from a complaint to the Data Protection Commissioner would be astronomical.
Think of it in the context of recruitment. Applicants will be aware of data protection. They will be conscious of it. It is now known what the dangers of a data breach can be. Therefore, if a recruitment company fails an audit, or is complained by a member of the public to the Data Protection Commissioner it will place the seed of distrust among candidates. There is only one Facebook but there are many recruitment firms. In a market where there are plenty of recruiters in the sea, a candidate may be inclined to forego contacting a firm based on its data privacy history. This in turn will lead to companies asking, “why am I not getting good CV’s from my recruiter”.
Indeed, a poor data privacy history would dry up the pool of potential customers who may be jointly liable for any future breaches! Not to mention the costs to a small to medium firm who would now need to allocate resources to review increased data requests could potentially be the final nail in the coffin.
While many still believe that GDPR is nothing more than a phenomenon that will pass with time it is looking like it is here to stay.
What then is the best course of action? Well, prevention is better than cure. Knuckle down, put on your thinking cap and get your GDPR program in place!
We at CareerWise Recruitment have worked diligently with the implementation of General Data Protection Regulation. We are very interested in speaking with candidates and clients alike, and you can rest assured that when you are dealing with CareerWise Recruitment GDPR matters, TRUST matters and YOUR DATA matters to us.
Upload your CV to apply for as many jobs as you like.upload your CV