Background Checks in Mexico: What’s Legal and What’s Not
Running background checks is standard practice in many countries, but in Mexico, strict privacy and labor laws limit what you can legally ask for — and how you can use that information.
If you’re expanding hiring through outsourcing, an EOR, or building a local entity, you must know:
- Which background checks are allowed under Mexican law
- What types of information you cannot collect
- Best practices for staying compliant with data privacy (LFPDPPP) and labor rights
Are Background Checks Legal in Mexico?
Yes — but only under strict conditions.
Mexican employers can verify information that’s directly related to the job role, such as:
✔️ Employment history
✔️ Academic credentials
✔️ Criminal records (in some sectors)
See how this affects your hiring in “Labor Regulations in Mexico for Startups: Everything You Need to Know.”
What’s Allowed — and What’s Not
1.- Employment and Education Verification
✅ Permitted: Confirming previous jobs and degrees.
🚫 Not Permitted: Defamation or contacting unrelated third parties without consent
2.- Criminal Record Checks
✅ Allowed only when:
- Relevant to the role (e.g., security, finance)
- The candidate gives written consent
- The check is handled by an authorized agency
🚫 Discriminatory use: It’s illegal to reject a candidate solely based on a record unrelated to the role.
3.- Medical Exams
✅ Permitted only if:
- Related to job functions (e.g., physical capacity for manual labor)
- Not used to discriminate for pregnancy, HIV status, or disabilities
Learn how this ties to compliance in “How the REPSE affects Outsourcing companies.”
4.- Social Media and Personal Data
🚫 Invasive checks are prohibited.
✅ You can check publicly available information but must not violate privacy or data protection rights.
For digital monitoring, see “Supervisión digital en el trabajo remoto: ¿qué tan legal es monitorear a tus empleados?”
Compliance Pitfalls to Avoid
Mexico’s Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP) regulates how you collect, store, and use personal data.
Common mistakes:
🚫 Running checks without written consent
🚫 Storing sensitive data insecurely
🚫 Sharing background data with third parties without a legal basis
Best Practices for Safe Background Screening
✔️ Always get written consent — include a clear privacy notice.
✔️ Use reputable screening providers who comply with LFPDPPP.
✔️ Limit checks to job-relevant information.
✔️ Keep detailed records of consent and how information is used.
If hiring across borders, see “How to optimize the international contracting process through an EOR.”
What Happens If You Get It Wrong?
Non-compliance can lead to:
⚠️ Fines from Mexico’s data protection authority (INAI)
⚠️ Labor lawsuits for discrimination
⚠️ Reputational damage to your employer brand
Protect your reputation by reading “How to Avoid Legal Pitfalls When Scaling Your Remote Workforce.”
Conclusion
As you grow your workforce in Mexico — whether through outsourcing, EOR, or direct hires — a solid, compliant background screening process protects your company and builds trust with new talent.
