Hiring Data Security: How to Responsibly Store and Protect Candidate Information

Data breaches are becoming a far too common news headline. Whether its major retailers or service providers leaving customer information vulnerable to hackers or massive outages disrupting use of critical workplace systems, businesses have to be smart about how they store and protect sensitive information. In human resources technology, attention is traditionally more focused on protecting employee data, including social security numbers, salary amounts, health benefits, etc. What employers often forget however is that they hold far more data in their cloud-based HR systems than employee pay and performance data.

Applicant tracking systems collect an incredible amount of data. For example, iCIMS Recruit processes over 32 million applications each year. That’s a lot of resumes! In the age of LinkedIn, it may seem that candidate work history and professional information should be public domain. But that doesn’t take into account that open access to something as simple as an email address can put job seekers at risk of data theft, in addition to the potential dangers of sharing personal phone numbers, home addresses or current workplace locations. Talent acquisition professionals should keep some security basics in mind when evaluating recruitment software for crucial, comprehensive data protection.

Reliable Service and Maintenance

Responsible data collection and storage lay the foundation for operational excellence; a business cannot successfully scale without the right systems of record in place. Nonetheless, the nature of any technology is to rapidly evolve which inevitably leads to challenges in adoption and maintenance. HR professionals should be able to rely on their software providers to keep their applicant data safe, available, and to have appropriate safeguards to prevent a data breaches. This way, the process of data protection feels simple thanks to the layers of security checks and backups behind the scenes. If an organization is using multiple services within their hiring process, such as background screening and assessments, it is even more necessary to have a talent acquisition platform of record that can be trusted to securely transfer candidate data with the utmost care.

Addressing Globalization Challenges with Localization

For international and enterprise organizations, job applicant data safety and compliance are more challenging than ever in a world of rapidly changing data protection and security standards. When the Safe Harbor agreement was annulled in October 2015, for instance, businesses that transferred personal information of European Union citizens to the U.S. for storage and processing were pushed into a state of uncertainty around international data flows. Since then, the European Commission and the U.S. thankfully agreed upon a new data pact, the EU-U.S. Privacy Shield, creating a new transatlantic data transmission framework as of last year.

To provide international business with hosting options that uphold Privacy Shield standards for data transfer and compliance, U.S. based talent acquisition providers are committing to expanding their own global footprints. By offering on-continent candidate data storage in European cities, businesses hiring and operating there have the option to more easily meet regulatory requirements and reduce business risk.

Proactive Disaster Recovery

Whether talent acquisition systems of record host data centers on U.S. or EU soil, a fully cloud-based structure is most ideal. This allows for more flexibility as your business scales, as well as enhanced security and easier recovery in the event of a disaster.

According to the Cisco Global Cloud Index, global data center traffic is projected to triple from 2014 to 2019, while cloud traffic within data centers is expected to quadruple during that period. A cloud-based infrastructure facilitates enterprise businesses’ abilities to deal with rising traffic levels, as well as soaring computing and storage demands.

As global data demands escalate, recruiters and their extended IT teams are on the hook for constant improvement within their technology-driven hiring practices. Data security works best when it’s proactive versus reactive. However, many HR and security professionals simply don’t have the luxury of being able to thoroughly vet, understand, and then protect all the new technologies that are being adopted or used. With an agile yet stable recruitment platform of record, they can rest assured that vast amounts of candidate data are up-to-date, backed up and easily restored when they need it.


Hiring Data Security: How to Responsibly Store and Protect Candidate Information

Written By

iCIMS Staff


March 7, 2017


Data PrivacyIndustry Trends

Want to stay one step ahead? Subscribe to receive the latest iCIMS thought leadership directly to your email.

Privacy Notice