iCIMS Hacks: EU AI Act & ATS Compliance Tips (3/27/26) Artwork

System Admin Insights

A podcast for the humans behind HR tech. We dive into the systems, strategies, and stories that keep talent operations running. Real talk, smart tips, and community for HR system admins who make it all work.

All Episodes

System Admin Insights

iCIMS Hacks: EU AI Act & ATS Compliance Tips (3/27/26)

March 31, 2026 • Alex Marcus • Season 1 • Episode 50

0:00 | 56:52

March wins, workflow improvements, and a deep dive into EU AI regulation. Learn what ATS admins must do now, from auditing AI tools to vendor accountability. Plus, tips on data privacy, integrations, and avoiding compliance risks across your tech stack.

https://systemadmininsights.com/

Speaker 1 0:00
All right, go ahead and get started. Welcome to system. Evan insights, everybody, so good to see you here. As always. Let's kick things off with little gratitude. I could share something in chat that you are grateful for today. I am grateful for Dario amo day. Am I saying his name right? Vivian, still figure that out. Okay, Kayla Amadei is the CEO of anthropic they make Claude, and I'm going to share an article that I put on LinkedIn today as well. It's called the adolescence of technology, and it is thoughtful and deep and accessible, and it speaks to all of the things that we're thinking about. One particular section talks about labor market and job disruption, and you know, they're really, really interesting thoughts in here, so I encourage you to check it out. But it's nice to feel like somebody at the head one of these organizations is really invested in approaching this thoughtfully, carefully and not with well, I'll just leave it at that. Really like the guy, what else we got? Countenance Townsend says, I'm grateful that last night's storm didn't damage my property and that the tree that fell over across the street missed all three houses next to it. Wow. Yeah, trees going down. Patrick says, grateful for patience. I hear that Cheryl, the sun's out. Vivian, grateful for my team. Likewise. All right, so we wanted to get started today by sharing some wins for the month of March. Welcome Angela. We get my screen here, there we go. So Patrick, I do believe that you're on the call and you shared a win for March. You said our newly appointed ta manager looked at our workflows with a fresh perspective and together keyword together, we identified gaps and lags and improvement areas that have made processing candidates a lot more smoother, and should lead to better reporting metrics. The information I have gained from being part of this community is what led to those conversations. Very glad to hear that Patrick and very glad to hear about that collaboration. Thank you for sharing that. Anything else you want to say on that?

Speaker 2 2:14
How's that going? Just wanted to say that you know the information and the calls that I participated in, and the discussion boards I participated in, I was able to show my TA manager, you know, how we can improve things. And me and him actually worked together in another life in the military, so we've known each other for 20 years. So he kind of knows how I think. I know how he thinks. And we sat down and we tabletop the entire workflow for a whole entire day, and we were able to find lags and drop points, and we've already made huge corrections on unnecessary workflow points that we had that had already made things a lot better.

Speaker 1 2:55
That's fantastic. So glad to hear it. Thanks for sharing that. And I don't think Alyssa is on the call, but she shared, after a long time coming and a lot of behind the scenes cleanup and isims, merging duplicate profiles, correcting person folders and updating key fields like username, email, employee ID, current job title, position ID and manager we've officially gone live with our hrs items integration feed for current employees. Previously, there was no consistent process in place for maintaining these updates. This new integration will keep our system up to date automatically improve access to the internal portal and help reduce fingers crossed the number of duplicate records that are created moving forward. So glad to hear that. All right, now we're going to jump over to a very interesting topic. Vivian posted about EU AI regulation. The EU AI regulation is a very big deal. And Vivian, maybe you could explain a little bit to folks why it's such a big deal.

Speaker 3 3:53
So it's a big deal in the sense that the EU seems to always be ahead of the curve on these types of things. They started with GDPR, and then in the US, a lot of similar rules like CCPA followed. So at the present moment, if you're not operating in Europe, it doesn't affect you as much if you're only in the United States, but a lot of us, state based laws seem to follow some of these very landmark EU regulations. So it's always a good idea to be aware of how you would be compliant to them in advance, and, if possible, become compliant to them in advance, because of the fact that a lot of US laws tend to follow them, just like GDPR privacy laws spawned a couple of dozen laws across the United States. So the law itself is a first of its kind, obviously, and one of the things that's really kind of crazy about it is that it classifies AI as a high risk. And what that really means is that it's a legal classification under the EU law that basically says that most the most. Stringent compliance is necessary, if not outright, banning the technology altogether. So Ottawa, we talked probably six, eight months ago about the rule in Ottawa, Canada, where they were requiring disclosure that you were using AI technology as part of that law. There's one example of how that law spawned this law, and it's going to continue. So we there's a couple of really key important things to know about it, and this one is really crucial. A number of customers that I've worked with over the years have always just assumed, especially around GDPR, that if I Sims is compliant with GDPR, that insulates you from having to be compliant. You the customer from having to be compliant, because your vendor is the one that is compliant, so therefore you're compliant. In this case, it specifically calls out that that is not the case. That you are a deployer of the AI technology, which means you, the person who is deploying the tool is the one that is responsible for obligate being obliged to be compliant with this law. And so that's something to be really cautious about. It does not officially take into effect until August of 26 which is three months from now. So this is something that is on the horizon. Is coming up fast. And if you do any business where you hire in you any EU countries, it's something you really want to start thinking about how to become compliant with in advance. So it also calls out that it has extra territorial reach. That's if I had $1 for every time somebody I was implementing, said that they don't need to be compliant with GDPR because they don't hire in the EU. I'd be much, much richer. But in general, fact, the way that the EU is the GDPR is written as well as this is written. Extra territorial reach means that if I am a resident of a specific country in the EU, and your business is based somewhere else, but I have applied or interacted with your service, applied to a job, apply or bought your product. You are liable to my country's laws where I am physically sitting. That's what extra territorial reach generally means. So if you think anybody's ever going to find you on the web and apply to a job, you would likely want to be compliant to this, if at all possible. So there's another case where their legislature and what they've written kind of reaches out to everyone. So I'm going to shut up now. Are there questions?

