Security, Human Resources, Background Checks and the Law: ROI

ASIS International 200046th Annual Seminar & Exhibits

9/11/00 - Orlando, FL

M. K. Poquette

$$$$$$$$$$$ $$$$$$$$$$$ $$$$$$$$$$$

Security Products

Worldwide Security Spending

1998 $512 Million

2003 $2.24 Billion

Source: International Data Corp

Security Products

PREMISE #1: Security ROI is compromised

unless measures include background checks.

CCTV * Security Guards * Locks * Power Supplies * Transmission Systems * Vaults * Computer Software * Bar Coding * Pagers *Fences/Gates/Guard Booths * Voice Evacuation Systems * X-Ray *Alarms *Iris Recognition * Intelligent Key Systems * Metal Detectors * Intrusion Detection * Fire Protection Equipment * Bio-metric Access * Buried Sensors * Night Vision Equipment * In-fared Cameras * Two Way Radios * Bullet-Resistant Barriers * Digital Recorders * Video Signal Equipment *

CCTV * Security Guards * Locks * Power Supplies * Transmission Systems * Vaults * Computer Software * Bar Coding * Pagers *Fences/Gates/Guard Booths * Voice Evacuation Systems * X-Ray *Alarms *Iris Recognition * Intelligent Key Systems * Metal Detectors * Intrusion Detection * Fire Protection Equipment * Biometric Access * Buried Sensors * Night Vision Equipment * Infared Cameras * Two Way Radios * Bullet-Resistant Barriers * Digital Recorders * Video Signal Equipment *

Background Checks

Human Resources, Background Checks and the Law: ROI

Security,

Human Resources, Background Checks and the Law: ROI

Security,

PREMISE #2: Security ROI is compromised unless

measures include background checks.

Security expertise needed in background check program

SecuritySecurity

Back-Back-ground ground ChecksChecks

The The LawLaw

Human Human ResourcesResources

SecuritySecurity

Back-Back-ground ground ChecksChecks

The The LawLaw

Human Human ResourcesResources

SecuritySecurity

Back-Back-ground ground ChecksChecks

The The LawLaw

Human Human ResourcesResources

Objectives Objectives Protection

– Employees and Clients

– Assets

– Liability

Direct CostDirect Cost

NEGLIGENT HIRING. . . more than half the awards in recent

security negligence cases have exceeded

$100,000.

HR Magazine, 6/00

“Looking for Chinks In the Armor.”

Direct CostDirect CostTHEFT . . . The stores had become a

haven for ex-felons and thieves.

. . . Almost all of the thieves were gaining employment at a xxxxx store for one premeditated reason -- to steal.

Security Management Magazine, 11/99

“Stop Insiders from Eating Profits.”

Direct CostDirect Cost

COMPUTER CRIMEAverage Cost Per Hacker Incident:

Outside Hacker $56 Thousand

Inside Hacker $2.7 Million

Security Management Magazine, 12/99

“Inside the Mind of the Insider.”

Direct CostDirect Cost

NEGLIGENT HIRING. . . awards average about $500,000 in

cases where an individual is assaulted at a

place of business.

HR Magazine, 6/00

“Looking for Chinks In the Armor.”

Objectives Objectives Protection

– Employees and Clients

– Assets

– Liability

Add Value

ScreeningScreening

“One of the most significant missed opportunities in security departments is related to the screening of applicants for employment.”

Security Management Magazine, 12/99

“How Can Security Get Inside the Door?”

ScreeningScreening

“ . . . the most probable and most significant loss prevention tool in the future will be the use of better employee-selection techniques.”

Security Management Magazine, 4/00

“An Inventory of What’s in Store.”

Indirect CostIndirect Cost

SELECTION, TRAINING, & START-UP

50% - 150% of annual salary

$$$$$$$$$$$ $$$$$$$$$$$ $$$$$$$$$$$

<$100 <$50

<$10

Screening Screening

RecommendationsRecommendations

PROACTIVE INVOLVEMENT Utilize security expertise Design/implement screening program Participate in vendor selection Obtain legal approval Audit processes and on-going results.

RecommendationsRecommendations

COMPREHENSIVE All Staff

– Employees, including executives– Temporary Staff– Contractors

Security ExpertiseSecurity Expertise

Pragmatic view Knowledge of criminal record system Enterprise-wide security view Part of executive management Minimize Legal Department objections Position background checks as critical

security component

PREMISE #3: Security ROI is compromised unless

measures include background checks.

