Personnel files are one of the quietest sources of compliance risk in your business. This guide covers how to structure your personnel records, what belongs in each file, the federal retention rules to plan against, and what good records management looks like as an HR function.
Personnel files do not get attention until something goes wrong. A discrimination charge lands. An EEOC auditor asks for the I-9 binder. A terminated employee asks for their file under a state access law. At that point, the structure of your records and the discipline behind your retention policy stops being an administrative detail and starts being the foundation of your legal defense.
The good news is that the federal baseline is stable, the structural rules are well-established, and a well-run personnel records function is not complicated. It does need to be deliberate.
How should you structure your personnel records?
A personnel file is the official record of an employee's relationship with your business, from application through separation. Federal law does not prescribe a single file structure, but several statutes do require certain records to be kept separately from the main file. Following those separation rules is the most important structural decision you make.
At a minimum, a well-run records function maintains five distinct files for each employee:
- A general personnel file for hiring, performance, and employment-history records
- A confidential medical file for any health-related information, segregated as required by the Americans with Disabilities Act
- An I-9 file holding the Form I-9 and supporting documents, kept separately so it can be produced quickly under audit
- An EEO and protected class file for self-identification and investigation records
- A payroll file for wage and tax records subject to FLSA and IRS retention rules
Each file has a different legal owner, a different retention clock, and a different access standard. Storing them together creates compliance exposure that is easy to avoid.
What records belong in each personnel file?
Each of the five files exists to satisfy a specific legal or operational requirement. The contents of each are not interchangeable, and records misfiled across categories are one of the most common findings in an HR audit.
The sections below cover what belongs in each, and why the separation matters.
1. The general personnel file
The general personnel file holds the employment history of the individual: how they came to work for you and how their relationship with the business has evolved. It is the file most people picture when they hear the term "personnel file."
Records that belong here include the resume or application, offer letter, signed handbook acknowledgments, training certifications, performance evaluations, closed disciplinary records, transfer or promotion documentation, and termination paperwork. This is also the file an employee may be entitled to inspect under state law.
Keep it free of medical information, immigration documents, and any record reflecting a protected characteristic. Those belong in the separate files described below.
2. The confidential medical file
The confidential medical file exists because the Americans with Disabilities Act requires it. The ADA mandates that any document relating to an employee's medical condition be kept on a separate form, in a separate file, with access restricted to those with a legitimate business need.
Records that belong here include doctor's notes, medical certifications, drug test results, workers' compensation paperwork, ADA reasonable-accommodation requests and decisions, FMLA leave documentation, and initial COBRA and HIPAA notices. Health insurance enrollment forms, when they contain medical information, also belong here.
The penalty for getting this wrong is direct: a single medical document filed in the general personnel file can support an ADA claim before you have done anything else. Restrict access to this file to a named list of HR personnel.
3. The I-9 file
Form I-9 records belong in their own file, held separately from every other personnel record, for both legal and operational reasons. U.S. Citizenship and Immigration Services requires employers to retain each I-9 for three years from the date of hire or one year after employment ends, whichever is later. When an immigration auditor arrives, the forms must be producible promptly.
Records that belong here include the completed Form I-9 for each employee, supporting identity and work-authorization documents, and any reverification records. Many employers keep all current I-9s in one binder and separated former-employee I-9s in another, so the active set can be produced fast.
I-9 enforcement has become more aggressive in the past year, which makes the discipline of keeping this file accurate, current, and audit-ready more important than it has ever been.
4. The EEO and protected class file
The EEO file holds records that reflect membership in a legally protected class. Equal Employment Opportunity regulations and best practices keep this information out of the general personnel file so that hiring managers and supervisors cannot see it during routine personnel decisions.
Records that belong here include voluntary self-identification of race, gender, ethnicity, veteran status, and disability, along with EEO-1 survey copies and workplace investigation files. Treat investigation files as especially sensitive: keep them under restricted access and label them as part of the EEO file rather than the general one.
Recent shifts in federal enforcement have raised the visibility of these records for every employer, regardless of headcount or political stance. Consistent handling matters more than ever.
5. The payroll file
The payroll file holds wage, tax, and deduction records subject to the Fair Labor Standards Act and the IRS. The Department of Labor requires employers to retain payroll records for at least three years and wage-computation records, including time cards and schedules, for at least two years.
Records that belong here include W-4 elections, direct deposit information, time and attendance data, pay stubs, garnishments, and child-support orders. Payroll records contain Social Security numbers and bank details, so the access policy on this file should be at least as restrictive as the medical file.
How long do you need to keep personnel records?
Personnel record retention is governed by a stack of overlapping federal statutes, with state law layering on top. The federal baseline below is the minimum; longer retention is often the right call.
The Equal Employment Opportunity Commission requires employers to keep all personnel and employment records for one year from the date the record was made or the personnel action was taken, whichever is later. For involuntary terminations, the clock runs one year from the termination date. The rule sits in 29 CFR Part 1602 and applies to records made under Title VII, the ADA, and GINA. The EEOC has proposed extending it to the Pregnant Workers Fairness Act, with a final rule pending.