Speaker 1 7:31
One quick correction, I think, I think the high risk compliance requirements go into effect in 2027 August. 2027 you said 2026 Gotcha?

Speaker 3 7:41
Yeah. Yeah. Gotcha. Thanks. Thanks for the correction. Any other questions?

Speaker 1 7:47
Well, I'm curious. You know, Greg, you commented in here asking specifically whether items can service logs of AI outputs through reporting. You say some more about that. Yeah, it's,

Speaker 4 8:01
it's, there's a record, there's this retention record component to the EOI act, and it's kind of confusing, because you're like, Well, you've got to be able to, you know, pull and retain these logs. It's not something that I'm aware that we can do today. It's like we could run a report. So if it's not something, you know, the question, what we have out for I Sims, they're going to have to answer over the next calendar year is, is this something that's going to make a customer support request? Is this something that they're going to have to build out so that they're not flooding their help desk? Because if we're going to have this requirement, and we're going to have to be able to respond, you know, even if we do our own internal audits by done by our general counsel or by compliance teams, we need some mechanism to provide those logs. Otherwise we're going to be inadvertently non compliant. And I think to Vivian's point, it's like we can't assume the vendor is gonna do the work for us. So if the vendor, if I Sims, the vendor is going to say we can't do that for you. You shouldn't expect that. However, we'll give you the tools to that's that's different, but we need to figure out over the next count of the year how we're going to meet that requirement.

Speaker 3 9:12
Yeah, so this is definitely a question for all of us to be raising up in the sense that we should be actively in the i Sims community asking for feature requests. So if you think about the way, if any of you have done GDPR, there is a specific area of the system that they created where you do personal basically reporting essentially on what people's personal data privacy requests are. So it's a an auditing portion of the system, where you can go in and you can see that someone's requested that you delete their record, or that someone has requested that you look at their record only for a certain period of time, and then you can audit your system and regularly be compliant with that. In that comes something called data enough. Anonymization, one of the other questions Cheryl had asked was, if it's a GDPR conflict. I'm hoping I don't know this for certain, so don't take this as legal advice that the data anonymization aspect of isims GDPR compliance will be compliant with this. Basically that means that if you have the GDPR functionality configured, the GDPR functionality has a feature that does not purge the record so that it's no longer in your system. It basically anonymizes all of the personal data so you can keep your workflow that you've moved 20 people through the system. You don't delete that person's record because they requested deletion. You delete all of the identifying information that would make you recognize that it's them. So it would essentially delete all of the name and contact information off of their resumes. It would delete anything in the in the contact fields that would identify them as that individual, and that's considered anonymization. So I'm hoping that this EU AI act will comply with that same rule so that the two rulings don't conflict with one another, because then that's going to be a really fun legal battle they're going to have over in Europe for a little while. So Cheryl, did you have any other questions or thoughts on that?

Unknown Speaker 11:20
Cheryl, on the call, Cheryl heard you for a second. You there?

Unknown Speaker 11:29
Okay, can you hear me now?

Speaker 5 11:32
Try out for Verizon. I did not have any other questions. It just, it kind of made me realize, like, what would happen if it conflicts, or anything like that. So thank you for letting me know that it just pretty much pretty much anonymizes it. I was having some issues because, like, a person who wanted their information deleted after they had anonymized it, they like logged back in, and it was like, Oh, they can still log back in.

Speaker 3 12:02
I Yeah, so it's it should have anonymized them to the point where they couldn't log back in anymore, because it should have gotten rid of their personal email, which is the only way I could see that that would happen, is if they created a unique login login name instead of using their email as a login name. I don't know if login name gets kicked out for anonymization?

Speaker 5 12:21
Yeah, I don't know. I just, I was like, asked about it, and I was like, Wait, how did they get back into the system? Like, I couldn't even find them in the system, right? Because their name doesn't exist. It's kind of interesting.

Speaker 3 12:34
Yeah, I wonder if their unique login name, in that case, was still present without more information, it is anonymized. You can't find them as and it's done that by design. So yeah, oh yeah,

Speaker 1 12:48
I want to, and I want to go back and correct my correction. I apologize. I got confused because I saw a couple of different dates, and so I did a little homework here. So August, 2, 2026 that's your real deadline. That's when high risk system requirements apply. If your system makes or influences hiring decisions, uses AI and screening or ranking, you must be compliant by that date. And then 2027, that's when enforcement type Titans

Unknown Speaker 13:17
Gotcha. Yeah?

Unknown Speaker 13:20
So yeah, it's, it's coming up fast.

Speaker 3 13:23
So in general, this is something that I, since I'm hoping is on top of, I don't have any insider information as to whether that is happening. At the current moment, is Rob on the call?

