Raise your hand if you work in HR and have ever been confused about what background checks you’re supposed to run on new employees.
Well, you’re not alone. If you’re responsible for security and screening, having a thorough background checking process in place is essential. But what do you need to do?
Luckily, we have BS7858.
BS7858 is a British Standard for screening employees working in security roles where the safety of people, goods, or property is required. It:
- Offers best-practice recommendations
- Sets standards for screening security staff
- Looks at security standards for contractors and subcontractors
In an environment where security is critical, not having a proper background checking process simply isn’t an option. Possible threats — from data breaches to threats or even violence — are real and immediate. With these risks on the horizon, BS7858 acts as a safety net.
It’s a thorough process for employees operating in high-stakes roles with public and corporate interests involved. It makes sure that every employee in a sensitive role is reliable, and sets the standard for safeguarding operational integrity.
Who needs to know about BS7858?
The short answer is anyone involved in hiring, managing, or working in roles that affect safety, security, or access to sensitive data.
That includes roles like:
- Security industry: Security guards, CCTV operators, control room personnel, and event security staff, and any staff working in secure premises.
- Financial sector: Employees with access to customer data; staff handling transactions; and compliance and risk officers.
- Health and social care: Professionals with access to patient data; healthcare workers in private homes, care homes, or secure healthcare units; and contractors or third-party vendors.
- Aviation and transport: Airport security staff, baggage handlers, ground personnel, and anyone accessing restricted airport zones
- IT and data: Personnel with access to confidential databases or networks; cybersecurity teams; cloud service providers; data center staff.
- Subcontractors, temps, and self-employed workers: Contractors or temp staff working in secure areas; freelancers with access to sensitive systems or data; self-employed individuals delivering services in regulated environments
The 2019 update to BS7858 regulation
In 2019, the BS7858 underwent a revision meant to streamline and improve the security screening process, in response to changing needs in the sector. The latest version, cleverly named BS7858:2019, includes:
1. Ongoing screening
To make sure that employees continue to meet standards after they’re hired, the new guidance encourages annual re-screening requirements.
Why? This change aims to build an ongoing level of compliance, and flag any changes that might make an employee unsuitable for their role. It’s not a mandatory change, but it is best practice.
2. More emphasis on risk assessment
The 2019 update places a stronger emphasis on risk assessment in the screening process. Companies are now required to carry out a risk assessment to identify positions within their organisation that require BS7858 screening.
3. Expanded definition of “screening”
The updated standard makes it clear that screening isn’t just verifying the facts. It’s also looking for risk factors, including financial risk like bankruptcy, large debt, or financial misconduct.
4. Data protection and privacy
In line with the General Data Protection Regulation (GDPR), the 2019 update includes more explicit requirements for handling data, respecting privacy, and preserving confidentiality.
5. More comprehensive guidance
To make the process a bit more straightforward and easy to understand, the updated standard includes more detailed guidance on how to conduct the various aspects of the screening process.
6. No need for character references
Character reference checks, once a part of the screening process, are no longer required.
7. The watchlist check
The BS7858:2019 standard introduced a new “watchlist” check, which screens individuals to make sure they’re not involved in criminal activities or a threat to security.
This means cross-referencing an individual’s details against national and international databases to ensure they’re not flagged on any watchlists. These databases can include individuals involved in financial fraud, terrorist activities, or other serious criminal offences.
Thanks to these changes, the BS7858 standard remains a robust and relevant tool for ensuring security everywhere it’s used.
Who needs a BS7858 check?
From aviation to finance and healthcare, the BS7858:2019 standard applies to a broad range of industries.
It includes staff in positions that involve the security and safety of people, goods, or property. The obvious example is private security guards or airport security, but it can also include financial organisations or healthcare roles.
You must keep any data collected during BS7858 screening for at least seven years. This is important for any audits or compliance checks. If an employee leaves the company, their screening records should also be kept for two years, in case of any post-employment issues.
What checks do I need to conduct for BS7858 screening?
Personal identity verification: Personal identity verification forms the foundation of the BS7858 screening. Identify verification makes sure an individual’s name, date of birth, and current or previous addresses are checked against official documents like a passport or driving license.
As part of this process, you’ll also have to check their right to work in the UK. You might also want to run a credit check to confirm their identity and address, and provide insights into their financial integrity.
Document verification: As part of the screening process, critical documents like passports, driving licences, and utility bills need to be verified. This is essential in validating a person's identity, verifying their right to work in the UK, confirming their current and past addresses, and ascertaining other key identity information.
