10 Common Background Check Disclosure and Authorization Form Mistakes

Organizations’ employment screening programs have been inundated with litigation over the last few years due to class action lawsuits surrounding highly technical enforcement of the Fair Credit Reporting Act (FCRA). A common weakness in an organization’s employment screening process is the Disclosure and Authorization.

Thought having a Disclosure and Authorization document was enough? Think again. Here’s a list of common mistakes that employers make with Disclosure and Authorization forms.


  1. The Disclosure and Authorization includes language releasing the employer’s liability by having their applicants/employees sign a release of liability statement

The FCRA doesn’t allow for employers to include “release of liability” statements within their Disclosure and Authorization forms. Moreover, you cannot include a release of liability statement anywhere in your application if it implies that the release of liability covers the use of a background check.

This was recently exemplified in a case against Whole Foods, where the company allegedly included liability waivers in their Disclosure and Authorization forms.


  1. The Disclosure and Authorization isn’t a stand-alone document separated from the application

This is a very common source of litigation in the last few years with organizations like Chuck E Cheese’s and several other high profile companies having class action suits against them. The Disclosure and Authorization documents are required to be separate from the rest of your job application. For online applications, you will need to separate the Disclosure and Authorization from the rest of the application by having it on a separate web page. By separating these documents from the job application, you ensure that the applicant knows exactly what they are signing when they are given to them.

Remember: You want your applicants to be aware of what they are signing. It’s an incredibly common scenario that an applicant will rush through an application, signing every line without really paying attention to what they are doing. It’s not until later on when there’s an issue with their background check, when they all of the sudden can’t recall giving their consent and want to take legal action.


  1. The Disclosure and Authorization doesn’t define the scope of the background check

If you are planning on collecting driving record information, disclose that. If you plan on obtaining a credit report, let them know. The main point is that not all background checks are the same. As such, your Disclosure and Authorization must define the scope of the background check on the applicant (see 15 USC § 1681a). If you are unsure of how to define the different types of information you will be collecting, ask your background screening provider. We’ll be able to guide you through it.


  1. The Disclosure and Authorization doesn’t include state-specific disclosures

Not only are you required to follow the federal guidelines under the Fair Credit Reporting Act, there are also several states that have enacted their own regulations that must be disclosed along with the standard disclosure if they are applicable to your organization. New York, Vermont, California, Washington, Minnesota, and Oklahoma each have specific requirements that must be included in the Disclosure and Authorization.

This mistake is also exemplified in the Chuck E Cheese’s background check case, where allegedly the company’s disclosure and authorization form did not include California-specific disclosures that were required for that location.


  1. The Disclosure and Authorization doesn’t have the Consumer Reporting Agency’s contact information

In a 2014 class action suit again Express, Inc. the plaintiff alleged that the Disclosure and Authorization form used by the employer did not include any information regarding the Consumer Reporting Agency (CRA). It is required that the applicant know who will be conducting the background check and how to contact them.

You will want to provide the name, address, toll-free telephone number, and website of the CRA that will be providing the information for the background check.This is important for multiple reasons. If the background screening provider needs to contact the individual to verify their personal information, the applicant can be confident that they are giving their information to the right person. It is also important for the applicant to know that the background check isn’t being conducted by you. Since their information will be given to a third party – the CRA – they need to know where their information is going.


  1. The Disclosure and Authorization doesn’t reference the “Summary of Rights” as a separate document

The “Summary of Your Rights Under the Fair Credit Reporting Act” document is required to be provided along with the Disclosure and Authorization (see 15 USC § 1681g). In a compliant authorization statement, the applicant will acknowledge receipt of this document. Ensure that each applicant is provided this document or a link to it within online applications.


  1. Extraneous information is included within the Disclosure and Authorization

Much like mistakes 1 and 2, this item results from adding unnecessary text in the Disclosure. When there is extraneous information, the Disclosure becomes convoluted. The applicant will likely ignore or not comprehend the information, leading to additional risk to the employer in potential future legal action.

For a couple real world examples of this issues, the class action suits against O’Reilly Auto Parts and Nine West both serve as examples of what not to do with your Disclosure and Authorization.


  1. Small and illegible type is used with the Disclosure and Authorization

In the class action case against Check’N Go, the plaintiff’s complaint alleged that the organization’s Disclosure and Authorization text was buried with 2 pages worth of small print that included several additional disclosures and legal text.

Basically, the document cannot be the “fine print” in an application. Once again, the compliance rules within the FCRA are trying to ensure that the Disclosure and Authorization makes it abundantly clear to the applicant that a background check will be conducted. Using small or illegible type goes against this.


  1. The use of additional releases along with the Disclosure and Authorization

Things like acknowledgements of other policies or certifications that the information that the applicant has provided is correct cannot be added to the Disclosure and Authorization documents. This falls within the umbrella of extraneous information. The Disclosure and Authorization needs to be used for no other purpose than its own.

This issue is most commonly seen through “at-will” employment acknowledgments. Several high profile organizations have made this mistake and it is likely that this will continue to be one of the more common mistakes in the Disclosure and Authorization. 


  1. Inclusion of the previous conviction checkbox on the Disclosure and Authorization that asks whether an applicant has been convicted of a crime

This is a tricky one; especially in light of recent “Ban the Box” legislation trending across the country. While this also fits within the realm of extraneous information, organizations need to be especially careful with the previous conviction checkbox because of the recent laws being enacted. If you live in a jurisdiction with “Ban the Box” laws, you may be hit with both an FCRA violation and a violation of your local ordinance. Regardless of whether or not your area has ”banned the box,” the previous convictions checkbox cannot be included in the Disclosure and Authorization.