Unknown Speaker 13:36
I believe Rob is on the call.

Unknown Speaker 13:39
I will say it's on it's on the radar for sure, absolutely

Speaker 3 13:49
not to call him out or anything. Rob, if you're on the call, please chime in if you are

Unknown Speaker 13:55
aware. Rob just answered,

Speaker 6 13:57
did he? It's definitely on the radar for sure.

Unknown Speaker 13:59
Yep, something must be up with my honor. I didn't hear anything. Oh, there you are.

Unknown Speaker 14:05
I heard you just find Rob. Yeah, okay.

Speaker 3 14:10
Do you know if this is on developments radar? Yes, it absolutely is. Is there any like I do? We haven't. Do you have any information on that? Not to put you on the spot, I don't.

Speaker 6 14:23
I don't, unfortunately, have any any further information. I just know that it's on the radar and that it's in the roadmap. Perfect.

Speaker 1 14:30
Kathy. Kathy could share, yeah, Kathy did share response that she got from her CSM. And see in SAF you want to check that out. And it goes into, it goes into detail about what they're working on. I encourage people to check that out. Awesome. So I'm curious, is anyone actually updated candidate facing privacy disclosures around around this i.

Speaker 3 15:03
Since it's brand new, I'd be very surprised, but very happily surprised if somebody's already ahead of this.

Speaker 4 15:10
We just started rolling out training just a lot of people kind of get people on the same page of what is the regulation like, and how what does that mean? And I know that internally, we are reviewing what, what kind of language needs to be posted where, and what, what those changes are going to look like over the coming year. I think obviously the hesitation is that our, our legal counsel, is still trying to interpret it. And I think, yeah, I think you just mentioned moving again as well about the potential conflict with GDPR, you know, we're, I think there's, I think they're trying to still work their way through talking to their external counsel out there in the EU and try to make sense of it before investing and making a lot of changes, especially those changes are not going to address the law. So I think, I mean, well, this is normal, you know, we'll sort it out. You know, as soon as it goes from being clear as mud to maybe like a little opaque, I think that's when you'll start seeing things get rolled out, notices being put in. And, you know, procedures update it. I just think right now, the way it's written, even the trainings are rolling out, they're still kind of vague. And I think that's the, that's the that's the challenge. I mean, I get the intent, what I'm really going to be interesting, it's gonna be very creative, is to see, very curious to see what are the unintended knockoff effects. I mean, what we saw with GPR, for example, you know, where companies just started updating their retention policies to just say, you know, we're just going to clear out our data earlier, which was great on one hand. On the other hand, it made it made it tough for discovery. And some, some organizations found it very convenient, because I just figured, you know what, let's just up our schedules around we can get it's not make it easy for discovery. For the other side, I'm curious. Well, I'm really curious to how this will get played out. You know, what? What does some well, you know what? Enterprising individuals see this as an advantage. You know, it is good for privacy at the end of the day. But I'm really interested to see how this will play out over the coming years, because there's always that. What my concern is, when these things get rushed, we sometimes forget that these can open up opportunities or open up other areas and loopholes that we didn't think about, especially with fast especially something as fast as AIS work, because we're basing this on the current spec of AI, and what happens if AI completely changes it? What happens if AI starts getting recognized by certain entities as more than just a piece of technology? What rights do they inherit? Then all of a sudden, the laws become even bigger.

Unknown Speaker 18:19
Well, you took it to Star Trek

Unknown Speaker 18:20
level. Somebody reads asthma, yeah, well,

Speaker 1 18:26
you know, watch very interesting video from anthropic where they have a full time philosopher on staff, and they were talking about the morality of deprecating models, right? Very interesting. What, for me, the elephant in the room is so you were talking about what you could do now, you said, talk to your vendors, but don't stop there. Ask your ATS provider what they're doing about EU AI Act compliance. It's a mouthful. Get it in writing, then understand that their compliance does not replace yours, your deployer with your own obligations. What am I supposed to do with that? I don't have the resources to to do data security analysis, analyzes that my vendors do. What do I do with that information? What you

