Employee screening, a hiring necessity or an invasion of privacy?

Issue 1 2023 Security Services & Risk Management


Nicol Myburgh.

Employee background screening has become an integral part of the recruitment process. Many companies use it as a means to not only verify potential employees’ education, experience and other credentials before appointing them, but also to ensure that they hire the right candidate for the role – someone who will bring value to the business and be a worthy ambassador for the brand.

Checking that recruitment candidates have not falsified their CV information and will be a good culture fit for the organisation is all good and well, but how deeply can employers delve into a person’s background before the screening process becomes an invasion of privacy?

According to Nicol Myburgh, Head of the HCM Business Unit at CRS Technologies, there is a fine line between checking a potential employee’s qualifications and references, and investigating aspects of their lives that have nothing to do with their job application.

“The best indicator of future performance is your record of past performance, and good references usually mean a good employee,” he says. “There is nothing wrong with checking a candidate’s references – in fact, it is highly recommended – but if you start looking at the person’s credit history and behaviour, and whether they have a criminal record, you are treading on thin ice.”

Many companies are not aware of the National Credit Act Amendment 19 of 2014, which came into effect in March 2015. It stipulates that pre-employment checks on consumer credit records may only be performed if the role for which the candidate has applied requires honesty in the handling of cash or finances. Furthermore, this responsibility must be specified in the job description.

“So unless the position are looking to fill involves working with money, checking the candidate’s credit record constitutes a violation of their privacy and is illegal,” says Myburgh.

The same applies to criminal record searches, which are governed by labour legislation. “For example, if a person applies for a position as a driver, but was previously arrested for driving under the influence and as a result has a criminal record, they can be disqualified from the position.

“But if the person is applying for a job as say, an admin clerk, the drunk driving conviction would be irrelevant. Consequently, a criminal record check can only be done if it is pertinent to the job for which you are hiring.”

Employers also need to bear the POPI Act in mind when collecting information for background screening purposes. Accessing information that is available in the public domain – social media accounts, personal blogs and the like – is fine. All other information, including personal identity details, is protected under the POPI Act and therefore off limits.

But whether the background screening you want to do is relevant to the job or not, it is necessary to obtain the applicant’s consent before processing any of their personal information.

How not to overstep

To ensure that companies do not overstep when conducting background checks, Myburgh recommends engaging the services of a reputable background screening and vetting company. “These service providers are fully conversed with the legalities and ethics around employee screening and not only know where the line is, but where not to cross it.”

“Violating someone’s privacy during the recruitment process, or choosing not to hire them for reasons that have nothing to do with the job description can land a business in hot water, and they could find themselves slapped with a lawsuit. This will not only cost the company thousands in legal fees, but could irreparably damage its reputation and brand.”

“Conducting background checks on potential employees mitigates the risk against a bad hire, which can be costly for the business, but these must be done ethically and within the bounds of legislation,” he concludes.

For more information, go to www.crs.co.za




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Identity recovery matters most
Security Services & Risk Management
As cyberattacks grow more targeted, more destructive, and increasingly aimed at the very fabric of trust within the enterprise, the ability to restore identities has become just as critical as restoring data.

Read more...
ISO 27701 helps demonstrate privacy compliance beyond POPIA
Security Services & Risk Management
ISO 27701 include privacy-specific controls and provides a structured way to manage Personally Identifiable Information (PII) throughout its lifecycle, giving organisations a way to demonstrate how privacy is managed.

Read more...
Echoes of 2018? Follow-up on Woolworths explosions
Technews Publishing News & Events Security Services & Risk Management Retail (Industry) Facilities & Building Management
SMART Security Solutions follows up with Jimmy Roodt to find out more about an old connection to the Woolworths bombings from 2018. The investigation remains ongoing.

Read more...
Increase in cyberattacks on the manufacturing sector
Security Services & Risk Management News & Events Industrial (Industry)
According to a new Kaspersky ICS CERT report, in the first quarter of 2026, the percentage of industrial control systems (ICS) on which malicious objects were blocked reached 19,6% globally.

Read more...
Next-generation cash-in-transit vehicle
News & Events Security Services & Risk Management
Fidelity Services Group has unveiled a new, purpose-engineered Cash-in-Transit (CIT) vehicle designed to redefine crew protection, deter threats, and enhance operational resilience in an increasingly complex criminal environment.

Read more...
The risk at the edge of South Africa’s agriculture supply chain
Security Services & Risk Management Agriculture (Industry) Logistics (Industry)
Research from ESET has found that a significant number of South African agritech operators and farmers continue to believe their companies are not attractive targets for cybercriminals. Unfortunately, that belief is precisely what makes them one.

Read more...
AURA partners with Discovery to launch Discovery 911
News & Events Security Services & Risk Management
AURA has announced a partnership with Discovery Insure to power the security-response component of its new Discovery 911 virtual panic-button offering, which is available through the Discovery Insure app.

Read more...
Break the silence on fraud
Security Services & Risk Management
We are entering a new era of fraud, one defined by groups that operate across borders, using advanced digital tools and impersonation tactics to deceive victims and wear down communities' trust and financial security.

Read more...
Africa’s white-collar crime landscape
Security Services & Risk Management
White-collar crime in Africa is no longer a predominantly domestic concern; it has expanded onto the international stage, and so too has the corporate exposure that accompanies it.

Read more...
Global security in 2026
Editor's Choice News & Events Security Services & Risk Management Industrial (Industry) Mining (Industry)
The World Security Report 2026 states: “In a world of increasing volatility, physical security has evolved. It is no longer just a defensive measure; it is a critical driver of corporate value.”

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.