Free Background Checks For NZ Employers: Legal Compliance Considerations

Hiring can feel like a balancing act for any small business. You want to move quickly, choose the right person, and protect your team and customers - but you also don’t want to step over legal lines (or unintentionally collect information you shouldn’t have).

That’s where background checks come in. In New Zealand, there are a number of checks you can run at low or no cost, but the way you do them matters. If you get the process wrong, you can create privacy issues, discrimination risk, or even employment relationship problems before the person has started.

Below, we’ll walk you through what “free” background checks typically look like in NZ, what laws you need to keep in mind, and how to build a practical, compliant process that works for a small business.

What Background Checks Can NZ Employers Do For Free?

When people say “free background checks”, they usually mean checks you can do without paying a third-party screening provider. Some checks are genuinely free (or close to it), while others may involve fees depending on what you need.

Here are common background checks NZ employers often run without paying for a specialist service.

1) Reference Checks

Reference checks are one of the most common and useful checks, and they’re usually free.

Good practice: get the candidate’s consent to contact referees, and stick to questions that are genuinely relevant to the role (for example reliability, technical skills, teamwork, customer handling).

• Confirm employment dates and duties
• Ask about role-related strengths and performance
• Ask role-related concerns (without straying into protected personal information)
• Keep a short record of what was said and by whom

2) Basic Identity Checks (Right To Work + “Are You Who You Say You Are?”)

Employers in NZ should take reasonable steps to ensure workers have the legal right to work in New Zealand. Checking and recording right-to-work evidence is a key part of hiring responsibly.

This isn’t just a “nice to have” check. Practically, this might mean checking passports, visas, or using the appropriate government verification processes.

3) Public Online Checks (Used Carefully)

Many businesses do a quick Google search or look at a candidate’s public professional profile. This can be tempting because it’s fast and free.

The risk is that online searching can expose you to information you shouldn’t be using in hiring decisions (for example health issues, pregnancy, religion, age indicators, or political views). If you rely on that information - even unconsciously - you can create a discrimination risk.

If you choose to do online checks, it’s safest to:

• only look for role-relevant information (for example professional qualifications, portfolio, public business activities)
• avoid trawling through personal social media
• apply the same approach consistently for candidates applying for the same role

4) Criminal Record Checks And NZ Police Vetting (Often Free, With Consent)

For many roles, you may want to know whether a candidate has a criminal history. In New Zealand, there are different pathways depending on the role:

• Ministry of Justice (MoJ) Criminal Record Check: individuals can request their own criminal record, and employers will typically ask the candidate to provide it (or authorise a request where available under the current process). Whether there’s a fee can depend on the process used and any urgency requirements.
• NZ Police Vetting: this is generally used where an organisation is approved to vet (often in sectors involving children or vulnerable people). It’s not available “on demand” to all employers, and eligibility rules apply.

Two key points:

• You generally must have the candidate’s informed consent to obtain criminal record information or request vetting.
• You should only request it where it’s relevant to the role (for example working with vulnerable people, handling cash, entering private homes, driving roles).

Also keep in mind New Zealand’s Clean Slate regime may mean certain older convictions don’t appear on some checks (if eligibility criteria are met). That’s another reason to be clear about why you’re checking and to avoid overreaching.

5) Qualification / Licence Verification (Sometimes Free)

You can often ask candidates to provide copies of qualifications, licences, or registrations, then verify them with the issuing body (some verifications are free, some have fees).

For example, if you’re hiring someone who must legally hold a current licence or registration to do the job, verifying that status isn’t just prudent - it can be essential to staying compliant and insured.

What Laws Affect Background Checks In New Zealand?

Even when the checks themselves are free, the legal compliance piece still matters. In practice, background checks touch multiple areas of NZ law, and you’ll want a process that fits together cleanly.

Privacy Act 2020 (Personal Information Rules)

Background checks usually involve “personal information” (and sometimes sensitive personal information). Under the Privacy Act 2020, you generally need to:

• collect information for a lawful purpose connected with your business functions (here, hiring)
• only collect information that’s necessary for that purpose (don’t “just in case” collect everything)
• be transparent about what you’re collecting and why
• store information securely and limit access
• only keep information as long as you need it

It’s also a good idea to align your hiring process with a clear Privacy Policy, so you’re not making it up as you go.

