September 8, 2017
Employers may worry about their credit information in the wake of Equifax’s data breach, but can breathe somewhat easier knowing their employees won’t be affected.
“I don’t think there’s a risk to consumers in terms of credit reports that are ordered by employers,” Brad Landin, president and chief compliance officer of Employment Screening Resources, told Bloomberg BNA Sept. 8.
Credit information for about half of all adults in the U.S. is in jeopardy after cybercriminals stole names, Social Security numbers, birth dates, addresses, and driver’s license numbers from Equifax, the credit reporting agency said Sept. 7.
Many employers use credit checks in the hiring process, but the only way the hack could be a liability would be if someone used the information stolen from Equifax to try to obtain a job, which likely won’t be an issue, Landin said. “Why would a person steal an identity to get a legitimate job?” he said. People who steal credit information are “in the business of stealing money, not making money,” Landin added.
Landin said he was relieved to find he wasn’t one of the 143 million Americans who had information compromised by the Equifax hack. His colleague down the hall, however, was not as lucky, he said.
Both checked by punching the last six digits of their social security number into the Equifax’s security website. The site has generated controversy of its own, having to do with language in a user agreement that asks people who sign up for credit monitoring to waive their right to a class action.
Landin said it’s unlikely employer credit checks for hiring purposes will be affected by the hack.
Most services employers use for credit checks are coming through a reseller of the credit information, not directly from Equifax, Landin said. Moreover, those resources are server-to-server, meaning users don’t need to log on to an actual website to access it, he said.
“I’m highly confident that the availability of Equifax credit reports are largely unaffected,” Landin said.
If access to credit scores does become a problem for employers, however, there are solutions.
“Companies can proceed with the hiring process pending a background check,” said Mel Hennigan, vice president of people for Symplicity Corp., a Washington-based ed-tech company.
Employers are supposed to use credit checks only when the information is relevant to the position, per Equal Employment Opportunity Commission rules, but sometimes too much information is used, Hennigan told Bloomberg BNA Sept. 8.
“I hope that this incident give companies and HR professionals pause to think about the relevancy of the information they’re processing in their background checks,” she said.
HR professionals will often purchase packages from background check companies that include things that aren’t relevant to every position, Hennigan said. “It’s a good time to just rethink,” she said.
Credit checks and other types of employer background screenings present employers with the issue of how much information they should collect on employees and potential hires.
Companies are indeed storing too much unnecessary information, said Carrie Hoffman, co-chair of the labor and employment practice at Gardere Wynne Sewell LLP.
“When I’m counseling an employer, I ask them ‘Why do you need this information,’” Hoffman told Bloomberg BNA Sept. 8.
Employers moved in the right direction by ditching the practice of using Social Security numbers as employee identification, Hoffman said. But they are still necessary to use for things like I-9s and tax withholding.
The more employers reduce the amount of information they keep, the more they reduce the potential threat of that information being compromised, Hoffman said.
To contact the reporter on this story: Madison Alder in Washington at firstname.lastname@example.org
Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.