Adopting a New Background Screening Program
This article is intended to provide our customers with guidance on implementing and operating a background screening program. Before starting the background screening process, it is crucial that you create a policy that outlines the purpose and scope of your program. Every organization is different, and all have unique screening needs. As such, you shouldn’t arbitrarily settle for a ready-made form policy without conducting proper due diligence.
At a bare minimum, you should take care to think about what your company’s needs are and consult your legal counsel when you are ready to begin establishing your employment background check program.
Part One: Preliminary Considerations
Purpose of the Program
Your policy should first outline the purpose and scope of your program. The following suggestions and examples may help you share your company’s policy.
Give a simple statement of the policy.
Example: “It shall be the policy of ACME Corp. to conduct background checks of employees and applicants for employment.”
List the primary elements of the background check.
Example: “Background checks shall consist of a consumer report on the employee and drug and alcohol testing, all as set forth in greater detail hereinbelow.”
Address whether your company will make employment contingent on outcome of the background check.
Affirm your company’s intent not to violate EEO laws.
Example: “Nothing in this policy shall be interpreted or construed as intent of the company to violate applicable Equal Employment Opportunity laws.”
Rationale for the Program
A section in your company’s policy should justify the creation of your background screening program. It may be beneficial to start this section by identifying the risks present for your company and the screening measures that can or have been adopted to counter those risks.
Keeping in mind the “Green” factors, state the basic rationale for your background screening program.
Example: “We check backgrounds because doing so is job-related and consistent with business necessity.
Starting with this broad statement, continue to outline the evidence that shows why the program is job-related and consistent with business necessity. You may also choose to categorize discreet jobs and identify their specific exposure and risk points. Example risk points include safety of people, safety of assets, and sound investment in human capital.
Consider whether there are external reasons for your company’s background screening policy.
For example, a company may be contractually obligated as a vendor to maintain certain screening procedures. Additionally, staffing agencies are frequently given screening requirements or specifications from their clients.
Performance of the Program
Person(s) Responsible
Next, identify the individual(s) that are responsible for conducting screens. Be sure to identify those with day-to-day responsibilities within the program and the person with ultimate decision-making power.
Part Two: Scope of the Program
Employees to be Screened
When determining what the scope of your screening program, you should first consider and identify which classes of employees will be subject to screening and identify any sub-classes of employees who are subject to a more rigorous screen due to the nature of their positions. These will vary widely from company to company, as some companies choose to only screen management employees, while more risk-adverse companies opt for a more robust program that includes all of its employees.
Screening Schedules
Next identify the triggering events for the screening. Common examples include submission of application for employment, successful completion of interviews, reasonable suspicion, employee misconduct, random screening, annual screening, etc.
Substantive Scope
Next, describe the substantive scope of the screen and identify the standard subject matter areas to be investigated. Examples of such may include:
- Criminal history records
- Moving vehicle record
- Employment & Education history
- Credit history
- Professional license verification, etc.
You should also determine and identify the breadth and depth of the screen and the sources that are to be searched.
Method of Screening
Determine the method(s) by which your company will conduct employee screening. Methods that should be identified in your policy include the time scope or other factors that will determine the scope and/or depth of the screening.
Examples:
“Searches are to be based on the new employee’s previous seven years of address history.”
“Searches are to be based on existing employee’s current address plus any preliminary results found on a national database search.”
Companies may choose to limit screening based on whether the search in question for pre-employment purposes or is an annual rescreen.
You should also determine whether your company will seek self-disclosed background information from the applicant or employee. If so, be sure to review all relevant state and local ban-the-boxes and fair chance hiring laws and ordinances and consult your legal counsel on the matter.
Part Three: Developing the Procedures
Disclosures & Authorizations
After reviewing the requirements of the FCRA and related state laws, describe the mandatory content for disclosures and authorization documents. Also, you should identify the timing of obtaining the authorization (e.g., the signed written consent must be obtained before the order for a screen is placed.)
You may wish to consider using “evergreen” authorizations forms, which will allow you to rely upon that authorization to conduct additional screening over the course of the subject’s employment.
Ordering Methods
Determine and identify the procedure & method for ordering screens. Make sure to address the following:
- How will HR be able to order screens from external sources?
- Who is authorized to place orders and view results?
- How will employee PII be protected in transit?
Part Four: Evaluating the Results
Persons(s) Responsible
Identify who will in your company will evaluate the consumer report and who is authorized to make decisions on behalf of your company. When establishing your company’s criteria, you should consider whether your company subject to mandatory state or federal laws. If so, be sure to reference those laws & regulations in your policy and follow them.
