How to Conduct Criminal Background Checks Without Violating PDPA Laws

It’s well known that pre-employment criminal background checks are a crucial step for organizations to effectively screen candidates. However, the importance of these processes has increased with the strict enforcement of PDPA laws. Incorrect procedures could lead to legal violations, potentially resulting in severe penalties including imprisonment. 

With the implementation of the Personal Data Protection Committee’s guidelines effective April 7, 2023, employers must adhere to specific legal frameworks concerning the collection, storage, and destruction of personal criminal data as mandated by the PDPC.

4 Employer Cautions in Conducting Criminal Background Checks

Sensitive criminal history information requires meticulous handling to avoid violating PDPA laws. Employers should consider these four critical aspects:

1. Consent is Crucial: 

Employers must obtain consent from applicants before conducting criminal background checks to avoid violating PDPA laws. This ensures transparency and legality in the hiring process.

2. Rights of Data Subjects: 

It is essential to inform candidates about the process, especially the implications of not consenting to a background check, allowing them to make informed decisions about their application.

3. Limit Data Retention:

According to PDPA regulations, employers should not hold criminal background information for more than six months from the start date of employment unless specified by law.

4. Secure Storage of Data:

Sensitive information such as criminal history must be securely stored to prevent unauthorized access or leaks, adhering to the minimum security measures set by the Personal Data Protection Committee under Article 37(1).

Employer Penalties for Non-Compliance with PDPA

Employers not adhering to the PDPA face civil, criminal, and administrative penalties:

  1. Civil Liabilities: Employers are liable for compensating the data subjects for any harm caused, intentionally or by mistake, with reparations reflective of actual damages or up to twice the incurred damages.
  2. Criminal Offenses: Penalties include imprisonment for up to one year, a fine not exceeding one million baht, or both.
  3. Administrative Sanctions: The maximum fine can reach up to five million baht, representing the most severe penalty.”

In summary, while employee criminal background checks are crucial for maintaining a safe workplace, it is imperative not to overlook PDPA laws. Organizations can comply by choosing standardized services like Appman Criminal Checker, which ensures both security and speed. This service also supports digital consent forms to facilitate PDPA-compliant data security and privacy practices, ensuring that all legal requirements are met.

Leave a Reply

Your email address will not be published. Required fields are marked *