Navigating the Path to Compliance in the Hiring Process

A photo with text saying 'navigating the path to compliance in the hiring process'

Maintaining compliance in the hiring process has become more critical than ever before. As organisations strive to attract top talent, they must also navigate a complex web of legal and regulatory requirements. The process of hiring is fraught with potential pitfalls, from discriminatory practices to improper documentation, exacerbated by the black box that the hiring and interviewing process can sometimes be. Employers must proactively equip themselves with the knowledge and tools necessary to ensure that every aspect of their hiring process aligns with legal and ethical standards, whilst fostering fair and inclusive hiring practices.

Employers need to create a robust framework that prioritises compliance at every step, from inclusive job descriptions to candidate selection, legally compliant interviews to assessment strategies. It is essential to understand relevant employment laws, embrace diversity and inclusion and maintain accurate records to demonstrate compliance when needed.

All of this has become even harder with the chaos being created in the hiring world by ChatGPT and Generative AI. It has given candidates more power than ever before and has a lot of employers scrambling to answer several key questions when hiring; is our hiring process fit for purpose? Are the candidates being interviewed a true reflection of the candidates that applied? Are we being compliant with changing regulations?

Non-dynamic hiring

Part of the reason why there is a risk of non-compliance is due to the fact that many companies do not see their hiring as a dynamic process, without considering any continuous analysis and improvement that could be done.

This has created outdated and sometimes irrelevant materials and criteria for the job being hired for, coupled with employees being expected to run assessments and interviews with little or no training or guidelines on what they can and can’t ask. The lack of control or oversight is a core issue with this, but trying to address this can make it feel over-engineered and over-staffed. Companies are underprepared and unaware of the impact of new tools and technology on hiring and candidates, with ChatGPT being the most stark and relevant example of this. The exposure to risk and non-compliance is potentially increasing.

So what compliance are you in risk of

GDPR, Data Protection and Privacy

In order to run any hiring process there will always be the handling and processing of protected and identifiable data, so GDPR and privacy must be considered. For certain processes this may require consent, but will always need a detailed and documented explanation of the usage of that data, how it is gathered and stored and what happens with requests for data and the right to be forgotten.

Where this becomes complicated or where there is greatest exposure to risk is not only proving compliance, but in the requests for data or the right to be forgotten. As the candidates are the data subjects, they can request to have any and all data related to them from the hiring process. This includes any notes that have been taken, any recordings of interviews or audio and assessments or comments made on them. This can often be in emails, on employee devices or written down on pieces of paper, which obviously poses a significant challenge for the awareness of what data there is or the control and monitoring of this element of compliance. If there was to be a request from a candidate, it would be very difficult to fulfil it.

Data Loss Prevention

A lack of control, monitoring and tracking are key reasons why data loss prevention is a key consideration in compliant hiring. This again relates to the disparate sources and copies of data that can be created in a company’s hiring process. 

Compliance risk is heightened when there are hard copies or printouts with candidate data on, such as CVs, candidate lists and notes from interviewing. This is also the case for this type of data on staff devices. Often it is not possible to know what data there is on candidates or where it is being stored, meaning there is no way to even know what level of compliance there is.

Employment law and discrimination

Another component of compliant hiring is ensuring that there is no discrimination at any stage of the recruitment process. In the UK, key rules derive from the Equality Act 2010 and the Employment Statutory Code of Practice, ensuring that an employer treats all candidates equally regardless of differences between them based on protected characteristics. Similar legislation exists in other countries, with the protected characteristics differing from country to country, which exposes more risk if a company is hiring internationally, or has operations in multiple countries, as they will need to ensure they are compliant with the relevant laws in that country.

These rules not only regulate the types of data that can be used or stored, but more importantly discrimination laws stipulate that there are certain questions and topics that an employer can not ask a candidate about. Where a company has multiple interviewers running sessions without any guidance, oversight or data capture, this becomes a significant compliance risk.

Compliance and Generative AI

A new challenge the recruitment industry faces is in generative AI, such as ChatGPT, being used by candidates in interviews and assessments, especially one-way video interviews. Whilst candidates should not be discouraged from using all the tools and resources at their disposal, it does put those types of assessments at risk and brings a potential chaos to the system. It will become even more difficult to assess candidates without considering the use of these tools and how to make assessments and interviews “ChatGPT resistant”.

However, it can be argued that being resourceful and asking the right questions is something to be valued as well, so why disadvantage those that are using it, if they could in theory continue using those tools once they have the job. It should also not be forgotten that a resourceful candidate could also find the questions that they could expect through online research, where other candidates have posted what to expect of a certain company’s hiring process, and prepare their responses ahead of time anyway. 

Ultimately the use of these tools brings forth unknowns and concerns about misuse, but all companies can currently do is develop robust and relevant assessments and interviews and run them consistently and thoroughly so that they can still discover the best talent.

Ensuring compliance

The challenges faced by companies is being able to prove their compliance, adhere to requests for data and what steps to take to reduce the risk. 

It is not currently a legal requirement to report or prove this type of compliance, but there are arguments that it should be and being able to do so creates a safety net for both interviewers and candidates.

There are two approaches that can be used together to help with this: policies, processes and procedures, and tools and technology. Setting up the required and relevant policies, processes and procedures is the first step to establishing compliance and sets out the best practices for adhering to the relevant rules and regulations.

In order to comply with them, centralised systems can be used for control, oversight and reporting within the hiring process. Further to this, increasing the consistency and structure of assessments and interviews ensure that they are relevant to the company and job being hired for. Furthermore, tools that allow for data capture in interviews ensure that there is a record of the interaction, for both the company and the candidate, this is stored securely and is accessible, as well as relying more on data to make hiring decisions.

Achieving and maintaining hiring compliance is not a one-time endeavour but an ongoing commitment. As legislation continues to evolve, organisations must stay informed and adapt their practices accordingly. By prioritising compliance, employers can foster an environment of fairness, equality, and transparency, attracting top talent while safeguarding their reputation and mitigating legal risks.

Companies need to uncover the essential elements of hiring compliance and equip themselves with the knowledge and tools to navigate the complex landscape of employment laws, ensuring fair and legal hiring practices for a brighter future.

Equitas is your compliant, anti-bias interview assistant. We offer inclusive interview intelligence software designed specifically for fair hiring. If you are looking to create the fairest, most compliant way for your organisation to conduct live interviews at scale find out more here.