If your business has employees, you’re required by law to create an employee file for each staff member and maintain certain records on their behalf. In this guide, we’ll help you work through those requirements.
Which employee records do I need to keep?
You’ll need to create up to six filing systems to protect your employees’ confidential information.
This structure keeps people who need to view a document in an employee file from accessing other private information.
With that in mind, plan to keep these six sets of employee files:
Recruitment and EEO files
Keep a file for every employee that includes data you collect from applicants through the interview or job application process. You'll likely include job postings, applications, interview notes, reference checks, testing results, and other information.
Personnel files for each employee and job applicant
Next, keep pieces of data you collect from hiring, managing, and terminating your workers in another filing cabinet.
Hiring records should include:
- Resumes or applications
- Reference checks
- The results of tests used in the selection process
- Offer agreements
- The job description to which a person applied
- Proof of enrollment in workplace benefits
- Emergency contact forms
- IRS Form W-4
- An acknowledged receipt of your employee handbook
- Agreements to your code of conduct or other policies
|Do not keep background check results, medical records, the results of drug testing, credit information, immigration forms, or notes on complaints and investigations in this employee file, even if they relate to person's time with your business. These should be stored in separate locked files to protect your employees' privacy.|
Performance records should include this set of notes and reports:
- Performance reviews
- Disciplinary actions
Termination records should include:
- Resignation letters
- Exit interview notes
- A copy of the separation package you offered
- Unemployment documents
- Any records or correspondence that relates to an employee exiting your business
|State laws allow a current or past employee to view their personnel files, so keep this in mind as you create and store documents within them.|
You’ll also need to create files for job applicants who weren't hired for a role. Here, you'll include the job to which the person applied, their resume or application, the results of tests used in the selection process, and any other data you collected to decide not to move forward with them.
Confidential medical files
These employee files should include items related to your employees’ health history. Often, these records will include:
- Pre-employment physicals
- Documentations of disabilities or medical conditions
- Drug tests
And though these aren't medical records, you might also keep background checks in this file, as well as any records that reveal your employees’ marital status, religion, or date of birth. All of this information should be kept private and separate from other files.
Employee safety files
Employee safety files are sometimes kept separate from employees’ medical files. If these files are relevant to your business, you should include OSHA training records, violations, and workers’ comp injury reports to comply with OSHA best practices.
This set of employee files should contain a single item: your employees’ I-9 forms to confirm their employment eligibility.
This final set of files should include timesheets, work schedules, time cards, pay scale records, and records of leave (including sick time and vacation).
Are there legal requirements for recordkeeping?
Yes. Federal and state laws mandate which records can (and must) be kept, how they must be stored, and when they can be destroyed. Here are a few of the laws to keep in mind:
- Fair Labor Standards Act (FLSA): instructs employers to maintain correct pay records
- Sarbanes-Oxley (SOX) Act: sets retention timeframes for personnel files
- Americans with Disabilities Act (ADA): limits who may view a person's medical records and spells out how those records must be stored
- Family and Medical Leave Act (FMLA): instructs employers to ensure that their leave and compensation records private and confidential, specifically by keeping these records out of their personnel files
- Health Insurance Portability and Accountability Act (HIPAA): mandates protecting confidential employee information, which includes health records, social security numbers, birth dates, names, and addresses
- Genetic Information Nondiscrimination Act (GINA): prevents employers with 15 or more employees from asking for, handling, or storing the genetic data of a job candidate, employee, or relative, though there are some exceptions
The Society of Human Resource Managers provides a list of federal labor laws that may affect your business. But if you're looking for those that specifically apply to your business, you'll need to talk with an employment attorney. You can connect with an attorney through the search tool at the bottom of the page:
Here's another good option. Work with a fractional HR team that can devote hours to your business each week or month to help you with personnel matters (such as setting up and maintaining a recordkeeping system). If you’d like to connect with an HR team, check out these options:
|You and your business can be held accountable for mishandling employee records. In some cases, this might mean civil penalties or criminal liabilities. Invest time into setting up a recordkeeping system that fully complies with federal and state laws.|
How should I store my employee files?
You can keep paper records or store your data electronically. Today, federal and state laws permit both options.
Many owners choose paper storage because it’s easy to place printed and signed paperwork into the correct files. Of course, papers can pile up, especially for places with lots of employees and job applicants. That's where the drawbacks of this option begin. Some owners struggle to find space for all the large filing cabinets they need on their site for their paper records. Others might find the burden of filing and later finding records through a physical system too great to take on.
For these reasons—and others—lots of owners choose electronic storage. If this is the option you'd prefer, look into some digital filing systems that'll help you keep your records organized, safe, and secure. Want to see our picks? Here are a few HR filing systems worth looking into:
Whether you choose to store paper copies of your records or scan them to the cloud, take steps to protect them. Use locked storage cabinets (such as these* from Amazon) and file sign-out sheets for paper records. Set up passcodes and electronic paper trails for digital records.
*As an Amazon Associate, Owner Actions can earn from qualifying purchases.
How long should I retain my employee files?
In many cases, you'll keep employee files for as long as a person works for your business. Some can be disposed of when they depart. Others will need to stay on file for years after to guard against future suits and claims against your business.
These guidelines can help you form your plan:
- Personnel files should be kept for at least three years after the person exits or is passed over in the hiring process.
- Documentation showing you comply with Title VII, the Americans with Disabilities Act (ADA), and the Age Discrimination in Employment Act (ADEA) should be kept for at least one year after the date of hire, promotion, demotion, or termination for each role.
- Payment histories should be kept for each employee for at least three years after the person stops working for the business.
- Documents that explain pay discrepancies between people in similar roles should never be destroyed.
- Records on benefits eligibility and payout, pension plans, or profit-sharing plans should never be destroyed.
- Lockout/tagout (LOTO) certifications should be retained for at least one year.
- Records of occupational noise exposure measurements should be retained for at least two years.
- Hazard communications, safety data sheets, employee exposure records, and medical evaluations should be retained for at least 30 years.
- Incident investigation records that pertain to process safety should be retained for at least five years.
- OSHA logs of work-related fatalities, injuries, and illnesses should be retained for at least five years.
- Employment tax records should be retained for at least four years after the taxes were due or paid (whichever is later). These records should include your employer identification number (EIN), employee information (with each person’s legal name, address, social security number, job title, dates of employment, timesheets, and record of the tips they received), and reports of benefits that were paid.
Your state and industry may instruct you to keep other records. You can ask your attorney for a full list of the records you'll need to keep.
Would you like to connect with an attorney? Click the button below to get started:
Log into your owner’s portal for a free step-by-step guide to leading your team and growing your business.