The Fair Labor Standards Act sets a three-year minimum for payroll records and two years for wage computation. The Family and Medical Leave Act requires three years for FMLA-related documentation. The Age Discrimination in Employment Act requires three years for payroll records. The I-9 retention rule, three years from hire or one year after employment ends, sits on top of the others and is enforced separately by Immigration and Customs Enforcement.
State law often imposes longer requirements. California's Senate Bill 807 requires personnel files to be retained for at least four years from creation or the relevant employment action. Washington state requires payroll records for three years and access to personnel files within 21 calendar days of an employee request. Massachusetts requires written notification within 10 days when adverse information is added to a file. Check your state's rules and consult an HR compliance advisor if unsure.
What does good personnel records management look like?
Federal retention rules tell you the floor. Good records management is what keeps you off the floor when something goes wrong. In mid-sized firms that have grown fast, the most common audit findings are inconsistent file structure, missing or misfiled I-9s, retention policies that exist on paper but are not being followed in practice, and access controls that have not kept up with headcount.
The seven practices below are the difference between a records function that protects the business and one that exposes it:
- Written records policy. Name each file, the records that belong inside it, the retention period for each category, and the secure disposal process. Without a written policy, retention decisions get made one record at a time and consistency drops.
- Restricted access. Personnel records should be accessible only to those with a legitimate business need. Hold the medical and EEO files to a named, short list of HR staff, and log access where the system supports it.
- Digital records on a real HRIS. Cloud-based systems have made the access permissions, audit trails, and disposal workflows that compliance demands easier than paper ever was. Choose a system that supports per-record retention rules and access logging, and migrate paper records into it deliberately.
- Consistent employee access policy. Several states give employees the right to inspect their own personnel file. Even where state law does not require it, granting access selectively creates risk. Decide on a policy, document it, and apply it the same way every time.
- Secure disposal. At the end of the retention period, dispose of records so they cannot be read or reconstructed. Shred paper, use certified destruction for media, and confirm your HRIS deletion is complete rather than just a hidden flag.
- Litigation hold procedure. When a charge, lawsuit, or investigation is pending or threatened, the standard deletion schedule has to pause. Document the hold process so it can be triggered quickly and tracked across the records system.
- Annual audit, with current counsel. Federal employment law continues to evolve, and the past year alone has brought meaningful changes in agency enforcement priorities. An annual review of your policy, retention schedule, and actual file practice against current counsel guidance is the single best protection against the next audit, charge, or lawsuit.
Need help auditing your personnel records?
Personnel records become a problem the day you discover they are out of date, inconsistent, or missing what an auditor wants to see. A regular audit, supported by people who do this for a living, is the most efficient way to keep your records function out of trouble and your HR team focused on higher-value work.
Helios HR works with mid-sized organizations across the Mid-Atlantic to do exactly that:
- HR compliance and risk management audits of your records, policies, and retention practice
- HR consulting to build or revise the written records policy your team will work from
- HRIS consulting to choose and configure the system that holds your records
- HR outsourcing to take ongoing records management off your HR team's plate
Book a call with a Helios HR consultant to discuss a personnel records audit for your business.
FAQ
What is the difference between a personnel file and an employee file?
The two terms are usually used interchangeably to describe the official record of an employee's relationship with their employer. Some organizations use "employee file" as the umbrella term covering the general personnel file, the medical file, the I-9, the EEO file, and the payroll file together.
What documents must be kept in a personnel file?
A general personnel file should hold the employee's resume or application, offer letter, signed handbook and policy acknowledgments, training records, performance evaluations, closed disciplinary records, transfer and promotion documentation, and termination paperwork. Medical, immigration, EEO, and payroll records belong in separate files.
How long do you have to keep employee records?
Federal minimums vary by record type: one year for general personnel records under EEOC rules, three years for payroll under the FLSA, three years for FMLA records, and three years from hire or one year after employment ends, whichever is later, for I-9 records. State law often requires longer. When in doubt, retain for the longest period that applies.
Why do medical records have to be kept separately?
The Americans with Disabilities Act requires employers to keep medical information on separate forms, in a separate file, with access restricted to authorized personnel. The separation protects employees from having medical information considered in routine personnel decisions and protects employers from ADA claims based on improper disclosure.
Where should I-9 forms be stored?
I-9 forms should be stored separately from the general personnel file, ideally with all current I-9s held together so they can be produced quickly under an immigration audit. Storage can be paper, electronic, or microform, but the forms must be retrievable within three business days of an inspection notice.
Can employees see their own personnel files?
It depends on state law. Several states, including California and Washington, give employees the right to inspect their personnel file on request, with specific deadlines and conditions. Even where state law does not require it, the right policy is to decide on an access standard, document it, and apply it consistently across all employees.
How often should we audit our personnel records?
At least annually. An annual audit confirms that records are filed correctly, retention schedules are being followed, access controls are working, and your written policy reflects current federal and state law. Compliance requirements continue to shift, so the audit needs to look at policy as well as practice.
Related resources
EEOC: Recordkeeping Requirements
Department of Labor: Fact Sheet #21: Recordkeeping Requirements under the FLSA
USCIS: I-9, Employment Eligibility Verification