Attitudes to Privacy and data protection and changing for the better and it is vital that businesses embrace these changes and lead the way in a culture of improving their use of Data.
2018 saw the introduction in Europe of GDPR and since then there have been numerous high profile cases of fines being imposed on companies such as Facebook to punish them for their previously lax attitude to data privacy. This in turn has seen them significantly restrict access to their data, most notably for me, they have blocked the access to Intelligence Search and our 125,000 users who had previously access to a very substantial amount of Facebook data.
In spite of my loss of a significant userbase, I actually think that these changes in attitude are a good thing and would very much like to see more businesses adopt a proactive approach to their use of data. While the introduction of legislation may be viewed as yet another stick to keep data controllers in check, I believe the risks and liability of having data is much greater than any potential fine that this legislation may impose on a business.
The Liability of Data:
I used to think that data is useful so the more you have the better. I was happy for our customers to store data provided that it was properly categorized so that it could always be found when appropriate. My Attitude has changed, and I now see data as a liability and the less you have the better.
Consider the scenario that a business suspects that it may have had a data breach. This could be as the result of a virus on a computer, an employee leaving the business, loosing a mobile phone or purely accidental with an email address entered in a CC filed rather than a BCC field. On many occasions you may not even know if there has been a data breach or not, if you lose a LinkedIn password how do you know if this has been accessed by anyone and all your connections and messages have been downloaded? Regardless of the cause, this now triggers a requirement on the business to notify all potentially affected people (data subjects) of the breach. Even if there was no data breach or no consequences of the breach, the reputational damage to your business of having to notify all your candidates and clients that this may have happened can be very significant and costly.
There are so many potential problems of owning and managing data that the safest option is not own it. For data that does need to be kept it needs to be actively managed, kept up to date and deleted as soon as it is no longer needed.
For our part, as a provider of information management systems for recruiters (CRM/ATS), we strive to provide our customers with the tools and resources to manage their data. In the first part, tools to audit data and understand what’s needed and what can be deleted. Then for ongoing management, tools to keep data up to date, maintain relationships with candidates and clients and ensure that legalisation can be easily complied with.
For more information about how we can help your recruitment business better manage your data, please get in touch.