Speaker 3 19:08
do with that information is Michelle made a point that she currently uses copilot, and copilot isn't an it's not integrated with license in any way, shape or form. We use granola, which is another tool that helps us when we're like putting together, basically transcripts, and helps us with notes and note taking all of these different ancillary tools that you're using that's an AI touch point. So start documenting all of the different places where AI is touching your processes. Are you using Gemini? Are you using copilot? Is that something that could potentially be interacting with what you're using and just get a lay of the land on paper in writing and do an inventory? Are you using chat bots anywhere? Is interview scheduling using smart logic? Write it off? Down. So whenever anything like this comes up, doing an inventory and trying to find the places where it might affect you, and seeing, are there places where there might be problems with the way that that software is interacting with the software that you're working with on a daily basis? Is there a an issue where you're GDPR compliant, but you've got an integration with a vendor that isn't GDPR compliant or doesn't recognize that you have anonymized the record in your system, and then that they need to anonymize the record in their system. So for instance, an external CRM. So if you're not using isims CxM tool, or using avatar or using another tool, and is that tool compliant with in this case, I'll say GDPR, where you've anonymous, you've you've deleted the record in isims, or anonymized the record in isims, does avatar now know to go anonymize that record so that you're still compliant and they can't find that person's record. So just try and figure out where all this interconnectivity in your tech stack is and document it. That's the first step. Talk to your vendors. If there's more than one vendor that's involved in your your loop, don't just talk to I Sims about this. Talk to your background tech vendor, talk to your assessment vendor, talk to every single one of them and just say, Hey, this is on my radar. I'm concerned about it. How are you handling it? How do you recommend I handle it? Start seeing how all of the different companies in the ecosystem of your your tech space and your tech stack are managing this upcoming rule, and also make sure that leadership is aware that this is on the and your legal team is aware that this is on your radar and that it's on the horizon. One, oh, make you look good, because it might not be something they were even aware was a problem, and you're ahead of it. And two, it's better to be forewarned and forearmed than have to defend yourself at the end. So as long as you're aware that it's coming, and you've made everyone that you need to that will be your potential assistant in a battle, if it comes up, aware that this is something that might impact your organization, and start assessing the risks early, you're always ahead of the game. And again, I keep referencing GDPR. If your org went through GDPR prep, I think one of the things that you could if you have not gone through prepping for GDPR, that might be a good place to start, because those rules are clearly defined and have six or seven years of legal precedent behind them at this point. So if you can start to get yourself to the point where you are more compliant to GDPR and all the well documented ways that GDPR applies that that will put you in a better position to adopt this when it comes up, because many of the same principles apply, though there are a lot of nuanced variations in the law, but if you're not compliant with GDPR, you're even further behind the game than you are before. So that's my advice. Yeah.

Speaker 1 22:52
I'm really curious to hear if anybody on the call has strategies for surfacing shadow tech, because you can have policies all day long, and then you've got somebody out in the field putting HIPAA information into a PDF scanner app on their phone. Right? What do you do about that? Because you're not necessarily, nobody's going to volunteer and tell you that, but you got to be aware of it. I

Speaker 4 23:28
What's the saying, Alex, the road to hell is paved with good intentions. I meant no harm.

Speaker 1 23:34
Yeah, save time. You want me to work more efficiently? I'm working more

Speaker 4 23:36
efficiently now. Or you didn't tell us, we didn't have to do we couldn't do that. Couldn't use that, you know. And I, you know, it's funny, you don't, you start that. You many people would think, Oh, it's someone that's a lower level role. And many times it is because they're just trying to be scrappy and work, you know, work, you know, meet their requirements. I've also noticed it can be other departments or divisions. Who are, you know, there is no structured procurement guideline. There's no structure there framework. So they kind of go and say, Look, I have a challenge. I found a vendor and, you know, I, you know, did some bid process, and then I, you know, it meets our needs. So what's the problem with that? And at no point, it's not until later on that we get further into our procurement process and other teams start kind of looking at it. You start asking some questions about, you know, kicking the tires of the vendor. But I think the real challenge has been trying to create a process where you're looking for duplicate services and solutions, where you are trying to say, Okay, why are we doing this? So that's that's a process we're beginning to really tackle now internally, where we're trying to put some more checks and balances into. Gonna find it. But the larger the organization, the the more you're gonna find these shadow databases. Find the shadow tech. Unfortunately, we find out either during you know what's happening today is you find out during audits. You find out during conversation. That's always been my fun. I usually catch it during a consult, someone will say something that catches my ear, and then I'm like, can you repeat that just again? I misheard you. Are you saying you have an entire applicant tracking system on the side? We had a bit of it. We had that happen last summer where we discovered an entire, you know, entire division had an applicant track system. They actually went and purchased it. And everything we found out about a few days before deployment. So it happens, but we don't see it as we really see it, where we're going to really get concerned of I think, as you just mentioned, the apps. So I have an AI that I open up, and this is where your AI governance and AI education starts to kick it in, and we just start rolling out, literally this week, where people will start giving their chat bots, giving AI, giving their tools, pretty much called Launch access to all their back end stuff, which is also giving them access, possibly to their organization. So we're not talking about their personal Google Docs or their personal talk about them giving access to their organizational this is where it gets scary, because these apps, these bots, depending on the permissions that have been granted, they're getting a lot of access, and it may not seem like a big deal initially. They could be like, well, this app doesn't do anything with that. It just does this instead, yeah, today, it doesn't tomorrow. They could change their privacy agreement, which, I'm honest, it's hard to read all of it and keep up with it, and then next thing you know, you have, you can end up with a breach, or you find out that data has been, has you know, it's been caught up in some other investigation. That's how you kind of get your organization pulled into something kind of scary. So it's trying to also educate your users and a larger organization, the more that you need that governance and that training to have place and procurement is your friend, by the way, this is where, if you have a larger organization, you're having to make purchases your procurement team, or whoever's responsible for coordinating, okay, this gets purchased. These are the POS, that's your team. There's that's your that's your funnel. You have to find a way to, kind of, you know, you know, create alliance with them and be able to identify them.

Speaker 1 27:35
Well, I think we've all been trained to ignore those things, particularly by Chrome plugins. Every time, every time you get a Chrome plugin, there's some there's some warning message that should make you scream. You know, Google this, this app now has access to everything, essentially, and I think, out of exhaustion or whatever, overwhelmed like, we just get to the point where it's like, oh, okay, I hope it's hope it's safe.

