It's the faulty records, however, that present the biggest risks to employers. Third party background checks by employers on current or prospective employees are governed by the federal Fair Credit Reporting Act ("FCRA"). It has very stringent requirements employers must comply with before obtaining or using a background check from a third party:
- The employer must first disclose to the employee or applicant that a background check will be done and receive written consent.
- The employer must then certify to the consumer reporting agency that it made the disclosure and has obtained written consent. An agency that does not ask for this certification, or provides a background check in its absence, should be a huge red flag about its credibility and the credibility of the information provided.
- Finally, if you are going to take an adverse action based on information disclosed in the background check (such as not hiring someone), you must first provide the applicant or employee with a copy of the report you received along with a copy of the person's rights under the FCRA (available directly from the FTC). An employer must then wait a reasonable period of time (5 business days) before actually taking the adverse action, at which time the applicant or employee must be provided with an adverse action letter under the FCRA.
Any one of these steps can cause potential liability issues for an employer, but the only risk of any real damages stems from using an inaccurate report. Let's say, for example, a company violates the statute, but in the process learns of an applicant's bona fide criminal history. That history automatically disqualifies the person from consideration. Even though the statute has been technically violated, how has the person been harmed by not being hired for a job he or she was not qualified for in the first place? If, however, the criminal history was faulty (for example, the person was the victim of identity theft), and he or she is disqualified without having the opportunity to dispute the inaccuracy, that violation of the FCRA could open a company up to the fully panoply of employment-related damages.
Just because FCRA is seldom enforced does not mean that it should be ignored. Compliance is relatively simple, and failing to comply is an unnecessary risk for businesses to take.
2 comments:
I defended an FCRA lawsuit about ten years ago on behalf of a private employer in Washington, D.C. The background check company, a national credit reporting company, made a mistake in reporting a criminal conviction as part of the background check. The employer refused to hire the employee as a result. In the resulting litigation, there were numerous defendants, including obviously the employer and the credit reporting company.
What should have been a relatively small matter and simple situation to resolve resulted in years of litigation. At the plaintiff's deposition (which lasted 27 days) there were at least 15 lawyers given the number of defendants (creatively) brought into the lawsuit.
The employer in this case had made a relatively minor mistake in complying with the FCRA. But that simple mistake resulted in years of litigation. I would suggest that employers actually read the contract they sign with the company doing background checks to see who bears responsibility under the contract for mistakes.
Eric, you make an outstanding point. An agreement for the consumer reporting agency to indemnify the employer that is relying on its report would be a dream for companies doing background checks on employees. Given the disparity in bargaining power, however, I imagine that type of clause would be difficult to obtain.
Post a Comment
Thank you for taking the time to comment. Comments are moderated for inappropriateness and offensiveness, and not for content. Posting a comment does not create an attorney-client relationship.