Becoming GDPR Compliant – Step 5 of 12

Posted · Add Comment

In Step 2 of our GDPR blog series, we talked about the importance of data mapping: knowing where data is being sent to and who is handling it.

In addition to the obligation to map data, data controllers are obligated to ensure that their vendors properly handle the personal data entrusted to them.

As we have seen with data mapping, there is usually a data processing chain created when conducting pre-employment screening – so any data controller should look at two things:

  1. How it handles the relationship with its data processor (which we’ll explore further in a future blog post within this series)
  2. How that data processor manages its own vendor relationships

Now it’s time to continue the journey with Step 5 on the road to GDPR compliance:

“Vendor management – Through the GDPR looking glass”
In Step 5, you will learn:

1. The Past – The wrong side of the looking glass

2. The Future – Through the looking glass

3. The Present – Stepping into the looking glass

Click to read the full blog on our EMEA site

Did you miss a previous step? Read it here:

Step 1 – Candidate consent and information notices

Step 2 – Follow the Yellow Brick Road (a.k.a. Data Mapping)

Step 3 – Subject Access Requests

Step 4 – The Right for Data to be Erased

Download: The 2017 Employment Screening Benchmark Report
The 10th Annual HireRight Employment Screening Benchmark Report

The most comprehensive global survey of its kind – providing 10 years of insight on industry best practices.

Get Your Copy Now!


Caroline Smith

Caroline is a UK qualified lawyer with over 17 years’ experience and currently serves as HireRight’s Deputy General Counsel for the EMEA and APAC regions. When not “lawyering” or writing blogs, Caroline can be found striking yoga poses in remote locations such as Mongolia and Bhutan.

More Posts

Follow Me:



Comments are closed.