Grading / Decision Tools
Companies often use decision-making tools such as decision trees or grading matrices. A decision matrix is a form containing the offenses that a company reviews to determine which offenses are acceptable or not. When creating your company’s matrix, base your decisions on the unique needs of your organization, including relevant laws or regulations as well as any third-party contractual requirements. The matrix will typically indicate any offense that creates an absolute bar to employment, notwithstanding mitigation or rehabilitation evidence.
Your company may have more than one grading matrix based upon job requirements. For example, while your company may care less about the moving-violation records of its in-office employees, these records may be of concern when they involve salespersons who may be operating company-owned vehicles and other similarly situated employees. Remember, take every chance you have to show that your policies are job related and consistent with business necessity.
Address Pending Criminal Cases
Additionally, you will want to address the effect of pending cases against employees and affirm the discretionary component of each evaluation made by your company. Some companies will make employment decisions based on pending criminal cases, while others prefer to delay action until a case is disposed of against an employee.
Regardless of which route your company takes, you should be careful to sufficiently document your decision and the justifications for it and apply every policy consistently across the board.
Part Five: Addressing Adverse Information
Your company should adopt an FCRA-compliant adverse action process and establish procedures that will ensure your HR personnel adequately document the file regarding the adverse action process. A few issues for your company to consider when adopting a new policy are provided below.
Method of Delivery
State how your company will provide required notices under this process.
Examples: U.S. Mail, email, hand delivery, etc.
Content of Notices
Describe the substantive content that is to be included in any pre-adverse action and adverse action notices.
Pre-Adverse Action Notices
The FCRA doesn’t prescribe the exact language that must be stated within the body of the pre-adverse action notice. Standard notices typically state that the employer “ may take adverse action based either in whole or in part upon a consumer report obtained about [the consumer]” along with information about how to dispute the accuracy of the consumer’s report.
The law does, however, require employers to include with the notice:
- A copy of the consumer report.
- A copy of the document published by the Consumer Financial Protection Bureau (the “CFPB”) titled “A Summary of Your Rights Under the FCRA.”
Adverse Action Notices
Pursuant to the FCRA, the adverse action notice must include:
- The name, address, and phone number of the consumer reporting agency (CRA) that supplied the consumer report to the employer.
- A statement that the CRA did not make the decision to take adverse action against the consumer and therefore is unable to provide specific reasons for the decision.
- A notice of the rights to obtain a full file disclosure from the CRA and to dispute the accuracy or completeness of any information included in the consumer report.
The FCRA does not require employers to state the specific conviction or other reason for taking the adverse action based on the consumer report, unlike some state laws.
Waiting Period
Determine the minimum waiting period between the time you will send a pre-adverse action notice and an adverse action notice. The minimum period has traditionally been believed to be at least five business days if the notices are sent by U.S. Mail. This time may differ depending on the method of delivery that your company chooses to use.
You will also need to address how your company will respond if the applicant disputes information contained in their background check report during this time, or even after the adverse-action process is complete.
It may be helpful to include the following statements in your written policy:
- The importance of the cure period (i.e., the period of time in which the applicant can challenge/dispute a report and revisions can be made before the company makes a final decision.
- That employees can make no final decisions during the cure period.
- A requirement that employees review information about applicant disputes or related communications from the applicant about the contents of the consumer report.
- Stress that any communication with the applicant during the cure period should not state or imply that any final decision has been made of that adverse action will be taken.
Part Six: Additional Considerations
In addition to the items stated above, your company may wish to consider and include one or more of the following elements in your background screening policies:
- Whether to conduct ongoing screenings, such as constant arrest monitoring programs.
- Document retention protocols.
- Document disposal protocols (the FCRA requires disposal in a manner reasonably calculated to protect against unauthorized access or use.)
- Statements that the policy vests no rights in applicants or employees, is subject to discretion of the company, and that circumstances may dictate deviation from the policy.
Program Evaluations
After implementing a new Background Screening Program or updating your company’s existing program, be sure to evaluate the program on an ongoing basis to determine whether your policies and procedures are achieving their stated purpose(s). Background check laws are constantly evolving, so employers must stay up to date on changes and regularly consult with legal counsel to ensure they are maintaining compliant screening programs.
You may also wish to evaluate your program internally on a regular basis to identify the need for changes or possible areas of improvement, such as by asking a group of employees to periodically review the program and suggest appropriate changes.
This publication is provided only for educational purposes; it should not be relied upon as legal advice, and it should not be used, in whole or in part, as a basis for establishing employment practices or policies, nor should it be used for resolving disputes or managing risk. Every reader’s circumstances are unique and legal advice should be obtained only from a lawyer with whom the reader has established an attorney-client relationship. © 2024 DISA Global Solutions Inc. All rights reserved. All material contained within this publication is protected by copyright law and may not be reproduced without the express written consent of DISA .