HackerTrans
TopNewTrendsCommentsPastAskShowJobs

hmahncke

no profile record

comments

hmahncke
·hace 4 años·discuss
I certainly don't mean to endorse DUIs! And if a company has the viewpoint that a DUI indicates that a person shouldn't be employed in a specific role, then background checks are a good way to achieve that.

My perception is that some people who don't want to do background checks feel that way because they don't want to know embarrassing details about their employees and colleagues that aren't relevant to work. And the good news is that employers can generally set up background check reporting to simply not report issues that employers don't think are relevant. And that makes it easier to offer background checks, and easier to meet SOC-2 audit requirements.
hmahncke
·hace 4 años·discuss
My company did adopt background checks, as part of our SOC-2 requirements and because my company works with health insurers (which generally impose this requirement via contract, regardless of SOC-2).

Like many people here, I didn't like the requirement. That being said

1) It's possible to configure background checks so you don't receive irrelevant information (e.g., if DUIs aren't relevant, then configure the check so you don't receive information about DUIs). In most cases, you'll just want to receive information about financial and privacy related offenses.

2) What you do with the information is up to you (unless your customers enforce certain actions). In general, the SOC-2 auditors will want to see a plan by which you acknowledge and manage the risk, which doesn't necessarily mean you can't hire the person.