Lack of Regulation In the Information Technology Industry

This month I would like to use this opportunity to give you some insight as to the lack of regulation in the Information Technology industry. Yes, you read that correctly. Why is this important? Primarily, because the first step to protecting your business is to be informed!

There are no regulatory bodies determining who can work in the Information Technology industry and who can’t. Unfortunately, most of us simply assume that if someone has some IT knowledge, then surely, they are trustworthy because it is such a “white-collar” job. That assumption is wrong and dangerous. Where I see this issue most often is with smaller companies who are either hiring their own IT person or contracting with a company to do their IT work. Unfortunately, IT people don’t get “disbarred” or “lose their license” when they make poor choices that include legal ramifications. More often than not, small companies assume too much and never ask for the results of a criminal background check for an individual contracted resource or for the employees of a contracted company. The possibility that someone with a history of making bad decisions, could potentially make another bad decision to the detriment of the business should be enough; however, many small business owners fail to consider the reputational damage suffered if customers or community members find out that such individuals have been given access to their customer or patient data. In healthcare for instance, compliancy has become such a prevalent topic, that it is entirely conceivable that a small medical practice may suffer irreparable damage if patients became aware that someone with a criminal record has access to their patient records! So, what is the solution? Simply do what the bigger companies do, explain to the potential in house or contracted resource that, due to the nature of your business, a national criminal background check is required for anyone who will have access to your data. If this is a for-contract company, they should be willing to provide copies of the background check for any employee that may access your data. If the company is a legitimate business, then this should not be an issue. A national criminal background check costs around $50-$100, which is a relatively small price to pay considering the alternative. Unfortunately, many individuals who know they cannot get beyond the criminal background check part of the pre-employment screening processes of bigger companies, will either start contracting with small companies or accept employment with a small IT company that contracts with other businesses, in an effort to earn income while avoiding the criminal background check issue. Let’s not allow that to happen. Your patients and customers deserve better!

Paul Meadows,