Speaker 4 28:05
But you know what's interesting? Here's the kind of parallel that's happening with AI. We're getting used to giving technology a lot more access because we're trusting it's useless unless we give it more and train it, even if it's you're using your own personal account. So now I'm used to giving ABC insert whatever name in terms of the service you want to use, and I'm giving them access because I feel I personally am comfortable with it. So here I come along and I go work for an organization, but that may not be so comfortable with my approach. The next thing I know, I get, I get that alert, Alex, and I'm thinking, what's the big deal? I'm so used to giving technology my access, what's the big deal. And then you kind of start translating that with maybe, you know, corporate espionage, or other individuals that you know other organizations that may not be as maybe stringent with their security. And you kind of, you kind of start seeing where the parallels of our attitude towards one part of the tech stack can impact the other side of the tech stack.

Speaker 1 29:10
Also, was recently a case where it was ruled that your chats can be used in discovery. They can from personal accounts specifically, yeah, and it was ambiguous about corporate accounts, but for personal accounts, it's a case where somebody went to trial and their personal chats were subpoenaed. So rich, rich conversation. Thank you, Vivian, so much for keeping us up to date on all of this. As always, we'll move to isims conversations. Cheryl, you put something in here. You didn't mark it as a live call question. But would you like to talk about GA four and GTM settings and I Sims?

Speaker 5 29:48
Yeah, so I would say I don't know. A few months, maybe earlier, last year, sometime, I found these settings in isims, and I realized I don't know how to use them. No. Ever seen them before? I tried to look up some information, like KV articles, didn't find anything, and it's for Google Analytics, and the GTM is Google Tag Manager, in case anybody didn't know. And I was just wondering, if anybody had used them, what does it do? Etc, etc. I haven't reached out to items yet to kind of asked them, but I know we've been having some GTM issues recently, so that's one of the reasons I thought I would resurface this and see if anybody knows what the heck those deals do.

Speaker 3 30:32
I literally just had a conversation with a customer about that this week. That's awesome. It's funny how these conversations just parallel things. So Google Analytics, you need a separate Google Analytics account to use those specific settings. So you will have to go to your marketing team specifically to have a conversation with them about these numbers and what they essentially, what they what they do is they provide individual codes that Google can use when it's trying to track click through. It's trying to track your SEO. Basically. The whole point of those things is search engine optimization and optimizing spend, which is why it's usually marketing teams that have the account to be able to work on that. So the tracking ID, and there they can be portal specific. You can put those in, and it will just give Google a variety of different ways to see, click through, rates, drop off, all of the things that career sites actually does. So if you have career sites, there's kind of an argument that it's a duplicative measure to have the Google analytics piece in there. So I've seen people advise, I've seen implementation managers advise people not to put them in there if they have career sites the product specifically, because you already also have the native analytics tool that's part of career sites if you have the career sites tool. So that's one little nugget, but the whole point of that is to give you the ability to track marketing spent. And if you can work with your marketing team on getting those specific numbers and keying those codes in, then they have a dashboard in Google Analytics that will give them the ability to give you some real numbers and data around how successful your portables and your candidate experiences Interesting.

Speaker 5 32:21
Okay, and you said, and just to make sure I understood, if you have career sites, it's duplicative, and so can you not gonna live?

Speaker 3 32:29
Okay, it can be. So there, there are places where they overlap, and they're, they're tracking the same things. There are some things, and I haven't been in a Google analytics tool in quite a while, so there are some things I'm aware of in Google Analytics, that might be a little bit above and beyond what the career sites tool can do, just because Google's got the direct finger on the pulse, right? Rob, do you have any feedback on that?

Speaker 6 32:51
I do have some feedback, yes, and I want to, I want to share that you should be very careful with these GTM containers, because they can actually create problems where candidates can't get in, or it stops the Apply process when it's coming from like LinkedIn, for example, like candidates that use a PDF resume can actually create a failure in the application process. So if you deploy one of these things into your platform and it has conflicts. It can have downstream impact, where candidates start telling you, like, Hey, I created the I created my resume, or dropped my resume in, and your entire system froze.

Unknown Speaker 33:33
Good to know. Those

Speaker 6 33:34
are things that I mean I literally just saw last week with a customer that was struggling, and that's where we traced it back to. So was that was the

Speaker 5 33:44
GT M or GTA for like that filled out like the trackers

Speaker 6 33:53
it was, it was their own container, basically, when we were troubleshooting, fine, having a conflict, essentially, and how it was configured. And I think there was something that was might have been expired, Okay, interesting, okay, specialize in it, in that aspect. So that's why we say tread lightly.

Speaker 5 34:18
Yeah, no, totally get that. I appreciate that. Thank you.

Speaker 6 34:21
Yep, absolutely. Just wanted to share that because I just just saw that, and this customer was dealing with it for a period of, like three weeks, because it makes it really difficult for us to troubleshoot, because we don't, we can't replicate the same thing that's happening on their end. And that's actually how we got back to a PDF resume, because majority candidates are using like Word documents as their resumes. But when you run into a situation like that where they're using PDF, I mean, that's like a needle in a haystack, right? Yeah, so just wanted to share that

Unknown Speaker 34:58
good to know. Thank you, Rob. Yep.

Unknown Speaker 35:01
All right, the floor is open to questions. Who else has a question

Speaker 1 35:08
today? Michelle, by the way, I saw that you commented on Cheryl's post. Any other questions on Cheryl's question?

