According to a 2015 survey conducted by the Personal Data Protection Commission (PDPC), 92 percent of the employers are aware of Personal Data Protection Act (PDPA), and 86% have implemented some compliance measures.
In the context of recruitment of talents for your company’s career opportunities, what are some of the key things to bear in mind of?
Concept of Deemed Consent for Job Applications
The PDPA provides for “deemed consent” to apply in certain situations. For example, a job applicant who voluntarily provides his personal data when applying for a job with the organisation may be deemed to have consented to the organisation’s collection and use of his personal data for the purpose of processing his job application. Consent is not required to collect, use or disclose personal data when it is necessary for certain evaluative purposes as well, for instance, obtaining references from a potential job applicant’s former employer to determine his suitability for employment.
Securing Personal Data
Making reasonable security arrangements to protect personal data in its possession or under its control is another obligation under the PDPA.
One of the key measure companies can take is to ensure that personal data collected is only made accessible to authorised personnel. With the use of StaffOnDemand, job applicant data is only made accessible by the appointed hiring team and HR administrators.
At the same time, HR administrators are also able to have an overview of the access and view activity of the users through the activity stream with granularity on a per job basis. On a company overview level, HR administrators are also able to have an audit trail of all recruitment activity on a system-wide basis.
To review all the obligations set out by PDPC for companies to comply with, we have a quick summary here that would help you quickly understand what it takes to be compliant under the PDPA.
DPO Connect March 2016 - Protecting the Personal Data of Job Applicants and Employees