Recruiter Privacy: Can You Tick The Boxes?

Photo by Markus Winkler on Pexels.com

The Office of the Australian Information Commissioner’s insights from its 2021-22 Assessment Program, recently published in Information Matters through its Privacy Professionals’ Network (29/04/2022), lists the following four steps that you should be taking.

  1. clearly document and regularly review your practices and procedures to ensure you outline the measures that are in place to manage privacy risks;
  2. implement regular and mandatory refresher privacy training for staff. This is an important part of entities’ privacy programs. Best practice is annual refresher training for all staff (including contractors and short-term staff);
  3. regularly review and test data breach response plans to ensure their plans are up to date and staff know what actions they are expected to take in the event of a data breach. It is also important that entities proactively monitor audit logs to help identify unauthorised access and disclosure of personal information;
  4. clearly document the operational relationship between your privacy and cyber security teams, as well as the roles and responsibilities of each business area. This will facilitate a coordinated response in the event of a suspected or actual cyber security incident or an eligible data breach.

How many can you tick off?

I especially like No #2. When did you last conduct refresher training for your staff? If you’ve not done it recently, you might like to register for the WorkAccord/ The Recruiters’ Casebook webinar on 3 May 2022, when we’ll be Talking Privacy and What Recruiters Need to Know.

Let’s talk!

Andrew C. Wood

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s