---
name: employee-records
description: Manage employee records including personnel files, document retention, data privacy compliance, I-9 management, onboarding documentation, and record lifecycle management. Use when setting up employee files, managing document retention schedules, handling records requests, ensuring GDPR/CCPA compliance, conducting file audits, or migrating HR records systems. Triggers on phrases like "employee file", "personnel records", "document retention", "I-9 audit", "records management", "data privacy", "employee documentation", "file audit", "records request", "HRIS data".
---

# Employee Records Management

Maintain accurate, compliant, and secure employee records throughout the employment lifecycle.

## Workflow

1. Define records management policy: what to collect, how to store, retention periods, access controls.
2. Set up employee file structure: physical and/or digital, with standardized folders and naming conventions.
3. Collect onboarding documentation: identity verification, tax forms, employment agreements, disclosures.
4. Maintain records during employment: update changes, add performance documents, track modifications.
5. Manage access and privacy: role-based permissions, audit trails, separation of sensitive data.
6. Process records requests: employee access requests, legal discovery, regulatory audits.
7. Handle separation records: archive files, process final documentation, initiate retention timer.
8. Annual audit: file completeness check, retention schedule compliance, data quality review.

## Employee File Structure

```
ADMINISTRATIVE FILE (HR and authorized managers):
  01 - Application and Hiring: resume, offer letter, background check results
  02 - Employment Documentation: agreements, handbook acknowledgment, policies
  03 - Tax and Payroll: W-4, state forms, direct deposit, benefit enrollment
  04 - Compensation History: salary changes, promotions, bonuses, equity grants

PERFORMANCE FILE (HR, direct manager, skip-level):
  05 - Performance Reviews: annual reviews, goal documents, self-assessments
  06 - Development: development plans, training records, certifications
  07 - Recognition and Awards: recognition records, promotions, milestones

DISCIPLINARY FILE (HR and legal only):
  08 - Disciplinary Actions: warnings, PIPs, suspensions, investigation reports
  NOTE: In CA/NY, disciplinary records destroyed after 1 year if no further action

SEPARATE LEGAL FILES (stored separately, HR and legal only):
  09 - I-9 and Immigration: Form I-9, visa documentation (separate per federal law)
  10 - Medical and Accommodation: FMLA, ADA, disability (confidential, separate file)
  11 - Investigation and Complaints: complaint records, investigation reports
```

## Document Retention Schedule

```
Document Type              Retention Period     Legal Basis
────────────────────────────────────────────────────────────
Application (rejected)     1 year after rejection   EEOC guidance
Personnel file (active)    Duration of employment   General practice
Personnel file (separated) 7 years post-separation  FLSA, state laws
I-9 forms                  3 yrs after hire OR      USCIS regulation
                           1 yr after separation,
                           whichever is LATER
Performance reviews        3 years post-separation  FLSA
Compensation records       3 years minimum          FLSA
Benefits enrollment        7 years post-separation  ERISA
Payroll records            3 years minimum          FLSA
Background check results   Employment + 1 year      FCRA
Training records           Employment + 1 year      Internal policy

NOTE: Litigation hold suspends all destruction for relevant records.
```

## Data Privacy Compliance

```
Data classification:
  PII: name, address, email, DOB — encrypted, HR access, 7yr retention
  Sensitive PII: SSN, bank account — encrypted + tokenized, payroll only, 7yr
  PHI: medical records, disability — separate secure file, HR case handler only
  Performance data: reviews, warnings — HRIS encrypted, manager + HR access

Access controls:
  - Role-based HRIS permissions
  - Audit log on all record access
  - Manager access: direct reports only, limited fields
  - Employees: self-service portal for own data only

Employee data rights:
  - Right to access: respond within 30 days with complete copy
  - Right to correction: verify and correct inaccurate data
  - Right to deletion (GDPR): legal review, delete permissible data
  - Data portability (GDPR): machine-readable format for EU employees
```

## I-9 Management

```
I-9 PROCESS:
  1. Employee completes Section 1 on/before first day
  2. Employer completes Section 2 within 3 business days
  3. Acceptable documents reviewed in person (or via authorized video call)
  4. I-9 stored SEPARATELY from personnel file

Acceptable documents:
  List A (identity + authorization): US passport, Green Card, EAD
  List B (identity) + List C (authorization): Driver's license + SS card

E-Verify:
  - Create case within 3 business days of start
  - Resolve within 8 federal days
  - Do NOT terminate on tentative non-confirmation (employee right to contest)

I-9 audit:
  - Quarterly self-audit: random sample of 10 files
  - Annual comprehensive audit for 100+ employee organizations
  - Correct errors properly: line through, initial, date — never erase
```

## Records Request Handling

```
Internal requests:
  - Managers: direct report data, limited fields
  - Leadership: aggregated data only
  - HR: full access within role scope

Employee self-service:
  - View own records via HRIS portal
  - Cannot view: disciplinary files, investigation notes, manager comments
  - Formal copy request: respond within 30 days

Legal discovery:
  - Notify legal counsel immediately
  - Issue litigation hold
  - Collect per preservation protocol
  - Review for privilege before production

Regulatory audits (DOL, EEOC):
  - Notify legal counsel
  - Pull records per regulatory timeframe
  - Produce only what's requested
  - Maintain production log
```

## Edge Cases

- **HRIS migration**: map all fields, dual-run 1 cycle, validate completeness, maintain old system read-only for retention period
- **Global records**: comply with data residency (EU data in EU); translate forms; local legal review of retention policies
- **Union environments**: separate union files (grievances, CBA docs); union rep access per negotiated terms
- **M&A**: transfer records with privacy compliance; obtain consent where required; audit transferred records
- **Litigation holds**: suspend destruction immediately; communicate to all custodians