Reference
Hiring & ATS Glossary
Plain-language definitions for the terms hiring teams trip over. Auditors and recruiters can both use this page.
A
3 terms- AI Extraction AI & Screening
- The use of a language model to convert an unstructured resume into structured fields — role, employer, education, total years of experience, skills. Should always carry source attribution (declared vs extracted) and a confidence score visible to the reviewer, and should never produce a ranking or fit score that materially affects a hiring decision without human review.
- Applicant Tracking System (ATS) Workflow
- Software that captures incoming job applications, organizes candidates through a hiring funnel, and stores the data hiring teams need to make decisions. The modern bar includes consent management, audit logs, AI-assisted resume extraction, and reviewer workflows that mask PII by default.
- Audit Log Compliance
- Append-only record of every operator action against candidate data — review, unmask, export, edit, decision. Each row captures actor, timestamp, IP, user agent, and outcome. The audit log is the artifact you hand a regulator when asked who looked at what; design it like you mean it.
B
1 term- Bias Audit Compliance
- Statistical analysis of selection rates across protected demographic groups. Required annually under NY Local Law 144 for any automated employment decision tool, and recommended quarterly under the EEOC Uniform Guidelines four-fifths rule for any screening process — automated or not.
C
5 terms- Candidate Net Promoter Score (cNPS) Metrics
- Likelihood-to-recommend score (-100 to 100) collected from candidates at the end of the hiring process. Useful as a trend indicator. Less useful than narrower stage-by-stage NPS scores, which let you find which loop stage is leaking.
- CCPA / CPRA Compliance
- California's Consumer Privacy Act, amended by the California Privacy Rights Act. The privacy regime covering California residents, including employees and job applicants. Among other things, it requires honoring Global Privacy Control as a valid opt-out signal and providing a clear-and-conspicuous "Do Not Sell or Share" link in the footer of every page.
- Colorado AI Act Compliance
- Colorado's 2024 law (effective February 2026) imposing risk-management, impact-assessment, and transparency obligations on developers and deployers of high-risk AI systems, including those used in employment. Broader scope than NYC LL144 and analogous in spirit to the EU AI Act.
- Consent Ledger Consent
- Append-only, hash-chained record of every consent grant or revocation. Each row stores the candidate, consent option, the boolean state, the verbatim text shown at consent time, the policy version, the IP, and a hash chained to the previous row. The chain makes the ledger tamper-evident — an auditor can re-walk it and detect any deletion or modification.
- Cost-per-Hire Metrics
- Total spend on a hire divided by hires made. Useful as a portfolio metric; misleading without source breakdown. Referrals and inbound applicants are nearly free and produce higher-quality hires than agency or paid-channel candidates. Average it at your peril.
D
4 terms- Data Processing Addendum (DPA) Compliance
- Contractual document specifying the controller-processor relationship between a customer and a SaaS vendor. Required under GDPR Article 28 and analogous to similar provisions under CCPA, LGPD, PIPEDA, and other regimes. SourceHire's DPA is published at /legal/dpa.
- Data Subject Access Request (DSAR) Compliance
- A request from an individual to access, correct, port, or erase the personal data an organization holds about them. Required under GDPR Articles 15-22 and CCPA § 1798.100-130. A serviceable ATS exposes this as a self-service portal rather than a manual ticket. SourceHire's lives at /apply/me.
- Discoverability Consent
- The consent that allows a candidate's profile to surface in the network-wide talent search beyond the job they specifically applied to. Independent from core processing. Candidates who decline it can still apply to specific roles, but their profile won't appear in recruiter searches across other employers.
- Disparate Impact Compliance
- A facially neutral employment practice that produces materially different selection rates across protected groups. Actionable under Title VII even without discriminatory intent. Measured by the EEOC four-fifths rule: the selection rate for any group must be at least 80% of the rate for the highest group, or the practice is prima facie discriminatory and must be defended as job-related and consistent with business necessity.
E
2 terms- EEO-1 Report Compliance
- Annual federal report filed by employers with 100+ employees, breaking down workforce by job category, sex, race, and ethnicity. EEOC requires it; many employers also use it as the basis for internal diversity dashboards. The data feeding it must come from a separate, isolated EEO survey, never the main apply flow.
- EEOC Uniform Guidelines Compliance
- Federal guidance from the Equal Employment Opportunity Commission defining how employment selection procedures should be validated and how disparate impact is assessed. The four-fifths rule comes from these guidelines.
F
1 term- Four-Fifths Rule Compliance
- The EEOC threshold for prima facie disparate impact: the selection rate for any protected group must be at least 80% (four-fifths) of the rate for the highest group. Below that, the practice is presumed discriminatory and must be defended.
