Business Solutions

International
Specialized international employment screening solutions in over 150 countries.

→ Get Solutions

Searchable Items
Extensive list of over 50 searchable items available to meet your organization’s hiring standards.

→ View searchable items

Industry Aliances

ashhra2

iclea1

asis2

View More

Compliance

Accurate, Ethical, Responsible

When it comes to personal privacy rights it is imperative that you choose a background screening company that ensures compliance with all applicable federal, state, local and international laws and regulations. When you work with Xact Check, you can be assured that we adhere to all governing standards in our industry to ensure compliance on all levels. Failure to comply can result in potential judgments against employers and screening companies alike. We also continually monitor new legislation as it pertains to background screening so all the information you receive is guaranteed regulation-compliant. Here’s a list of just some of the industry-governing Acts, organizations and laws which we comply with:

FCRA Compliance

The Federal Fair Credit Reporting Act (FCRA) is designed to protect individuals by promoting accuracy, fairness, and privacy of information in the files of every Consumer Reporting Agency (CRA). Most CRAs are credit bureaus that gather and provide information about individuals—such as if they pay their bills on time or have filed bankruptcy—to creditors, employers, and landlords. Companies that perform pre-employment screening services, such as Xact Check, are also governed by the FCRA, as are the employers that use Xact Check’s background screening services.

ADA Compliance

Xact Check operates in compliance with the Americans With Disabilities Act (ADA), which prohibits employers from discriminating against people with disabilities who are qualified to perform essential job functions.

California Consumer Credit Law Compliance

Xact Check operates in compliance with the California Consumer Credit Law (Speier Act), which restricts the reporting of age, marital status, race, color or creed on employment reports for consumers that have a current California address.

California Legislator’s AB655 and AB1068

On January 1, 2002 the California Legislature’s AB655 became effective, amending both the California Consumer Reporting Agencies Act and Investigative Consumer Reporting Agencies Act (”ICRA”). This bill changed a number of provisions affecting the provision of Investigative Consumer Reports for employment purposes.

Compliance with Canadian Reporting Regulations

Xact Check follows the tenets set forth in the Canadian Privacy Act with regard to the protection of applicant information for employment screening purposes. In addition, Xact Check provides the necessary forms required for applicant consent for criminal, credit and driving records reporting as defined by the Ministry of Transportation (MOT), the Canadian Police Information Centre (CPIC) and governing bodies of the individual Canadian provinces and territories (e.g. provincial departments of motor vehicles).

Additional Compliance

Xact Check’s reports allow employers to comply with the screening requirements of various government agencies and legislation, including:

  • Federal Aviation Administration (FAA)
  • Nuclear Regulatory Commission (NRC)
  • Department of Transportation (DOT)
  • Securities and Exchange Commission (SEC)

U.S.-E.U. Safe Harbor Compliant

This certification ensures that we are following all international rules and regulation concerning data protection and transfer legislation. We recognize that we have obligations as a consumer reporting agency under the Department of Commerce’s Safe Harbor provisions. Our compliance policies and procedures with regard to domestic Federal and State regulations have set the standard for compliance in the international market, including the European Union Data Protection Directive.

What do the Safe Harbor principles require?

Notice

Organizations must notify individuals about the purposes for which they collect and use information about them. They must provide information about how individuals can contact the organization with any inquiries or complaints, the types of third parties to which it discloses the information and the choices and means the organization offers for limiting its use and disclosure.

Choice

Organizations must give individuals the opportunity to choose (opt out) whether their personal information will be disclosed to a third party or used for a purpose incompatible with the purpose for which it was originally collected or subsequently authorized by the individual. For sensitive information, affirmative or explicit (opt in) choice must be given if the information is to be disclosed to a third party or used for a purpose other than its original purpose or the purpose authorized subsequently by the individual.

Onward Transfer (Transfers to Third Parties)

To disclose information to a third party, organizations must apply the notice and choice principles. Where an organization wishes to transfer information to a third party that is acting as an agent(1), it may do so if it makes sure that the third party subscribes to the safe harbor principles or is subject to the Directive or another adequacy finding. As an alternative, the organization can enter into a written agreement with such third party requiring that the third party provide at least the same level of privacy protection as is required by the relevant principles.

Access

Individuals must have access to personal information about them that an organization holds and be able to correct, amend, or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.

Security

Organizations must take reasonable precautions to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction.

Data integrity

Personal information must be relevant for the purposes for which it is to be used. An organization should take reasonable steps to ensure that data is reliable for its intended use, accurate, complete, and current.

Enforcement

In order to ensure compliance with the safe harbor principles, there must be (a) readily available and affordable independent recourse mechanisms so that each individual’s complaints and disputes can be investigated and resolved and damages awarded where the applicable law or private sector initiatives so provide; (b) procedures for verifying that the commitments companies make to adhere to the safe harbor principles have been implemented; and (c) obligations to remedy problems arising out of a failure to comply with the principles. Sanctions must be sufficiently rigorous to ensure compliance by the organization. Organizations that fail to provide annual self certification letters will no longer appear in the list of participants and safe harbor benefits will no longer be assured.

To provide further guidance, the Department of Commerce has issued a set of frequently asked questions and answers (FAQs) that clarify and supplement the Safe Harbor principles.