At a glance
NEXT conducts pre-employment background checks for new hires: identity verification, disclosable court outcomes or pending charges (where permitted by local law), and prior employment history verification. Checks are proportionate to the role and performed before an offer is finalized (or as a condition of employment).
Scope & timing of checks
Identity verification — confirms the candidate’s identity.
Criminal-record outcomes (where lawful) — considers disclosable convictions or pending charges only in jurisdictions that allow employer checks.
Employment verification — confirms prior roles and dates before an offer is made.
Legal & privacy (EU focus)
Under GDPR Article 10, processing criminal-offence data (e.g., criminal records) is allowed only when carried out under the control of an official authority or when authorized by EU or Member-State law with appropriate safeguards. NEXT limits checks to what is disclosable and lawful in the relevant country and does not maintain any comprehensive register of criminal convictions.
Framework alignment
ISO/IEC 27001:2022 Annex A 6.1 (Screening): emphasizes proportionate, lawful pre-employment verification for roles with access to information assets.
NIST SP 800-53 Rev.5 PS-3 (Personnel Screening): screen individuals prior to authorizing system access; re-screen under defined conditions. (Where applicable, NEXT AI may require re-screening for specific roles or regulatory obligations.)
Note: Local laws differ by country. If a specific role or region requires additional vetting (e.g., financial-services roles), NEXT applies checks only to the extent lawful and relevant to the role.
FAQ
Q: What background checks does NEXT perform?
Identity verification, disclosable criminal-record outcomes/pending charges where lawful, and prior employment verification (role-proportionate, pre-employment).
Q: Are criminal-record checks allowed in the EU?
It depends on local law. GDPR Article 10 allows processing criminal-offence data only under official authority or where EU/Member-State law authorizes it with safeguards. NEXT AI follows the local rules and limits checks to disclosable outcomes.
Q: When are checks performed?
Before access is granted—typically pre-employment (or as a condition of employment) to align with ISO 27001 screening guidance and NIST PS-3 expectations.
Q: Does NEXT re-screen employees?
Where required by law, contract, or role change (e.g., expanded privileged access), NEXT AI may conduct re-screening consistent with NIST PS-3.
Q: Do contractors or vendors undergo checks?
For third parties in sensitive roles (e.g., with access to customer data), equivalent vetting may be required by contract and local law, aligned to the same principles (proportionate, lawful, role-relevant) (see ISO 27001 Annex A 6.1 context).
Q: Do you keep a register of criminal convictions?
No. GDPR Article 10 states any comprehensive register of criminal convictions is kept only under the control of an official authority. NEXT does not maintain such a register.