Employment history: Under BS7858, you’re required to verify employment history for a minimum of five years. You’ll need to check start and end dates, job titles, and reasons for leaving. Any gaps, including unemployment or education, need to be accounted for and verified.
Having trouble verifying employment? Zinc’s direct HMRC integration makes it easy to do in seconds. Learn more here.
Government watchlist and sanctions checks: The aim of this check is to add an extra layer of protection, preventing individuals with potentially harmful intentions from gaining access to sensitive roles or workplaces.
Criminal record check: A criminal record check is a crucial aspect of BS7858. This involves checking the individual's criminal history through the UK's Disclosure and Barring Service (DBS). The level of check required will depend on the role, and whether they’ll have regular contact with children or vulnerable adults. For example, a security guard might need a more thorough check than an office staff member.
Financial checks: A financial check assesses an individual's financial integrity. It involves scrutinising the individual's economic history, which includes County Court Judgments (CCJs), bankruptcies, or Individual Voluntary Arrangements (IVAs).
It helps you understand if the individual has been involved in significant debt or financial mismanagement, which might make them a potential risk, particularly in roles that involve financial responsibility.
How far back does BS7858 screening need to go?
BS7858 requires screening of the last five years of a candidate's history — or longer.
Depending on the specific requirements of an industry or company, you might have to go back further. For example, some orgs might require it for senior positions or sensitive roles.
What to do with BS7858 data
Every bit of data you gather, process, and store must be handled in line with GDPR requirements and the Data Protection Act 2018. This makes sure that you’re upholding the privacy rights of individuals, and it outlines requirements for how long data can be stored, how it’s used, and who can see it.
The importance of ongoing checks
The 2019 update to the BS7858 standard introduced the need for annual checks. Your business doesn’t stay stagnant, and neither do your employees.
Ongoing checks make sure your employees are continually compliant and help proactively identify any changes in circumstance. These ongoing checks might include reviewing any changes in criminal record, financial status, or other factors that were included in the initial screening.
The Security Industry Authority (SIA)
Hiring security guards? There’s more to know than just BS7858 requirements.
A valid Security Industry Authority (SIA) card is a critical requirement for anyone aspiring to work as a security guard. This card acts as a licence to operate within the security industry, signifying that the holder has met the rigorous criteria set by the SIA and is duly authorised to perform their role. You need to verify this during BS7858 screening.
As the organisation responsible for regulating the private security industry within the UK, the SIA ensures all security personnel meet the required standards of integrity and professionalism.
But just having the SIA card isn't enough. It's essential to verify its authenticity against the SIA register. This step ensures that the individual in question is genuinely licensed to work as a security guard. This crucial process not only maintains the integrity of the security industry but also promotes public trust in the services offered by private security personnel.
Benefits of BS7858 employee screening
If BS7858 has so many requirements, why bother? Well, there are a couple of good reasons:
Compliance: For starters, you’re often required to comply with BS7858 by law, depending on your industry and the regulation you’re bound by. If you don’t, you could receive fines, penalties, or business restrictions.
Risk reduction: BS7858 checks reduce risks and identify potential security risks before they become a problem. If you’re working in an industry with sensitive information or high-value assets, staying ahead of issues is essential.
Building trust: If your clients and stakeholders understand that your vetting process follows industry standards, they’ll know you take security seriously.
Quality of hire: Everyone wants to hire the best. With BS7858, you can be confident that your employees are reliable, and have the qualifications and experience they claim to. High quality staff = high quality services.
Employee morale and safety: Knowing that all staff members go through a rigorous screening process makes your workplace safer, and makes employees confident that you care about their well-being.
Protect your reputation: Security breaches, fraud, or other misconduct doesn’t look good to stakeholders and clients. A thorough background check helps prevent incidents.
Reduced employee turnover: Making sure your employees are suitable and qualified helps reduce the likelihood that they’ll leave early, either through termination or resignation.
Prevent fraud and theft: BS7858 includes financial checks, which identifies individuals who might be at risk of fraud or theft.
Efficient decision-making: Having one standardised background check process makes your job easier and more efficient, particularly if you need to fill positions quickly.
Ensure continuity: The BS7858:2019 standard introduces the requirement for annual checks, which ensures employees continue to meet standards and your organisation stays compliant.
Final thoughts: The importance of BS7858 screening
If you’ve already got a lot on your plate, keeping up with BS7858 requirements can feel like a monumental task — especially when all those re-checks come due.
Luckily, BS7858 is designed to standardise your background checks and take the guesswork away. And working with a third-party background checking provider can help shift even more of the burden off your plate.
To learn more about how Zinc makes BS7858 screening simple, efficient, and clear, get in touch with our team today.
