Putting People First: Workplace Safety, Cybersecurity, and Background Screenings

Alla Schay, General Manager, Sterling Industrials, Government & Education
Original article published in the July 2020 issue of HR News.

Now more than ever, a smart, well-executed employment screening program is vital to workplace safety, and helps companies create safer environments for their employees, vendors, partners, and the communities they serve. For companies that are hiring through the Covid-19 crisis or looking ahead to hiring post-crisis, this is applicable to organizations of all sectors and sizes—whether public or private, small or large.

But how do you know if your organization’s screening program is sufficiently comprehensive and thorough? For HR leaders pondering that question, below are important insights on risks and solutions to consider as you assess and determine the best path forward for your own screening program.

Building on Pre-Hire Checks

Pre-employment background checks are a well-known and integral first step to providing a safe and productive working environment, protecting not only an organization’s employees and customers—but also its hard-earned reputation, equipment, and property. A pre-hire screening often consists of a basic criminal background check, verification of academic qualifications and work history, and a drug test. Depending on the role, additional identity, health, fitness, and financial checks may also be conducted.

These measures are all effective in screening new employees about to be hired. Many organizations also consider screening programs for employees after hire, as well as for employees who have been at the company for some time. And now, amid the Covid-19 crisis, many companies contemplate screening programs for re-hiring employees and bringing employees back after a furlough, post-crisis.

These are important considerations because, while standard pre-hire checks play a role in strengthening the reputability of your talent pool, they do not, unfortunately, catch post-employment infractions. Further, the insider threat—including nefarious actors who deliberately leverage positions of trust and access—poses serious risks, both physical and cyber, to workplaces across the spectrum of industries.

The Insider Threat and Risks to Cybersecurity

According to the McKinsey report on company data breaches:

• Malicious intent accounts for 38% of cyber breaches driven by insider threat.
• Some companies have lost hundreds of millions of dollars.

Another effect is reputational loss. With seeds of doubt sown among current and potential customers, all aspects of an organization’s operations—from recruitment to customer retention to new business—can all be massively impacted.

And what other factors also play a role? According to Ernst & Young, the majority of data loss incidents have resulted from the actions of internal users and trusted third parties. Further, company cultures of openness and collaboration, which have increasingly become the norm, carry risks from a data security standpoint.

Of course, that is not to say that openness and collaboration are overall negative or detrimental to an organization—but the broader point is that risks always need to be accurately assessed and, when possible, minimized. Thankfully, there are proactive screening strategies available to employers that help identify potentially troublesome employees and, ultimately, significantly reduce the insider threat.

Reducing Risk: Continuous Monitoring and Social Media Screening

While some organizations were forced to lay off or furlough staff, and others enacted hiring freezes, some organizations needed to ramp up their hiring through this crisis. As we worked with our clients that needed to hire essential workers – and hire them quickly – we relied on our flexible technology platform and business processes to help them adjust and adapt their background screening programs. Today, we are now in discussions with many of our clients to, as discussed earlier, re-hire employees, bring workers back from furlough and just hire more people in general as we anticipate a post-crisis economic upturn.

Our discussions with clients have also included measures such as continuous monitoring and social media screening. When adeptly executed as part of a comprehensive screening program, continuous monitoring can be very successful at managing workplace risk, as criminal behavior that increases risk and liability are all screened for among current employees on an ongoing basis, rather than just pre-hire.

Further, periodic rescreening—which is based on the same principle as continuous monitoring, albeit executed at less often intervals (i.e. monthly or quarterly instead of daily or near real-time)—is also available as a solution to employers, who, without such measures, enhance their vulnerability to internal risks. When discussing continuous monitoring and periodic rescreening with your screening provider, ask them about their compliance procedures, as both types of screening are subject to Federal Credit Reporting Act (FCRA) guidelines.

Additionally, a new and emerging method becoming more commonly used by employers is social media screening—applied to new hires, as well as applied to current employees as part of a continuous monitoring program. An advanced social media screening program will leverage machine learning, guided by human oversight, to assess publicly available online content in conjunction with your own HR policies.

Like continuous monitoring, social media screening can help safeguard your company’s reputation, identify indicators of toxic behavior, and recognize troubling patterns that could affect your organization’s reputation. One caveat is that, on this front, in-house solutions are often not the best approach, since social media screening will occupy valuable staff time and, result in inconsistent collection and evaluation of data.

As you continue navigating through this crisis and as you consider your hiring and screening program coming out of the crisis, fostering a safe work environment is critical for businesses, employees, and customers across the globe. It is also important to note: effective background screening programs are far from one-size-fits-all. Especially now, they should be tailored accordingly to address organizational needs, while also taking into account the broader workplace landscape as well as ever-evolving regulations. By leveraging available screening tools to properly assess and mitigate internal risks, your company will be in a better position to provide that coveted foundation of trust and safety, and ultimately protect your most important asset, your people.

Sterling is not a law firm. This publication is for informational purposes only and nothing contained in it should be construed as legal advice. We expressly disclaim any warranty or responsibility for damages arising out this information. We encourage you to consult with legal counsel regarding your specific needs. We do not undertake any duty to update previously posted materials.