Security expertise needed in background check program

Program must be legally compliant and defensible.

ImplementationImplementation

OBTAINING AND USING SCREENING INFORMATION

Equal Employment Opportunity Laws Fair Credit Reporting Act (FCRA)

(Federal & State versions may apply.)

FCRAFCRA

04/25/71 - Fair Credit Reporting Act

09/30/97 - Consumer Credit Reporting Reform Act of 1996

11/02/98 - Consumer Reporting Employment Clarification Act of 1998

FCRAFCRACCRRA of 1996: FCRA governs all background checks

done for employment purposes by a third party for which third party is paid.

Applies whether or not credit is included in background check.

State law may add more requirements.

FCRAFCRAKEY DEFINITIONS Background checks =

Consumer Report (CR) or Investigative Consumer Report (ICR).

Background-checking provider = Consumer Reporting Agency (CRA)

Employment purposes =Employment, retention, or promotion

FCRAFCRAKEY DEFINITIONS Adverse Action =

Not hiring, retaining or promoting applicant based in whole or part on information in background check.

Excluded Information =

Any adverse item of information, other than criminal convictions, older than 7 years*

* Some exceptions apply.

Screening ProcessScreening ProcessCERTIFICATION Employer signs “User Certification”

with CRA CRA provides employer with

“Notice to Users of Consumer Reports: Obligations of Users Under the FCRA.”

Note: One-time steps.

Screening ProcessScreening ProcessCERTIFICATION

Employer agrees in User Certification* to Use information only for employment purposes Use information only in legal ways Make disclose to applicant and obtain

authorization Follow adverse action procedures

*Note: Exact language not specified.

Screening ProcessScreening ProcessINTERNAL PROCEDURES Standardize checks by position Applicable to position Use and impact of key identifiers

(Date of birth and other names used)

Define action based on information; “green, yellow, red” criteria.

Screening ProcessScreening Process

INTERNAL PROCEDURES

Use of contingency offers Applicant’s continuation, suspension,

or termination in employment process. Adverse action process, time lines. Effect of adverse information.

Screening ProcessScreening ProcessWITH APPLICANT Make “Clear and conspicuous” disclosure in a “document that

consists solely of the disclosure.” Obtain signed authorization from applicant.

10/21/97 FTC Opinion: Disclosure and authorization may be combined.

Obtain applicant’s key identifiers. (SSN, DOB, other names used)

Screening ProcessScreening ProcessTO CRA Provide applicant information to CRA

– Employment Application– Authorization*– Key Identifiers

* Possession by CRA not legally required, but practical considerations apply.

Screening ProcessScreening Process

WORKING WITH RESULTS

Apply pre-determined criteria and procedures

(Green, yellow, red light)

Screening ProcessScreening ProcessADVERSE ACTION Notify applicant before taking action Provide time to dispute and correct Provide copy of report and “A Summary of Your Rights under the

Fair Credit Reporting Act” Provide adverse action notification

Obtain applicant’s key identifiers. (SSN, DOB, other names used)

Screening ProcessScreening ProcessINTERNAL INVESTIGATIONS FTC opinion

– Authorization required

Hearings in process Authorization effective throughout

employment

ROLE OF THIRD PARTY Provides background information. Meets or exceeds service commitments. Provides expertise. Is legally compliant. Applies technology to improve product

and process.

Screening ProcessScreening Process

TechnologyTechnology

BACKGROUND CHECKING Information Accuracy Convenience Cost-effectiveness.

Technology Technology

MANAGEMENT DATA Audit trail of all work Management reports

– Applicants screened– Checks conducted – Hit ratios– Turnaround time– Dollars invested

AuditAudit

INTERNAL AND EXTERNAL Checks ordered by position Start date versus background screen

date Use of adverse action procedures Compare vendor data to company data

HR Magazine, June 2000.Agenda: Security

. . . balance costs

and risks . . .

HR Magazine, June 2000. Agenda: Security

SecuritySecurity

SecuritySecurity

Back-Back-ground ground ChecksChecks

The The LawLaw

Human Human ResourcesResources

ROIROI

QUESTIONS?