Human Rights Act 1993 (Avoid Discrimination)

The Human Rights Act 1993 prohibits discrimination on certain “prohibited grounds” (for example sex, marital status, religious belief, ethical belief, race, disability, age, sexual orientation, and more).

Background checks can accidentally create discrimination risk if you:

• seek information that reveals protected characteristics and then rely on it in decision-making
• apply different checking standards to different people
• reject someone based on assumptions rather than role requirements

A practical rule: only collect and use information that is genuinely relevant to the role and your workplace safety/compliance needs.

Employment Relations Act 2000 (Good Faith And Fair Process)

While the Employment Relations Act is most commonly discussed during employment (not recruitment), it’s still smart to run your hiring process in a way that supports a healthy employment relationship from day one.

Being upfront about checks, getting consent, and applying a consistent process helps you start on the right foot - and supports the expectations you’ll later set out in an Employment Contract.

Health And Safety At Work Act 2015 (Risk Management)

If the role carries real safety risk (for example operating machinery, driving, handling vulnerable people, entering customer homes), you may have stronger reasons to run certain checks because you have duties to keep people safe at work.

That said, “health and safety” isn’t a free pass to collect anything you want. The checks still need to be proportionate and relevant.

Do You Need Consent For Background Checks (And How Should You Get It)?

For most background checks, consent is either legally required or strongly recommended.

Even where consent isn’t strictly required (for example, viewing genuinely public professional information), transparency is still the safer approach - because it reduces the chance of a privacy complaint and builds trust with candidates.

What Consent Should Look Like

Consent should be:

• informed (the candidate understands what you’re checking and why)
• specific (not a vague “we can check anything” statement)
• freely given (not obtained through pressure or surprise)
• documented (especially for criminal record checks, police vetting, drug/alcohol testing, and medical-related checks)

Many small businesses build consent into their recruitment pack (application form + privacy notice + check authorisation) and revisit it if new checks become relevant later.

Be Careful With Health Information And Medical Checks

Health information is sensitive. If you collect it, you should have a clear and lawful reason connected to the inherent requirements of the job (for example, a role requiring specific physical capabilities).

If you need a health-related consent process (for example, where you’re asking a candidate to attend an assessment or provide specific health information), having a tailored form like a Medical Release Consent Form can help you keep the scope tight and compliant.

Drug And Alcohol Testing: Don’t Wing It

Some industries use drug and alcohol testing as part of pre-employment screening (particularly where safety is critical). This is an area where process and documentation matter a lot.

If it’s relevant for your workplace, you’ll want clear written rules, a lawful basis, and proper consent - for example via a Drug Test Consent Form.

How Far Is Too Far? Keeping Background Checks Relevant And Fair

The most common mistake we see with background checks isn’t that a business is trying to do the right thing - it’s that they collect too much, too early, or in an inconsistent way.

A simple way to keep your process compliant is to apply a “relevance and timing” test.

Relevance: Does This Check Actually Relate To The Job?

Ask yourself:

• What risk are we trying to manage?
• Is this check a reasonable way to manage that risk?
• Would we apply this check to every candidate for this same role?

For example:

• Cash-handling retail role: reference checks and (potentially) a criminal record check may be relevant.
• Marketing contractor working remotely: criminal record checks might be harder to justify, while portfolio verification is more relevant.
• Role working with children or vulnerable people: higher screening expectations usually apply, and you should confirm the sector rules (including whether NZ Police Vetting is required or expected).

Timing: Are You Collecting Sensitive Info Too Early?

Many businesses reduce risk by only running deeper checks after they’ve identified a preferred candidate (or made a conditional offer). That way, you’re not collecting sensitive information about large numbers of applicants unnecessarily.

Don’t Ask The Wrong Questions In Interviews

Often, “background checking” starts in the interview - and that’s where small slip-ups can cause big issues.

Questions about age, family plans, health conditions, religion, or other protected attributes can be risky and may be unlawful depending on context. Keeping a structured interview guide helps a lot, and it’s worth being across common illegal interview questions so you don’t accidentally stray into them.

Online Searches And Social Media: A Common Trap

It’s easy to find information online that you don’t want to know - and once you’ve seen it, you can’t “unsee” it.

