Employee Files: Why Privacy Matters

Posted in office operations / filing / staff team

Employee Files: Why Privacy Matters

Your non-profit likely has a privacy policy. If your non-profit has a website, you for sure have a privacy policy. The policy likely talks about how you will collect and store information about your customers, clients, and maybe stakeholders. But have you thought about a version of a privacy policy as it pertains to your employee’s records?

Protect the employer AND the employee.

Employers need to keep information on employees. What that information is and how long to keep it, takes some consideration. Consider two scenarios.

Scenario #1: An employee who leaves the organization can seek legal action at anytime, years in the future. If that former employee has the records to prove their case in court and your non-profit destroyed their employee paperwork years ago, it might be difficult to refute the claim.

Scenario #2: Your non-profit has kept all employee files since incorporation. During a recent office move a box of employee files with sensitive information like social insurance numbers and employee birth dates was accidentally sent to the general trash instead of being sent for secure shredding. Imagine the horror of telling those employees they are at risk for identify theft and it’s your fault.

This needs a policy.

A non-profit executive director is responsible for having a strong employee document retention policy. One that protects both the organization and the employee. There are three factors to consider when drafting the policy.

How Long?

Organizations will want to keep employee files as long as necessary to be protected in legal matters. To learn those legal requirements, it helps to read through the provincial employment Act.  

Digital or hard copy?

Organizations will want to decide if employee files will be kept digitally or in hard copy format. Both options have different privacy risks to consider. Digitally stored files need to meet legal requirements for being accessed at a later date.

Which documents?

Finally, organizations will need to decide what documentation to keep. Will employee files with birth dates and social insurance numbers be kept, or will it be limited to time sheets, work plans, and annual evaluations?

Legal advice.

Ideally, an executive director will book a consultation with a lawyer to get a professional legal opinion that is more tailored for their specific organization. A lawyer can advise on how long to keep files, in what format, and which specific documents to keep. A lawyer can also advise on the risks of document storage.

Trust is key. Ask the team.

The policy on keeping employee records is an excellent topic for an executive director to discuss with the staff team. No matter the size of the team, letting employees have input on how their personal information is collected and stored goes a long way to building trust.

Not sure how to get started? Follow these steps...

Employee records and the inherent privacy needs/risks is a high priority policy. Executive directors can get started on drafting the right policy for their non-profits in two steps.

  1. Conduct a document audit. Take a close look at how employee records are being handled right now. Write down all the steps for how employee files are created, where they are stored when the employee is first hired, and where those files are located years after the employee has left. Spend some time searching through boxes in the storage room if you need to do it. Write down all the details.
  2. Talk to a lawyer. Book a consultation with a lawyer to learn the best way to mitigate risk for the organization and ensure privacy for the employees. Even if budgets are tight, this policy is one of the top five that needs to have professional legal advice.

What questions do you have?

We’re at the end of my post and I want to know what questions you have. Did I provide the details you were looking for? Did you learn something new? If you have questions, I want to know! Please use the form on the right side of the page to let me know.


Hi, I'm Christie. I help executive directors develop the systems and processes needed to run a non-profit.

I learned early in my career that there is no non-profit school. The day-to-day operations of running a non-profit are not taught. Anyone can become a non-profit executive director by simply being knowledgeable in their field. But that doesn’t help when it’s time to balance the budget, write a work plan, or conduct an employee evaluation.

I want your path to be easier. No more wasted time hunting for shortcuts or solutions.

I created ChristieSaas.com so non-profit leaders never need to wonder how to do the job. I have been the executive director of a small team, small budget, non-profits for 20+ years. My experience isn’t theory. It is based on real operational practical solutions.

I love my work and I want to help you love yours too.

If you’re a brand-new non-profit leader, or a little more seasoned, someone who’s looking to make a meaningful contribution and still have time for a full life away from the job, you’re in the right place.

© Christie Saas 2023 All Rights Reserved

Want to learn more?

Start with one of my free resources.

FREE Guides