Archive for May, 2015

Dutch Criminal Records – Employers at risk of violating Dutch Data Protection Act (“DDPA”)

penpaperEmployers have a need to background check applicants for their criminal records for certain positions. The access and processing of criminal records in The Netherlands is, however, prohibited under the DDPA, unless one of the legal exceptions can be met. In practice, the use of the Certificate of Good Conduct (“VOG”) is most often made. This is a statement showing that an individual’s behavior should not prevent him/her from undertaking a particular type of employment. It is not a guarantee that an individual does not have a criminal record. A VOG is the only type of criminal records disclosure available to an employer.

VOGs are only issued by the Central Organization for Certificates of Good Conduct (“COVOG”) on behalf of the Minister of Justice. An application for a VOG must be completed by both the subject and the prospective employer.

Because an application for a certificate can take some time, employers usually ask an applicant to fill out a statement, in which they indicate if they have or have not committed any criminal offences. If an applicant report criminal facts through the statement, processing of criminal information takes place. If in the case of an employment agency, this statement is also shared with clients of the employment agency. Employers and employment agencies are of the opinion that this is allowed because they have received consent for the processing thereof from the applicant or temps. However, according to the DPA, this consent cannot be relied upon: a successful appeal to base the processing of personal data on the justification ground of ‘consent’ can only exist if the consent is freely given. In this case consent is not given freely because of the imbalance in the relationship between the applicant and the employment agency.

The practical application and implementation of the obligations of the DDPA that relate to background screening which companies and business must comply with remain an obstacle for many organizations. Other areas to review and evaluate are the processing, use, and access to copies of Identification Cards, Absentee Data, Consumer Credit as well as Data Retention. Know the rules of the road as it relates to what types of information and how it must be applied within the background screening process. The Dutch DPA can order enforcement actions, for example imposing an order subject to civil and criminal penalties.

Categories: Uncategorized

South Korea Passes Data Protection Enforcement Penalties with Teeth

The National Assembly-KoreaAfter the massive breach of credit card data last year (2014), South Korea recently passed even more stringent enforcement penalties for consumer credit information and card companies that violate personal data protection laws. The National Assembly amended the Use and Protection of Credit Information Act requiring credit information companies to pay damages for personal data breaches and for mishandling customer data. South Korea’s Personal Information Protection Act (PIPA), came into force on 30 September 2011, and is one of the most stringent data protection regimes in the world. The Financial Services Commission has doubled the penalty for credit card companies that lose customer data under the Specialized Credit Financial Business Act, extending the period of business suspension to six months.

“The Truth You Need”, is a summation of Aletheia’s consulting philosophy. Country Level Background Screening Essentials provide the information today’s global HR professionals need when implementing global background screening programs. Schedule a meeting with us to learn how we can help you give your clients what they’ve been asking for! or 240.284.5066.

Categories: Uncategorized
%d bloggers like this: