Why This Story Matters:
In February 2024, U.S. President Joe Biden issued an Executive Order to prevent access to the sensitive personal data of Americans by “certain countries of concern.” A background screening company must also have methods to protect the personally identifiable information (PII) of consumers who undergo background screening both domestically and globally.
Executive Order to Protect Personal Information
On February 28, 2024, United States President Joe Biden issued an “Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” that describes an unusual and extraordinary threat to the national security and foreign policy of the United States posed by the continuing effort of “certain countries of concern” to access sensitive personal data and U.S. Government-related data of Americans.
To address this threat, the Executive Order directed the Department of Justice (DOJ), in consultation with other agencies, to issue regulations that prohibit or otherwise restrict U.S. persons from engaging in certain categories of transactions that involve U.S. Government-related data or bulk sensitive personal data, pose an unacceptable national security risk of access by countries of concern or covered persons subject to their jurisdiction, and meet other criteria specified by the Order.
Why Protecting Consumer Date is Important During the Background Screening Process
Consumers undergoing background screening for employment purposes usually divulge personally identifiable information (PII) that can include full name, date of birth (DOB), Social Security Number (SSN), driver’s license number, address history, and other sensitive information depending on the scope of the screening. In other words, everything a criminal would need to commit identity theft. Background screening companies must have policies and procedures to protect the PII of consumers.
Background screening companies serious about protecting consumer data should have certifications that include International Organization for Standardization (ISO) standards, Professional Background Screening Association (PBSA®) accreditation, Data Privacy Framework (DPF) certification, and System and Organization Controls (SOC 2®) Type 2 reports. These certifications can help consumers feel confident that their data will be protected during the background screening process.
What ClearStar Does to Protect Personal Information
ClearStar – a global workforce screening company specializing in background checks, drug testing, and occupational health services – knows the importance of protecting personal data during background screening and holds many certifications.
- In August 2023, ClearStar announced it had received ISO/IEC 27701:2019 certification for its Privacy Information Management System (PIMS) which shows ClearStar meets rigorous international standards for protecting personal data. ISO/IEC 27701:2019 is a privacy extension to the ISO/IEC 27001:2013 information security standard published by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards, and the International Electrotechnical Commission (IEC). In 2022, ClearStar was awarded recertifications of the ISO/IEC 27001:2013 standard for information security management system (ISMS) best practices and the ISO/IEC 27018:2019 security standard for the public cloud computing environment.
- In November 2023, ClearStar announced that the Professional Background Screening Association (PBSA®) Background Screening Credentialing Council (BSCC) found ClearStar has successfully demonstrated continued compliance with the Background Screening Organization Accreditation Program (BSOAP) and is recognized as BSCC-Accredited. Governed by a strict professional standard of specified requirements and measurements, the BSOAP is becoming a widely recognized seal of achievement that brings national recognition to a background screening organization’s commitment to excellence, accountability, high professional standards, and continued institutional improvement.
- In April 2024, the U.S. Department of Commerce’s International Trade Administration (ITA) completed its review of ClearStar’s self-certification of compliance with the Data Privacy Framework (DPF) program and finalized the certification. ClearStar certified compliance with the EU-U.S. DPF concerning the processing of personal data from the European Union (EU), the UK Extension to the EU-U.S. DPF concerning the processing of personal data from the United Kingdom (UK) and Gibraltar, and the Swiss-U.S. DPF concerning the processing of personal data from Switzerland (Swiss).
- Each year, ClearStar obtains an annual System and Organization Controls (SOC) 2 Type 2 report which validates the company’s compliance with the strict information security policies and procedures set forth by the American Institute of Certified Public Accountants (AICPA). The report is provided by an independent third-party that assesses the extent to which ClearStar complies with one or more of five “Trust Services Criteria” — security, availability, processing integrity, confidentiality, and privacy — so clients can feel more confident than ever that ClearStar’s team and technology are equipped to protect sensitive information.
ClearStar’s numerous certifications help ensure the privacy, security, and confidentiality of consumer data used during the background screening process. To learn more about ClearStar, please contact us.
© 2024 ClearStar. All rights reserved. – Making copies of or using any part of the ClearStar website for any purpose is prohibited unless written authorization is first obtained from ClearStar. ClearStar does not provide or offer legal services or legal advice of any kind or nature. Any information on this website is for educational purposes only.
Let's start a conversation
Thomas Ahearn - Digital Content Editor
Thomas Ahearn is a Digital Content Editor at ClearStar, a leading Human Resources technology company specializing in background checks, drug testing, and occupational health screening. He writes about a variety of topics in the background screening industry including Artificial Intelligence (AI), "Ban the Box," class action lawsuits, credit reports, criminal records, drug testing, Equal Employment Opportunity Commission (EEOC), Fair Credit Reporting Act (FCRA), identity theft, privacy, social media screening, and workplace violence.
At ClearStar, we are committed to your success. An important part of your employment screening program involves compliance with various laws and regulations, which is why we are providing information regarding screening requirements in certain countries, region, etc. While we are happy to provide you with this information, it is your responsibility to comply with applicable laws and to understand how such information pertains to your employment screening program. The foregoing information is not offered as legal advice but is instead offered for informational purposes. ClearStar is not a law firm and does not offer legal advice and this communication does not form an attorney client relationship. The foregoing information is therefore not intended as a substitute for the legal advice of a lawyer knowledgeable of the user’s individual circumstances or to provide legal advice. ClearStar makes no assurances regarding the accuracy, completeness, or utility of the information contained in this publication. Legislative, regulatory and case law developments regularly impact on general research and this area is evolving rapidly. ClearStar expressly disclaim any warranties or responsibility or damages associated with or arising out of the information provided herein.
