Picture this scenario: a marketing company signs a new client. As part of the contract between them, the client requires the marketing company to sign a document agreeing that any marketing company employees who perform work for the client must pass a broad background check including a full criminal history, confirmation of past employers and home addresses reaching years back, and a full drug screen. This document is handed to the marketing company as a simple, standard document that all service providers must sign. Far too often, the marketing company in this scenario simply signs the document along with all of the others without thinking twice.

In this situation, the company’s employees working on the job are marketing people. They are not operating dangerous machinery, dispensing controlled substances, or dealing with the client’s financial data. Most of the employees will not even step foot on the client’s property. Instead, they will be doing work that is creative in nature and will perform services remotely on a computer. Given the current state of the law addressing privacy protection and background and criminal checks in particular, the employer could face potential liability if it agrees to the client’s broad background check requirements and subjects its employees to the process.

For example, the EEOC has taken a vocal stand against the use of blanket criminal history searches  based on findings that criminal record-based exclusions may operate to disproportionately and unjustifiably exclude people of a particular race or national origin. Under the EEOC’s guidelines, criminal history checks may only be permitted if the employer develops a targeted screen considering the nature of the crime, the time elapsed, and the nature of the job.

In addition, the Fair Credit Reporting Act and similar state laws require employers to obtain consent and provide specific information to employees before running background checks. Moreover, drug testing as well as background and criminal history checks can potentially violate employee privacy rights if they do not relate to the position.

What then is a company to do when faced with a third party requirement that its employees undergo background checks? Fortunately, there are several practical and simple steps employers can take to avoid the pitfalls associated with these requests. The first, and often overlooked option, is to simply inform the entity requesting background checks that your employees do not appear to fall within the scope of the policy. Explain that they will not be on the client’s property and will not have access to financial or confidential data. Often it is as simple as making that point and the third party will agree that no background searches need be performed. Another option is to offer a revised version of the policy that is tailored to the work being performed. A third solution is to offer to have any employees performing work for the client sign a non-disclosure agreement. Finally, if none of these measures work, ask the third party to agree to indemnify your company for any liability associated with the background check — that request will often result in a quick change in position.