Recruitment hot topic - Cyber attacks and data protection

A pressing risk in the UK and in particular the recruitment sector is cyber attacks and subsequent data protection. From ICO statistics published on their website in Q3 last year, recruitment was the 11th highest category of data breach incidents.

This concerning statistic is not hackers as much as human error that leads to data breach within recruitment business.

James Mullock - Head of Data Privacy and protection at Osborne Clarke offered the following advice:

“Recruiters must remember that if their websites are hosted, managed or maintained by a third party they are still responsible for protecting their user's data. Therefore, ensuring that you've contractually agreed with your supplier the appropriate technical safeguards to protect your users' data and robust liability apportionment provisions if they fail to do so, is essential. Getting the supplier contract right is even more important where that supplier sources some of their support from outside the EU, as this is where the complicated data transfer laws come into play.

Where recruitment consultants are using social and professional networking sites their employers need to have clear policies in place to protect personal data. They also need to make sure work done on the sites belongs to the employer rather than the consultant. "

Toni Dines of Bluefin offered her comments on the topic - “The recruitment industry is a digital sector. Given that recruitment is a data business, the most obvious risk to the business is a cyber attack. Recruiters hold lots of valuable information which if lost in an attack can be incredibly damaging, financially and in reputation. Ensuring data is secure is vital to mitigate the effects of such an event but adequate insurance to forensically handle the attack, deal with the breaches, notifications to individuals and then maintain 12 months of adequate monitoring are vital.”

To find out more contact our specialist recruitment team on 0845 894 4684.