GDPR in Australia

Share on facebook
Share on google
Share on twitter
Share on linkedin

In an effort to update and modernize the principles set forth in existing data privacy law to guarantee privacy rights, the GDPR is Europe’s new General Data Protection Regulation. It commenced on 25 May 2018 and it’s designed to improve the access and control people have over their personal data by focusing on:

  • reinforcing individuals’ privacy rights,
  • ensuring stronger enforcement of privacy principles and rules,
  • streamlining international transfers of personal data, and
  • setting global data protection standards for businesses to follow.

First Advantage recognises that the GDPR will have a direct impact on many organisations in Australia. If you are an organisation that conducts business in the EU, or if you hold personal data of individuals who are located in the EU, your data processing activities involving personal data of EU residents must comply with GDPR requirements and you must be able to demonstrate that compliance. This involves following the five GDPR key privacy principles below:

  • Principle 1: Processing must be fair, lawful and transparent
  • Principle 2: Purpose Limitation
  • Principle 3: Data Minimization (e. process only what is necessary)
  • Principle 4: Data Accuracy and Currency
  • Principle 5: Limiting Retention

 

Almost every item of background check information that is collected from EU candidates (or a background screening company collects on your behalf) would fall within the definition of personal data under GDPR.

First Advantage complies in all aspects of the GDPR by providing transparency regarding its processing of personal data in the form of a Privacy Policy and establishing policies and procedures, which include requests for access, correction, or deletion of personal data.

Our platforms are designed to standardise the type of personal data collected and limit the amount of data needed to perform the requested background screening as well as having automated features to assist our customers with meeting data retention compliance requirements. Candidate personal data and other sensitive information is classified, labelled and handled as Confidential Data. We leverage data loss prevention technologies to help prevent personal data from being disclosed to unauthorized individuals.

Recently, we also launched our new Data Centre in Amsterdam to meet local data protection laws. This enables our clients to have the confidence their data and that of their candidates is secure, protected to the highest standards and complies with GDPR.

Lastly, First Advantage has appointed a Data Protection Officer for Europe.

For more information regarding First Advantage’s implementation of the GDPR, please email gdpr@fadv.com.