If you do online checks at all, consider:

• limiting checks to professional platforms and public portfolio sites
• having one person do the check and only report role-relevant findings
• documenting what you did and why (briefly)

How Should You Store And Handle Background Check Information?

Collecting information is only half the compliance story. Under the Privacy Act 2020, you also need to protect it.

This is particularly important for small businesses because access is often informal (shared inboxes, shared folders, managers wearing multiple hats). A simple process can go a long way.

Practical Privacy Steps For Small Businesses

• Limit access: only people who need to see the information should have it.
• Secure storage: store records in secure HR systems or protected folders (not personal devices).
• Be careful with email: forwarding background check results around can create unnecessary privacy exposure.
• Set retention rules: don’t keep unsuccessful candidate checks forever “just in case”.
• Have a process for requests: candidates may have rights to access information held about them.

If you want a clear, workplace-ready approach for how you handle employee and candidate information, an Employee Privacy Handbook can help set expectations and reduce grey areas.

Using Third Parties (Even If The Check Is “Free”)

Sometimes the “free” part is that you’re not paying money - but you’re still involving a third party (for example, a referee, an online verification source, or a testing provider).

You should still think about:

• what you’re disclosing about the candidate when you contact others
• whether your questions are appropriate and role-related
• whether you have the candidate’s permission for that contact

Step-By-Step: Building A Compliant Background Check Process (Without Overcomplicating It)

The best background check process is one your business can actually follow consistently. Here’s a practical way to set it up.

Step 1: Decide What Checks Apply To Each Role

Not every role needs the same level of screening. Start by mapping roles into “risk buckets” (for example: standard admin role, customer-facing role, safety-critical role, vulnerable-person role).

For each role, decide:

• what checks are required
• what checks are optional
• when checks will occur (pre-interview, preferred candidate, conditional offer)

Step 2: Put Consent In Writing

Create a simple candidate consent form (or recruitment privacy notice) that covers the checks you will run.

Where it makes sense, line it up with your onboarding documents - including your Employment Contract - so the story stays consistent from recruitment through to employment.

Step 3: Keep Interviews Structured (And Role-Focused)

Use a standard interview scorecard and avoid “off-the-cuff” questions that drift into personal territory. This is one of the easiest ways to reduce discrimination risk.

Step 4: Document Your Decision-Making (Briefly)

You don’t need a huge paper trail. But you should be able to explain, at a high level:

• what checks were run
• what information mattered (and why it mattered for the job)
• that the process was applied consistently

Step 5: Set Clear Internal Rules For Conflicts And Secondary Employment

Some “background check” issues aren’t about criminal history - they’re about conflicts of interest, side businesses, or relationships that could affect the role.

If that’s relevant to your workplace, setting expectations early through a Conflict Of Interest Policy can prevent awkward disputes later.

Step 6: Treat Monitoring And Surveillance As A Separate Compliance Area

Sometimes employers start thinking about background checks and then move into monitoring (for example CCTV, device monitoring, or tracking). That’s not the same thing - and it has its own legal risks.

If you use CCTV or similar tools, you’ll want to be careful about notice, purpose, and privacy - the rules around cameras in the workplace are a good example of why a clear policy matters.

Key Takeaways

• “Free” background checks for NZ employers often include reference checks, right-to-work verification, limited online checks, and (depending on the role and pathway) criminal record information or police vetting with consent.
• Even if a check costs nothing, you still need to comply with the Privacy Act 2020, keep checks relevant, and handle information securely.
• Only collect information that’s genuinely connected to the role, and consider running more sensitive checks only once you’ve identified a preferred candidate.
• Get clear, written consent for checks that involve sensitive information, including criminal record checks/police vetting, drug testing, and health-related information.
• A consistent process (role-based checklists, structured interviews, short records, and secure storage) reduces privacy complaints and discrimination risk.
• If you’re unsure what checks are appropriate for a particular role or industry, it’s worth getting advice before you build the process into your hiring workflow.

If you’d like help setting up a legally compliant recruitment process (including background checks, privacy documentation, and employment contracts), you can reach us at 0800 002 184 or team@sprintlaw.co.nz for a free, no-obligations chat.