Employee personnel files are an easy way for employers to be at risk for lawsuits and penalties for violations of laws relevant to nondiscrimination, I-9s, identity theft, medical privacy, record retention and record destruction.
We could go on all day about the benefits of reviewing employee files, but here are the top 3 reasons why you should audit your personnel files at least once per year:
1. Medical privacy: Employee's medical information is protected by HIPAA, ADA, and the HITECH Act. Medical information about an employee (including doctor's notes) should be kept separate from other employee information. Sharing private health information, not having proper security measures in place, and unauthorized access to medical information can lead to hefty penalties and fines.
2. Nondiscrimination: Many managers and supervisors have access to employee personnel files. When making employment decisions, only relevant employee information should be available to managers. Make sure to remove any information that could identify an employees protected class(es).
3. Record retention/destruction: Employers have both state and federal record retention laws to consider. If you store documents electronically, you must ensure that your systems are secure. Record destruction is just as important. Employee-related documents can be subpoenaed further back than the record retention laws require. Remember that it is illegal to destroy any documents related to current or potential lawsuits. Best practice is to have a consistent practice, such as an annual audit.
As a reminder, In the state of Colorado (and many other states) there are requirements for employers to allow employees to access and view their personnel file. More information about the requirements for Colorado employers here. Because employees can request to view their personnel files, the risk for employers goes up. If you have information that should not be included or you are not retaining documents properly, you may be at risk for an employee-triggered audit.
Best practice is to audit your employee personnel files each year to ensure that you have practices and procedures to protect your business. Our certified HR professionals can help you put recordkeeping procedures in place, train your team on HR best practices, and help you minimize your risk levels.
We love HR so you can love what you do!
simplyHR LLC is an HR consulting firm located in Fort Collins, CO providing partnerships to companies in Northern Colorado. Our goal at simplyHR LLC is to provide training, education, partnership, and resources to make Human Resources simple.
The content of this website provides practical and HR best practice information and is not legal advice. simplyHR LLC does not provide legal advice or other professional services. While every effort is made to provide accurate and current information, laws change regularly and may vary depending on the state and/or the municipality your business operates in. The information provided from simplyHR LLC is provided for informational purposes and is not a substitute for legal advice or your professional judgement. You should review applicable federal, state and municipality laws in your jurisdiction and consult with legal counsel as you deem necessary.