Speaker 7 35:24
Oh, no other questions. I really appreciate what Rob just shared. Well, what both Vivian and Rob shared, because makes me feel like I don't want to enable this. I don't want to push forward and try to figure it out. But I did go to I Sims at the time I was trying to work on it. They didn't have a lot of assistance. Couldn't point me to documentation that was particularly helpful, and I kind of just gave up. Because what I really couldn't figure out is, once I enter the GTM code, where, where will they access this information? And we do have career sites, so if it's duplicative, I don't need it. Got it? Thank you,

Unknown Speaker 36:15
Patrick, you got a question?

Speaker 2 36:18
Hey, Alex. Is Patrick from intelligent ways, we discovered that we have a problem with hiring managers copying old job wrecks. Is there a way to limit that ability?

Speaker 3 36:33
It's a permission the help desk needs to take it away. It's not something you can do. Just send them a screenshot of the little copy the standard hiring manager and limited like depending on the age of your platform. Do you have a limited access hiring manager group? We have both. Okay, so if you have a limited access hiring manager group, and it's the standard one that was built, it should already have that taken away as a permission. So give them kind of a just mimic this when you create a case for it, it's something that they have to take away in the back end in search engine actions, okay?

Speaker 2 37:07
Because, yeah, we were seeing old wrecks with information that, like was blowing our mind, like, Okay, why? That's still in there, and we found out that they were copying old job, Rex.

Speaker 8 37:21
We did this. We took it away from recruiters, not just hiring managers, for that same reason, right? So we have a lot of our comp team is constantly updating our job code library so the job codes will change. We manually edit those in the template library. But then we were finding that we were sending information to UK G that was incorrect, and we found it was because recruiters were copying rec so we just took that ability away from them entirely, and we did the exact same thing that Vivian was just saying. We had support hide those fields. Awesome.

Speaker 5 37:55
Thank you. I was gonna throw out really quick. Another option is to take away access to old jobs. At my job, my last job, we took away access so they couldn't copy it. But then they started like, you know, opening up an old one on one screen and just literally entering in the same information. It was like, Oh my God. And please don't do that. So we actually took away access to any closed jobs, hold jobs pending, like, just everything. So if it wasn't open, they couldn't access it.

Speaker 2 38:26
Awesome. Okay, I wanted to make sure there was a possibility, so now that I know, I'm gonna take care

Speaker 3 38:30
of that. Thank you, Vivian. The other thing to be careful about, just a little caveat, is take a look at your templates. If they're creating jobs and they lose that ability to copy old jobs, they might still have a lot of access to the information you don't want if you have an old template that hasn't been used or hasn't been looked at in a little while, because sometimes it's not the copy job that is the problem. There's templates that are outdated, that are no longer being recognized as old, that need to be moved into an inactive folder that the managers are using. Seeing that happen,

Unknown Speaker 39:04
one other call data issue,

Speaker 8 39:08
one other call out for you, and this is kind of what caught us out. So there's two different ways. You can copy jobs and I Sims. You can do it directly from the requisition profile, which we took that away as part of the Go Live process. But if you do a job search, then there's in the task bar at the top. There's another feature there where you can copy job from there. And we didn't have it removed from there. They figured it out and they were doing it. So when you go to support to remove it, make sure you inquire about both sections.

Unknown Speaker 39:36
Good. Call out. Great. Thanks. Thanks.

Unknown Speaker 39:39
Y'all. Thanks for the question.

Unknown Speaker 39:45
Who else has questions today?

Unknown Speaker 39:55
I've got a question. Please go ahead.

Unknown Speaker 39:56
This is Townsend and Ellen. This.

Speaker 9 40:00
So it has been many, many, many, many years since I've had to run a location import. But with our latest activation of the indeed apply flow, we've noticed that our locations addresses have all been going over to indeed and other job boards that use the Apply flow. But the problem is that these are a lot of, these are group home locations of our clients, and we need to remove the street address. Yeah, we're, we're having, yeah, that aren't, that are getting hired, but maybe not cleared to start just showing up for work people's homes? Yeah, so I'm trying to find an easy way to remove the street address from close to 400 location profiles.

Speaker 3 40:55
So you're going to need a file with the ID of the location in one column, the field label for the address in another column, and you should be able to send a zero. It's either a zero or an X. I would actually double check this one with the help desk in the column for every single address. So when you do an import, if the if it's blank, if there's nothing in the cell, it's going to assume the data that's in the cell is what you want to keep, right? But if you do an import and there's another piece of information in it, one and zero, it's either one or zero will hide information as part of the CSV import. So you're and if not, it'll overwrite it with a zero. So one way or the other, it will work. But you just basically want a column with the system ID of the record. You're trying to update a column with a folder. Folder is necessary for some reason. So active, not active, and then a column with the header of the field ID address. So do you have the there's a there's a file that's been floating around for a very long time that has the imports? Do you have the import file?

Unknown Speaker 42:09
I do. Well, yeah,

Unknown Speaker 42:11
so filing field, it's a little hard.

Speaker 9 42:13
Here's the thing with with that documentation I was reading through it about importing for locations, it does say that you cannot delete information from an address on a location profile. I don't know if that's still true, because it doesn't seem like it should be. But also, the marker to delete information from a field is three asterisks and three asterisks, and that I remember from my time on the help desk, but it said something about address ID, for which field group of the address you want to delete from, and then, according to the documentation, it should just Be Street. Is the column header for that.

