Australian recruiters: Your data is your biggest asset. Are you confident in how it’s being handled?

Owen Senior
14 May
Reading time: 5 minutes
Share on linkedin
Share on twitter
Share on facebook

The reputation of recruitment agencies and recruitment professionals is built on trust; it underpins the relationship you have with candidates who trust you with sensitive information about themselves and their search for work. It underpins the relationship you have with your clients who trust you to act confidentially, in a compliant manner that never compromises their reputation. 

Your trust is placed in your ATS provider, whose platform contains all this information and activity. Transparency and trust is critical and you should consider this when selecting a vendor. The company you choose to partner with should always have your best interests at heart. 

What to look for and what to ask your provider:

Data governance

All good ATS systems will have a wide set of partners they integrate with, empowering you as a user to be more productive and efficient. JobAdder has the deepest set of connections in Australia, with soon-to-be live two-way integrations with both SEEK and LinkedIn, delivering a much richer talent search in combination with your database.   

Stay in control of your data

Integrations require clear data governance. Where your data goes is your choice. You choose whether you switch on the integration with SEEK. Same with LinkedIn. Same with the use of a reference-checking facility or a push to your HR system or job board – you choose whether to switch it on. And at any time, you have the choice to switch the integration back off. You have the right to ask your vendor for information relating to any integration to help address your concerns. 

JobAdder’s data privacy policy clearly outlines our governance. Your data remains strictly separated from all our integration partners, including SEEK. We do not share candidate data or customer-specific commercial data with any of our technical or commercial partners, and nor do they ask us to. 

Data sovereignty

As a branch of data governance, data sovereignty is the idea that data is subject to the laws and governance structures of the region in which it is collected. 

Being an Australian vendor goes beyond splashing the word across your company website and throwing “maaate” into your conversations. It matters to those corporates you serve, such as in the financial and healthcare sectors, who have mandates in place requiring you to store and process data within the same region. 

Do all organisations require this? Not at all. But the topic is increasing in importance. The question is whether you want to limit your business to only serving those that do not require data housed locally – not just now, but in the future. Before you make a decision, it’s worth a commercial conversation with your leadership team on whether you are prepared to miss out on those potential revenue opportunities.

Data security

Strong cybersecurity is a given with any market-leading ATS for the sheer volume of candidate data they hold. In the age of APTs (Advanced Persistent Threats) anyone who asserts themselves as being unassailable lacks a proper understanding of cybersecurity and the ever-present threats.  

Australia’s Privacy Laws are currently being reviewed with Australian Information Commissioner and Privacy Commissioner Angelene Falk noting: “Australia has the opportunity to be at the forefront of privacy and data protection, with laws and practices that increase consumer trust and confidence in the protection of personal information.” 

When it comes to data protection, ask for evidence not just assertions.

An external penetration test can be bought for $5,000 or $50,000. What matters is the scope, the depth of attack and the professionalism of the vendor. JobAdder uses NCC Group, a globally reputed name. When you ask your vendor who they use, do your due diligence on who they are and their reputation. 

All great vendors continually release new features and evolve their software. Innovation is great, but that needs to be balanced with an assurance that the software remains secure as it is continually improved – ideally in the form of certification.   

Being transparent, JobAdder does not have ISO 27001 certification yet, but we are working on it, and well on our way. A full audit against all 114 ISO 27001 Annex A security controls will be undertaken in July 2021 and under NDA, existing JobAdder customers will be able to obtain this. 

In the absence of certification, you should request formal evidence that the way the software is developed and updated is secure. 

Want to find out more?

We will be hosting a live and in-person event for customers in our Sydney office this August with presentations and Q&A with myself, Chief Product and Technology Officer, our legal team and our ISO27001 leader. Keep an eye on your inbox for further details.
If you are an existing customer with burning questions that can’t wait that long, call our friendly support team and request a 1:1 with anyone from the leadership team, myself included. We are always open to a chat.

Keep reading from JobAdder Blog

compliance risk
Kayta Hackman
Oct 14, 2021
recruitment technology
Liz Van Zyl
Oct 13, 2021
the_great_resignation
John Ebanks
Oct 7, 2021