How Can I Stay Compliant When Conducting Background Checks?

August 23 2021

While background screenings, whether before you hire someone or after, are encouraged, you need to be aware of the laws and regulations surrounding privacy and compliance.


Because background checks give you access to sensitive information about a candidate, having a compliant background screening process protects your company from liability and other negative consequences.


There are privacy laws to determine what type of information can and cannot be collected during the background screening process.


For example, the Federal Privacy Act and the Freedom of Information and Protection of Privacy Act regulate the collection of private information for organizations in the public sector. The Personal Information Protection and Electronic Documents Act (PIPEDA) for federally regulated industries, such as the finance industry.


There are also provincial laws that govern the collection and usage of private information. In Ontario, the Police Record Checks Reform Act (PRCRA) regulates the types of police checks employers can request.


These include:

-Criminal Record Checks;

-Criminal Record and Judicial Matters Checks;

-And Vulnerable Sector Checks


Below, we provide some tips to help you stay compliant during the background screening process.


Only Collect the Information You Need


According to the Federal Privacy Act, institutions in the public sector are only allowed to collect personal information directly related to an operating program or an activity of the institution.


This means you should only be requesting information from your candidates that are necessary for conducting the background checks, such as legal names, addresses, criminal records, and employment history.


Receive Consent and Make Information Known


Conducting a background check without the explicit consent of the candidate is unethical and often illegal.


The PRCRA states that consent must be provided by the person who is being asked to provide a background check. The Federal Privacy Act also states that a government institution has to inform any individual from whom the institution collects personal information.


In addition to obtaining explicit consent before conducting any background checks, you must also inform the candidate about the reasons for conducting screenings and disclose anything you find to the candidate.


Properly Store and Dispose of Information


You should have guidelines and procedures in place for storing and disposing of the information you have from candidates.


Best practices from the PIPEDA state that you should implement a minimum and maximum retention period for any personal and electronic information you collect. PIPEDA also states that any personal information that doesn’t have a specific purpose anymore or no longer fulfills its intended purposes should be disposed of safely.


At Triton, we can help you conduct background checks safely and securely. We have a range of different solutions that will help you get the information you need to make informed hiring choices. These include criminal background checks, employment verification checks, credit checks, and more. However, vulnerable sector checks must be conducted at a police station.


Learn more about how we can help you by calling us at 1-844-874-8667 or visiting