Background checks on prospective employees: Keep required disclosures simple

If your company gets background information on prospective employees, it’s likely you’re covered by the Fair Credit Reporting Act. Before you get a background screening report, the law requires that you make certain disclosures and get a prospective employee’s authorization. Is it time for a FCRA compliance check?

Background screening reports are “consumer reports” under the FCRA when they serve as a factor in determining a person’s eligibility for employment, housing, credit, insurance, or other purposes and they include information “bearing on a consumer’s credit worthiness, credit standing, credit capacity, character, general reputation, personal characteristics, or mode of living.”

If your company uses background screening reports to make hiring decisions, here are some steps the FCRA requires you to take:

  1. Before you get a background screening report about a prospective employee, disclose to the person that you intend to get the report and then get their written authorization allowing you to do that.
  2. If the background screening report reveals something that may cause you to decide not to hire the person, you must notify them of the results of the report and provide them with a copy. Next, you have to give them sufficient time to review the report so they can challenge any elements that might be incorrect.
  3. If you ultimately decide not to hire someone based in whole or in part on the contents of a background screening report, you must provide a notice to that person that states they weren’t hired due at least in part to the result of the background screening report.

Companies often ask how to make the required initial disclosure before they obtain the background screening report and get the prospective employee’s authorization. It’s easier than you might imagine. Under the FCRA, you must provide the prospective employee with a clear and conspicuous written disclosure that you plan to get a background screening report about them and you must get the person’s written authorization that gives you their permission to compile the report. It’s OK to put the required disclosure and your request for their authorization in one document. Just be sure to use clear wording that the prospective employee will understand.

Some companies trip themselves up by using complicated legal jargon or adding extra acknowledgements or waivers. Here are some examples of the kind of things that shouldn’t be in this simple document:

  • Don’t include language that claims to release you from liability for conducting, obtaining, or using the background screening report.
  • Don’t include a certification by the prospective employee that all information in his or her job application is accurate.
  • Delete any wording that purports to require the prospective employee to acknowledge that your hiring decisions are based on legitimate non-discriminatory reasons.
  • Get rid of overly broad authorizations that permit the release of information that the FCRA doesn’t allow to be included in a background screening report – for example, bankruptcies that are more than 10 years old.

That extra stuff not only makes it harder for the prospective employee to understand the main purpose of the document, but it also may violate the FCRA. Adding other acknowledgements or releases of liability is beyond the scope of what the FCRA permits in this document. If you have additional waivers, authorizations, or disclosures you want to give to prospective employees, do it in a separate document. Don’t include them in the FCRA disclosure and authorization document.

It boils down to this: Complying with the FCRA’s disclosure requirement for the use of background screening reports is easy. You can do it in a few sentences. Just include a simple, easy-to-understand notification that you will obtain a background screening report, perhaps with a simple explanation of what information will be included in the report. The request for the prospective employee’s authorization should be in plain language, too.

That’s it. Nothing else is required – and nothing else is permitted by the FCRA.

Keep it simple. It’s not just a good idea. It’s the law.

(This post was updated on May 3, 2017, to clarify that it concerns required initial disclosures before companies obtain background screening reports.)
 

Comments

Based upon the number of cases, compliance is hardly "easy". If the FTC gave a "simple" form for employers to use, it would be most helpful and avoid extensive, wasteful litigation. A standard form is provided by other agencies where the statute requires a consumer disclosure. The FTC should do the same, since the consequences of a non compliant form, however innocent, are extremely expensive.

This article is dangerous in my perspective. The FTC is trying to over simplify a process that is just NOT that. I feel like you are setting people up for mistakes due to this 'simplicity', without really diving down in to the numerous lawsuits out there that are specific to the incorrect use of the form. If it is really 'that easy', why not put out a sample form for people to use. Why leave it up to each company to do?

There is NO mention of the state laws surrounding employment screening in this article, and the fact that multiple states require notice to applicants prior to processing their background screen. There is no mention of the fact that if a CRA is used in the process, that there specific information must be included in the document, so the applicant is aware of who processed the screen on them.

I get that you might not want people to be scared of a process, but with the lawsuits against employers, a little fear can actually go a long way. And if you are going to simplify a process, make sure to include ALL the details. If someone is going just off of this document alone, they will surely be in trouble down the road.

Poorly written in my book!

Bankruptcies can be reported for more than 10- years IF the job for which the person is being considered pays $75,000 or more on an annual basis. See 605 Requirements relating to information contained in consumer reports (15USC 1681c)

The article states, "It’s OK to put the required disclosure and your request for their authorization in one document." However, section 604(b)(2)(a)(i) of the FCRA states [includes]: "a clear and conspicuous disclosure has been made in writing to the consumer at any time before the report is procured or caused to be procured, in a document that consists solely of the disclosure ..." Am I misreading either of these here? The direction given in this article is not aligned with the specific text in the FCRA.

Here is a response from the author David Lincicum:  “Although Section 604(b)(2)(a)(1) does state that the initial disclosure must consist solely of the initial disclosure, Section 604(b)(2)(a)(ii) goes on to allow the authorization to be included in the same document as the disclosure.”

What is not clear here is information regarding disclosure of the CRA used in the process. We conduct background screenings through several State agencies due to the nature of our business and driver history checks through a difference CRA. It's tedious at best to have a separate form for each CRA. Also, there needs to be clarification of what personal information should be included on the form other than a signature. We have to capture SSN, driver license numbers, etc. to conduct the screenings. Should this be on a separate form altogether?

Does NYS follow the same rules and regs?

If you are working with a reputable provider of reports, they can generally help with forms as does the company we use. The company we use also does periodic audits to ensure their clients are following FCRA properly. It's a big help. Don't cheap out on your provider and it can save you much in the way of hassles and compliance adherence.

This article is misleading. As noted by someone else, there are state law requirements that prohibit employers from "simplifying" the forms as recommended in this post. Also, the post fails to set forth any regulation that prohibits employers from trying to limit liability, to the extent permitted by law, when performing background checks. Any prudent employer will comply with FTC and state requirements while incorporating language to protect the employer from liability. This requires the balancing of competing interests and cannot be as "simple" as this post suggests.

Keep in mind that there are states, such as California, that specifically prohibit putting the disclosures and authorization on the same form. Employers must also review the requirements in each state and comply with those requirements as well as FTC regulations when creating these forms or the employer can be subject to class-action lawsuits in those states which prohibit using a single form.

Add new comment

Comment Policy

Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.