G
2 terms- GDPR Compliance
- The General Data Protection Regulation, the EU's comprehensive data-protection law. Applies to processing of EU residents' personal data regardless of where the processor is located. Requires affirmative, informed, revocable consent for most processing; mandates DSAR fulfillment within statutory deadlines; imposes severe fines for breach. The UK GDPR and Swiss FADP mirror most provisions.
- Global Privacy Control (GPC) Consent
- A browser-level signal indicating the user opts out of sale and sharing of personal information. The Sec-GPC: 1 request header is a valid opt-out under CPRA Regulation § 7025 and is honored by SourceHire across all surfaces.
N
1 term- NYC Local Law 144 Compliance
- New York City law (effective July 2023) requiring an annual bias audit for any "automated employment decision tool" used to substantially assist hiring or promotion decisions for NYC-based roles. Also requires advance notice to candidates. Often the practical floor for AI hiring tool compliance for US-based employers.
O
1 term- Offer-Acceptance Rate Metrics
- Percentage of extended offers that are accepted. A healthy rate is typically 80-90% for in-demand roles. Falling rates signal stale compensation, weak candidate experience, or a competitive intel gap.
P
2 terms- Pass-Through Rate Metrics
- Percentage of candidates who advance from one funnel stage to the next. Measured at every stage: application → recruiter screen → hiring manager screen → onsite → offer → accept. Falling pass-through rates at a given stage isolate where the funnel is leaking.
- PII Masking Workflow
- The default-on practice of hiding personally identifiable information (name, email, photo) in reviewer surfaces until a reviewer explicitly unmasks. Reduces first-impression bias and creates an audit trail of every unmask event. Should be the default in every modern ATS.
Q
1 term- Quality-of-Hire Metrics
- A composite metric capturing whether a hire performed well after onboarding. Common ingredients: six-month performance review, hiring-manager satisfaction, regretted-attrition flag, and stretch-goal achievement. The most important metric in TA and the hardest to instrument.
R
1 term- Right to Erasure Compliance
- The right of an individual to have their personal data deleted, subject to statutory exceptions. GDPR Article 17 is the canonical reference; CCPA § 1798.105 is the California equivalent. Implemented in SourceHire as a self-service action with a 30-day audit-log retention of the erasure event itself.
S
5 terms- Self-ID Survey Compliance
- The optional, isolated post-apply survey collecting EEO demographic information (sex, race, ethnicity, veteran status, disability). Stored in a separate table that never joins to the reviewer query path, surfaced only in aggregate diversity reports. Never required, never visible to interviewers.
- Source-of-Hire Metrics
- The channel that produced a hire — referral, inbound, agency, paid channel, conference, university recruiting. Measured at hire (not application), it reveals which sources actually convert. Referrals routinely outperform paid channels by 5-10x on quality and 100x on cost.
- Structured Interview Workflow
- An interview using a fixed set of questions in a fixed order, scored against a pre-defined rubric. Reduces interviewer-explained variance from ~60% to ~15% in replicated studies. The single highest-leverage bias-reduction intervention available.
- Structured Profile AI & Screening
- The structured-field representation of a candidate (current role, employer, total years of experience, education, skills, tools) extracted from their resume by AI. Each field carries source attribution (declared vs extracted) and a confidence score.
- Subprocessor Compliance
- A third-party service a SaaS vendor uses to process customer data on its behalf — cloud hosting, database, transactional email, AI inference. Each subprocessor must be disclosed and bound by data-protection terms at least as protective as the primary vendor's. SourceHire's subprocessor list is at /legal/privacy#subprocessors.
T
2 terms- Talent Network Consent
- A pool of candidates who have opted in to be discoverable across roles, not just the specific job they applied to. The opt-in is independently revocable. SourceHire surfaces this as discoverability consent.
- Time-to-Hire Metrics
- Calendar days from job posting to offer acceptance. A widely-reported metric of dubious diagnostic value when measured as a single number; useful only when decomposed into stage cycle times, where you can see which stage is the bottleneck.
See alsodiscoverability
See alsopass through rate
W
1 term- Work Sample Workflow
- A short, paid, take-home assessment tied to the actual work of the role. Outperforms every other pre-hire signal in predictive validity. Best-in-class: ≤90 minutes, synthetic data, $150-200 stipend, same prompt across cohort, reviewed asynchronously by two evaluators.
Missing a term? Tell us and we'll add it.
Built on these terms
See how SourceHire implements every concept on this page.
Consent ledger, audit log, PII masking, structured profile, DSAR portal — all in the product, all visible to candidates and auditors.