In an effort to save costs and undercut competitors’ prices, some background screening companies choose to outsource some or all of their employment screening duties to lower-cost overseas suppliers. These screening companies are, unfortunately, not obligated to disclose their off-shoring practices, leaving you, your applicants, and your employees unaware that personally identifiable information may be transmitted away from the protection of U.S. borders.
Why would a background screening company risk off-shoring PII?
Off-shoring certain background screening tasks can be a cost-effective option for employment screening companies who believe they must increasingly compete on the basis of price. The fact is, when employers focus more on price than on quality, it’s tempting for screening providers to look offshore.
In the process of outsourcing overseas, these screening companies may need to transmit personal data, such as social security numbers and financial account information, of the individuals undergoing a background check. The trouble is, consumer protection laws that guide privacy practices inside U.S. borders do not apply overseas, potentially leaving your company and employees vulnerable.
The dangers of outsourcing PII to foreign countries:
The U.S. has enacted strict laws to govern protection of personally identifiable information (PII), including the Gramm-Leach-Bliley Act (“GLBA”) and Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The federal Fair Credit Reporting Act (FCRA) was amended in 2003 to also provide additional measures to protect against identity theft. However, once a person’s data leaves the U.S., none of these protections are in place.
Certain countries, such as European Union members, enforce data and privacy protection laws, but if data goes to a country without such protections, U.S. citizens have no way to enforce their privacy rights, and it can be extremely difficult to access foreign courts or foreign law enforcement departments to file a complaint. Moreover, it is dangerously cheap for someone to purchase sensitive data in foreign countries.
Verify your background screening company doesn’t offshore: Look for the CRA seal
Fortunately, you can protect your organization from unknowingly compromising PII through off-shoring. There is a group of Consumer Reporting Agencies (CRAs) – employment screening companies – that have developed guidelines for “no-offshore” screening practices. Those companies that voluntarily comply are able to display a “No Off-Shoring” seal, certifying they’ve met the self-validated requirements.
When you work with a company bearing the “No Off-Shoring” seal, you’re choosing a company that has promised to keep PII onshore and to protect sensitive data according to strict state and federal laws.
To learn more about the “No Off- Shoring” seal, and to see if your company is part of the program, visit the Concerned CRAs website. Proforma Screening Solutions is a self-certified Concerned CRA. Look for us at www.concernedcras.com.