Unknown Speaker 43:02
That doesn't quite feel right,

Speaker 3 43:04
but no, that doesn't feel right Street. Doesn't feel right to me at all. But what it what it is ringing a bell is that there's address location one in the field ID. So it's not going to be like the RCF for the field ID, it's it's going to be like address location one in print, right?

Speaker 9 43:23
Yeah, it was. It was odd because the documentation says street,

Speaker 3 43:28
but I don't think it's Street. I don't I would, I would do like a test run with one or two records. Oh, absolutely, yeah, but don't I? I don't think the three, I think you're right. I don't think the three asterisks is going to work. In this case, I think you're going to want to put in a zero or an X, okay, and at the very least it will overwrite the data that's in there with a zero, right?

Speaker 9 43:49
Yeah, I'll try it all. Thank you

Speaker 3 43:54
for the question, sir. Anybody else fluent in importing and exporting into location records? It's been a minute since I've done this. Yeah.

Speaker 10 44:01
This, all

Speaker 1 44:10
right, and if not, it's time to spin the wheel. We are giving away a copy of Vivian's classic from zero to ATS zero, the accidental advance journey. And if you've already gotten a book, your name is on the wheel, hopefully I got that right,

Unknown Speaker 44:28
and it looks like

Speaker 1 44:31
Patrick, Patrick, you are winner today. So close.

Unknown Speaker 44:36
Actually, a copy a few weeks ago. Yeah, I

Speaker 1 44:39
saw Okay, all right, I got it wrong in that case. Okay, let's, let's do this one more time. Townsend, cross your fingers.

Unknown Speaker 44:50
A second chance with better odds, right? No.

Speaker 1 44:54
Michelle, do you have one already? Michelle, yes, I do. This is what happened. When Caitlin's not here, when Caitlin's not here, everything just goes to hell.

Unknown Speaker 45:09
Now you win Townsend

Speaker 1 45:13
three is a charm. Townsend just DM me your address and we'll get a book out to you. Got it. Hope you enjoy it. All right, so head back over here. We've got another 10 minutes or so, and oh, Rob has a comment. If three asterisks is entered into the data space for any address column, the entire address will be deleted from the job profile. As best practice to remove a location from a job profile enter three asterisks in the data space for job, company system ID.

Speaker 3 45:45
Oh, that's a good call out. So if you're just deleting the location record, it's not going to go back and update the posting. Yeah, so that's another another piece as well. You've already got some of these jobs posted. Indeed, already has the address. So you're not, you're going to fix it. Moving forward, you're not going to fix it now, I see, so he's saying updated on the job too, not just in the record for the location, because if you've already created the job, it's it's fixed. It's already got the data. It's going to keep the original,

Speaker 6 46:19
yeah, that's from the integration guide directly.

Speaker 3 46:22
You've got to locate it. You've got to do it in two places, the address record and the jobs.

Unknown Speaker 46:31
Great. Call out, yeah.

Unknown Speaker 46:34
All right, thanks, Rob. Oh, we've

Speaker 1 46:37
got another 10 minutes. Greg. You got your hand up? What's going on?

Unknown Speaker 46:40
Greg? So I

Speaker 4 46:44
been trying to roll out our interview scheduler. And what's actually been a challenge has not been the enabling. It has been I Sims. What it turns out is it's been the recent shift from our recent like in the last couple last year or two, where an i sim switch from a just being able to see free busy by default, and a switch we call bi directional integration, which makes a lot of sense, right? If I'm scheduling an inner if I'm going to schedule an interview with someone, someone, not only has, I can't just show under the UI, hey, here's the available slots, but once I've selected the slot, I've got to be able to write it back to the calendar, or else it kind of defeats the whole purpose of holding a slot. For some reason, our zoom my internal organization's zoom team and Google Calendar team are really nervous about that. I've asked our CSM to, you know, connect us with a resource at I Sims to help address their concerns. But I was wondering if anybody who has done interview scheduling, have they encountered these concerns with their internal IT, and was there anything specifically that you, that you did or shared, because I've shared all the documentation I could from I sims with them, and they've they're really nervous about this.

Speaker 1 48:21
Greg, have you? Oh, interesting. We don't have any quantified posts.

Speaker 5 48:25
I slightly missed that. Are you talking about just security in general, regarding that with Google and zoom?

Speaker 4 48:35
Yeah. I mean, I mean, basically, we're just trying to connect Google, our Google Calendar instances and zoom with with I Sims, so that we can enable it to interview schedule. I mean, that's, you know, we're trying to keep it simple. And I've shared, you know, I Sims and our shared all the documentation, especially some detailed documentation about, you know, the API, about the AI, the integration. So I shared that they're just really nervous. They I think, I think what they say their concern is they said it's too much security, it's too much, too many, too much permissions.

Speaker 5 49:10
It's too broad, right? Like it's Yeah, yeah. So everything that I've heard from other clients is that a lot of IT teams don't like the chronify piece because it more or less says, Hey, we want access to everything, regardless if that's actually what it's doing or not. That's what that's how the IT teams are reading it a lot of times. So there's a lot of people that have like, their companies can't do it. I know there's some people on circle that have commented about it, like their their, their, IT department won't allow them, so maybe post out there, because they might just not be on this call, but sure they might know more of, like, the specifics as to what the problem was. But everything that I've seen, it's either, yeah, like, I don't even think my company would go for it. I'm not sure, though I.

