Information security and compliance

Under the California Consumer Privacy Act (CCPA), any California consumer can request to view all information a company has saved on them along with a full list of all third parties that data is shared with. If privacy guidelines are violated, even if there is no breach, consumers have the right to sue the company. hireEZ values consumer trust and is CCPA compliant.

The GDPR is the latest data protection directive for businesses to protect the privacy of EU citizens with enhanced security provisions. hireEZ is GDPR compliant.

The SOC 2 Type 2 reports concern policies and procedures over a specified time period. For this more rigorous designation, systems must be evaluated for a minimum of six months. hireEZ's procedures and controls have been third-party audited to validate our success in ensuring the security, availability, processing integrity and confidentiality of our customer's information.

ISO/IEC 27001 is the international standard for information security. It sets out the specification for an effective ISMS (information security management system). ISO 27001's best-practice approach helps organizations manage their information security by addressing people, processes and technology. Certification to the ISO 27001 standard is recognised worldwide to indicate that your ISMS is aligned with information security best practices. Part of the ISO 27000 series, ISO 27001 sets out a framework for organizations to establish, implement, operate, monitor, review, maintain and continually improve an ISMS.

The Office of Federal Contract Compliance (OFCCP) is a federal government organization that is responsible for ensuring that the companies working with the government are in compliance with fair employment practices. hireEZ supports record keeping standards established by OFCCP as required by our customers who are subject to this compliance. hireEZ helps the customers with their OFCCP audit by providing diversity reports that allows recruiters to gain analytical insights to their candidate pipelines. These reports provide a breakdown on the search by gender and ethnicity for candidates that they've taken an action on or engaged with on hireEZ's platform. These diversity reports from hireEZ can help a team's good faith diversity efforts in the case of an OFCCP audit, by allowing them to track and demonstrate the number of diversity searches performed and the ratio of underrepresented candidates in their pipeline.

ISO/IEC 27001 is the international standard for information security. It sets out the specification for an effective ISMS (information security management system). ISO 27001's best-practice approach helps organizations manage their information security by addressing people, processes and technology. Certification to the ISO 27001 standard is recognised worldwide to indicate that your ISMS is aligned with information security best practices. Part of the ISO 27000 series, ISO 27001 sets out a framework for organizations to establish, implement, operate, monitor, review, maintain and continually improve an ISMS.

ISO/IEC 27701 is a privacy extension to ISO/IEC 27001. It provides standards for establishing, implementing and maintaining a privacy information management system (PIMS). PIMS is a framework for managing privacy risks associated with the collecting and processing of personally identifiable information (PII). It is designed to help organizations comply with privacy regulations, such as the General Data Protection Regulation (GDPR).