COMPLIANCE

FCRA compliance guide

Learn how to stay compliant with background screening regulations and industry standards.

FCRA Compliance Essentials

  • 1

    Written Disclosure & Consent

    Employers must provide written disclosure that a background check may be requested, obtain written consent, and maintain records of both for at least 3 years.

  • 2

    Permissible Purpose

    Reports can only be requested for legally permissible purposes, such as hiring, promotion, retention, or security clearances. Employment is the most common permissible purpose.

  • 3

    Pre-Adverse Action Notice

    If adverse action may be taken, employers must provide a pre-adverse action notice including the report and consumer rights summary before making a final decision.

  • 4

    Accuracy Requirements

    Reports must be accurate, complete, and up-to-date. Our paralegals verify all information directly from court records to ensure accuracy.

  • 5

    Dispute Resolution

    Candidates have the right to dispute any information in their report. Employers must provide notice of dispute rights and follow up as required.

Adverse Action Process

  • 1

    Initial Decision

    Employer determines that background check results will lead to adverse action (denial, termination, etc.).

  • 2

    Pre-Adverse Action Notice

    Send written notice including the report, summary of rights (FTC summary), and explanation of candidate's rights to dispute.

  • 3

    Reasonable Wait Period

    Allow the candidate reasonable time (typically 5-7 business days) to review, dispute, or respond to the information.

  • 4

    Final Adverse Action Notice

    After waiting, send final notice of adverse action with information on how to contact the reporting agency.

  • 5

    Dispute Support

    If candidate disputes information, Information Direct will investigate and reinvestigate the claim within 30 days.

  • 6

    Documentation & Records

    Maintain records of all notices and responses for compliance audits and potential FTC inquiries.

State-Specific Requirements

California (CA)

7-year lookback period for criminal convictions. Cannot report convictions more than 7 years old (with limited exceptions for positions over $100K). Special notice requirements for investigative reports.

New York (NY)

Article 23-A requires individualized assessment of criminal records. Cannot reject solely based on conviction history. Must consider job relatedness, rehabilitation, and timing.

Illinois (IL)

Written consent required before requesting background check. 30-day waiting period after pre-adverse action notice before final decision. Must provide notification of dispute rights in writing.

Massachusetts (MA)

CORI (Criminal Offender Record Information) reform restricts reporting. Cannot report first offense convictions. Cannot consider sealed records. 10-year lookback for most offenses.

Colorado & Other Ban-the-Box States

Cannot ask about criminal history on initial application. Must wait until conditional offer before running background check. Many states have similar restrictions with varying timeframes.

Data Security & Privacy

  • SSL Encryption: All data transmitted to and from our servers is encrypted using SSL/TLS protocols.

  • Data Encryption: Personal information stored in our databases is encrypted at rest.

  • Access Controls: Role-based access controls limit who can view sensitive candidate information.

  • Audit Trails: All access to candidate reports is logged for compliance and security purposes.

  • ISO 27001 Certified: We maintain ISO 27001 certification for information security management.

  • Regular Audits: We conduct regular security audits and penetration testing to identify and address vulnerabilities.

Downloadable Forms

Applicant Release Form

Downloadable release form for applicant notification and authorization to conduct background screening.

Download PDF

Credit Card Authorization

Authorize Information Direct to charge your credit card for screening services. Accepts Visa, Mastercard, and major cards.

Download PDF

Service Agreement

Review our standard client service agreement outlining FCRA responsibilities, adverse action procedures, and terms of use.

View Agreement

Need compliance assistance?

Our compliance team can help ensure your background screening process meets all federal and state requirements.

Get in Touch