Speaker 4 50:00
And thanks. I'll, I'll review. I'll, I'll post something up later today or Monday. And I am actually trying working with our with our CSM, to coordinate a kind of a quick meeting with the various teams to kind of flesh out their concerns and hopefully address them. I did share with our client. I was like, Look, you know, well, technically, we could use it as a standalone product. I mean, isoms does say could. It's not going to be the best experience. You're not going to identify, you're not going to recognize the realize the efficiencies that come with it. So for us, this is kind of a, you know, this is definitely a go, no go situation. If our teams come back and say absolutely not, can't connect calendar zoom, maybe we can have a conversation we could probably live without if we couldn't, but without Google Calendar, yeah, at this point, it's not going to be really worth the squeeze in this case.

Speaker 5 50:55
But yeah, yeah, check the check the isoms community. I just did a quick search, and like, everything that I recall reading was mainly there, and it's chronifies It looked like the main reason was because it asks for full ability to read all meeting information, not just like free, busy, but yeah,

Unknown Speaker 51:18
that is it. That's exactly even though I know that

Speaker 4 51:22
I believe in practice, it's the user can't see it. It's the it's the it's the fact the integration can and I think the other one was that even though our your IT can designate which calendars are not allowed to be available. So let's say you have, like your CEO or anyone from your C suite, you might decide there are no go, you know, just you can't, you're not gonna be able to see that, which is fine that, I think what you just mentioned about to be able to see the details all mean details that really, I noticed a change in the conversation as soon as they saw that.

Speaker 5 51:56
Yep, and I recall somebody, I don't recall who it was said that they tried to talk to chronify directly, but like they're not allowed to, or whatever, or maybe isoms wasn't allowing it because, you know, it's through a third party vendor, which is crown fi So, yeah, there's been a lot of things as to why people can't Get it done. Oh, somebody actually says it is blocking this due to security and GDPR risk. So there's another option, go check the community. There's a lot of so I

Speaker 6 52:31
have an update for you guys on this. That is the specific issue is that Crona fi today requires full access, and that turns a lot of IT teams off, essentially. So we are pressuring, I'm sorry, let me, let me rephrase that. We are pushing kronify, our partner, to make changes, and they have agreed to make those changes. I don't have timing on it, though. I just understand they're they're currently under development right now, in chronify to make those changes, because if you go to just read only, then the system can't write, meaning that when you get when your person schedules an interview, it won't go on to the calendar because it can't write to the calendar. So what they're working on is is just being able to see free, busy time and being able to write to those calendars to, of course, block out that time slot. Because the whole thing is, is that if somebody grabs that 12 o'clock spot, you need to make sure that it's blocked for the next candidate, especially if you invited five people to self schedule, you need that slot to be taken basically away. So that's, that's the issue that they're facing right now, and chronify has agreed to modify. It's just a matter of when they actually do that on their product roadmap,

Speaker 4 53:49
is that now, when chronify makes that kind of change, and thanks Rob for that update, and because that, that's something we can we can share back and say, hey, it's being worked on. We don't have a timeline, but it's being worked on. When quantify does something like that, is that something that comes out in the release, or because they're a sub processor, it's not really something that isoms would advertise.

Speaker 6 54:11
So So because this is such a high visibility issue that we want to make sure that we get the word out to our users as well. So anyone that's essentially said, No, we're not doing this. We want to make sure that everybody's notified.

Speaker 4 54:25
And Rob, do you know, would that also apply to zoom? Because I was really shocked. Using my Zoom team, they've never come they have never had them come across an integration that they're willing, you know, where they actually said, Whoa. This is really making us pause the very first time that they've actually paused and not wanted to do an integration. So do you know, if quantifies, not across the board, just for Google

Speaker 6 54:52
Calendar, chronify is the ownership of the calendar at peace and that aspect. So I'm not sure about zoom, because. Chronify pulls in the Zoom link.

Speaker 4 55:03
Okay, all right. I mean, okay, and I can flesh that out with our, with our CSM, yeah. I mean, there was something on there was something about the zoom, and I've been training our zoom team to talk about it, that when they reviewed the documentation I since provided them, it really stopped them in their track. He said, No, we've never seen any vendor require so much access. And I was, you know, I was trying to clarify with them, are you sure not confusing with the Google Calendar? Like, no, no. This is the Zoom stuff. We're like, Okay, I will include, we'll put you in the conversation and see who can sort it out

Speaker 6 55:36
so well. And the first thing that they see, and this, this actually happened at my last two employers, the first thing that they see is a service account, or, shall I say, an admin account. And it's not a full admin account necessarily in your Azure system. It's a it's a separate dedicated service account for that specific integration. So it's not giving them the full like admin account. Like, that's the first thing it people see, right? So that's, that's the differentiator, I think there where you can control the access to different things with that service account. Okay? It's, it's definitely a higher level of it nerd talk, but at the same time, it's just like, it's figuring out, like, Hey, we're not giving everything away, essentially here, right? But chronofi does require full access, and that that is a struggle for a lot of organizations.

Unknown Speaker 56:29
Thank you very much. I appreciate it. Yep,

Speaker 1 56:31
thanks for the question, Greg and Rob. Thanks for the insights. Thank you, everybody here. Hope you have a wonderful weekend. We'll see you next time Friday, 1:30pm Actually, hold on a second. Hold the phone. Hold the phone. Next at is Easter Sunday. We are actually out of office. Friday, the third so we will be back on the 10th. We'll see you on the 10th. Have a good one. Everybody. Take care. Bye.