Employment Screenings
Employment screenings are a business necessity to protect the security of the organization, and the safety of the workforce, customers, clients, and the general public.
Pre-hire background screenings have become essential practices in an organization’s standardized hiring process to identify potential risks during the qualification and verification of applicant credentials.
Many employers who use pre-employment screenings feel confident that pre-hire screenings make a more informed hiring decision. Due to that confidence some of these employers do not choose to conduct screenings of current employees. These employers reason that a good hire transitions to a good employee and therefore there is little reason to continue to assess risk.
However this reasoning can lead to a false sense of security. The safety and security of employees and protection of business interests cannot be taken for granted. While the use of pre-hire screenings has been shown to help reduce workplace violence, employee theft, and negligent hiring, a screening report is only a snapshot of the applicant’s history of certain activities at a set point in time. The screening, by its nature, cannot show the applicant’s current activities nor predict his future behaviors. A once and done screening practice opens the employer to potential risk even though the new hire is considered the right hire for the job. A screening is a historical reference to past behaviors. By conducting only an initial screening, the employer has a risk that the screening failed to capture critical information indicative of future risk. There is always a risk that the new hire changes his behaviors once he is on the job.
For business protections of security and safety, employee screenings should not be a one-time event. Instead, employers must take the initiative to identity potential warning signs of risky behaviors at any time throughout the employer-employee relationship. Conducting screenings only during the hiring process creates a dangerous gap in security risk management practices. A better practice is to screen throughout the entire tenure of an employee. The practice of continuous integrity and background screenings should be considered by employers as an important risk mitigation tactic against insider security threats.
Post-hire periodic screening is a pro-active measure to help assess the employee’s current risk to the organization. An organization has a vested interest in retaining the employee, having spent considerable time and money in recruitment, hiring, employee training, education, and company benefits. The employee has been allowed entry to company buildings, use of company property, and granted access to proprietary data, product information, customer records, software and systems management, and other operational data. The employee may have responsibility to interface directly with customers and/or the general public as an agent of the organization, thus greatly increasing the organization’s potential for liability.
As a re-check, periodic background screenings serve as a risk management tool to enforce the organization’s standards and hold the employee accountable for his actions. Periodic background checks could discover new information that was missed during the pre-hire screening or identify suspicious activities or behaviors currently taking place that are of concern. A re-screening could help protect the organization against employee theft, embezzlement, fraud, and workplace violence. An employer may be blind to employee criminal activities unless a screening is conducted, an event is discovered after the fact, or an employee self-discloses his activities.
Proactive measures and post-employment monitoring techniques are important for privacy concerns and data protections. Employees have more access to critical data than ever before. Financial fraud and theft of confidential data by trusted employees and senior executives have become a serious concern for organizations. Employers must be more attentive to security access of systems and proprietary data and ensure that safeguards are in place including ongoing background screening of all employees with responsibility for and access to corporate systems.
There is movement toward enhancing security and risk practices to conduct continuous, real-time, post-hire screenings by ongoing monitoring of employees. Some employers have taken a greater initiative to protect their business by implementing continuous or rolling background checks on employees. Continuous screening uses automated monitoring of criminal, civil, and licensing databases to update employees’ risk profiles for events such as criminal convictions, lawsuits, or financial behaviors that could signal potential risk or require immediate attention by the employer.
While there are legal risks to conducting background screenings, there are legal risks if an employer does not conduct adequate due diligence through employee screening. Post-hire screenings help protect employers from claims of negligent hiring and negligent retention. The legal doctrine of negligent hiring holds employers to a duty of care to assess the nature of employment, the degree of risk the employment poses to third parties, and to conduct reasonable investigations to ascertain the applicant is competent and able to perform job duties. Duty of care extends to reasonable measures to ensure the safety and security of the employee workforce. The burden is on the employer to be alert to potential risk issues and to take appropriate steps to resolve matters in a timely, responsive manner. The organization cannot cite lack of knowledge as a defense against claims of negligence. The employer can be held responsible for the conduct of the employee if the employer failed to use due care in the hiring and retention of the employee.
The organization must protect its customers and the public from harmful behaviors by the organization’s employees. It is possible that an employee’s financial hardship or domestic circumstances could have changed considerably from the employee’s date of hire. It is entirely possible the employee could not meet the current hiring criteria. As an example, a re-screen of the employee’s credit records may show financial difficulties that could lead to the employee’s mismanagement of company funds or other action detrimental to the organization’s well-being.
Employers must comply with applicable federal, state, and local laws in developing and implementing their employment screening policy and practices. The Fair Credit Reporting Act (FCRA) is the federal statute requiring specific written authorization and consent by an employee before an employer can conduct background screening. Due diligence is required of the employer to determine specific requirements for consent, authorization, adverse action notifications, and protection of consumer rights. Additionally there may be requirements and restrictions under state and local laws regarding the use of background checks for employment purposes, for example, Ban the Box laws in certain states or Fair Chance initiatives in certain municipalities.
Legal counsel may be advisable to provide guidance on employer legal obligations, screening policy limitations, and employee informed consent for post-employment screening. The organization’s screening policy must also take into account that an employee may refuse to consent to continuous screening or that a negative event has occurred that will require individualized assessment of the event or termination of employment as the appropriate course of action.
A risk assessment may be appropriate to determine the organization’s policy and the level of screening necessary for business protections and legal compliances. The interaction of employees with the general public, the organization’s customers, and the vulnerability of such populations may have a direct impact upon the type and frequency of screening necessary for safety and security to protect others. An employment policy must be non-discriminatory and based upon needs of the business and the population, internal and external, that it employs and serves.