Skip to main content
Cross-References:

Overview

This document defines the mandatory compliance requirements and sign-off gates that must be satisfied before enabling Background Check (Checkr) and SMS notification features in production. Each gate requires documented approval from the designated authority before the feature can be activated for an organization.

Current Verification Status (2026-03-03)

Pre-requisite for Gate 1: HR-09-P5.2 (Background Check Integration) must be implemented and deployed before Checkr can be enabled for any organization. Until then, all F-* requirements remain “implementation ready, sign-off pending.”

1. FCRA Compliance Requirements (Background Checks)

The Fair Credit Reporting Act (FCRA) governs how consumer reports (background checks) are obtained, used, and disclosed in employment decisions.

1.1 Pre-Screening Requirements

1.2 Adverse Action Process

The FCRA mandates a two-step adverse action process when a background check result may negatively impact an employment decision.

1.3 Ongoing Obligations


2. TCPA Compliance Requirements (SMS)

The Telephone Consumer Protection Act (TCPA) regulates automated text messages and requires explicit consent before sending SMS communications.

2.2 Opt-Out Mechanisms

2.3 Message Content Requirements


3. Sign-Off Gates

Gate 1: Background Check Feature Activation

Required before: Enabling Checkr integration for any organization
Target date for sign-off: Q2 2026 (when HR-09-P5.2 ships)
Gate Decision: ☐ Approved / ☐ Conditional / ☐ Blocked Conditions (if any): _______________________________________________

Gate 2: SMS Feature Activation

Required before: Enabling SMS notifications for any organization
Target date for sign-off: Q2 2026 (when SMS feature enabled for orgs)
Gate Decision: ☐ Approved / ☐ Conditional / ☐ Blocked Conditions (if any): _______________________________________________

Gate 3: Per-Organization Activation

Required before: Enabling features for each new organization/tenant Gate Decision: ☐ Approved / ☐ Conditional / ☐ Blocked

4. Enforcement in Code

The following technical controls enforce compliance gates:

5. Periodic Review Schedule


Official Sources

Full list of authoritative external references (HR, CL, PM, RH, GR, IT, PF): docs/compliance/AUTHORITATIVE_REFERENCES.md.

Version History

1.0.0 (2026-02-10)

  • Initial compliance tracking document
  • Defined FCRA requirements F-01 through F-12
  • Defined TCPA requirements T-01 through T-12
  • Established three sign-off gates (feature activation, SMS activation, per-org activation)
  • Mapped enforcement controls to codebase

Last Updated: 2026-02-10
Next Review: 2026-05-10