HR Manager's Guide to Employee Records PDF Compliance

The foundational requirement in HR document management is maintaining three entirely separate file categories for each employee. This is not a best practice — it is a legal requirement rooted in the ADA, FMLA, and USCIS regulations. Commingling records between categories is a compliance violation that can surface immediately during a Department of Labor audit or litigation discovery. The three categories are: (1) General Personnel File — employment application, offer letter, performance reviews, disciplinary actions, promotions, acknowledgment signatures for handbook and policies, and termination documentation. (2) Confidential Medical and Benefits File — FMLA leave documentation, ADA accommodation requests and supporting medical certifications, workers' compensation records, disability leave paperwork, and any health information received through benefits administration. (3) I-9 File — Form I-9 and copies of supporting identity and work authorization documents, maintained entirely separately from both other categories. For digital PDF management, this means three separate folder structures (or three separate access-controlled locations within a document management system) for each employee. Not three subfolders within one employee folder — three separate top-level categories with independently controlled access permissions. Naming conventions within each category should be consistent and descriptive. For general personnel files: EmployeeID_LastName_FirstName_DocumentType_Date.pdf. For medical files: the same convention within a separately controlled folder structure, with access restricted to HR leadership, not line managers. The distinction between what a manager can access (general personnel file) and what they cannot (medical file) must be enforced through system access controls, not just folder organization. Before digitizing paper records, audit the existing paper files first. Remove any medical information from general personnel files and refile it correctly. Remove any I-9 copies from general personnel files. Document the audit in writing — demonstrating you conducted a compliance review is valuable if you later face a regulatory examination.

1. 1Step 1: Audit all existing employee records — both paper and digital — and categorize each document into one of three categories: General Personnel, Medical/Benefits, or I-9. Flag any medical documents currently in general personnel files for immediate separation
2. 2Step 2: Scan all paper documents to PDF using OCR so they are text-searchable; organize scanned files by employee ID and document category before importing into your HR system
3. 3Step 3: Create three separate folder structures (or access-controlled locations) per employee: General Personnel, Medical/Benefits, and I-9 — with different access permissions applied to each
4. 4Step 4: Apply a consistent naming convention across all three categories: EmployeeID_LastName_DocumentType_Date.pdf — ensuring document type is specific enough to identify without opening (e.g., PerformanceReview_2024Q3, FMLAMedicalCertification_2024, I9_FormAndDocuments_HireDate)
5. 5Step 5: Password protect all Medical/Benefits PDF files with a separate credential from general personnel files, and document who holds access to each credential level

The Americans with Disabilities Act requires that medical information about employees be kept in separate files with access limited to specific individuals who have a need to know. The permissible access list is narrow: HR personnel administering leave or accommodations, first aid and safety personnel who need to know about emergency response requirements, government officials investigating compliance, and insurance companies requiring the information for coverage administration. An employee's direct manager is not on this list. This is where many employers create compliance risk without realizing it. If your HR system allows managers to access employee files without differentiated permissions, and medical information is stored in the same folder as performance reviews, you may be in violation of the ADA every time a manager reviews an employee's file. For PDF-based HR systems, the practical solution is separate password protection for all Medical/Benefits PDFs, with the credentials held only by authorized HR personnel. LazyPDF's protect tool can apply password protection and print/copy restrictions to PDF files. Use a different password for medical files than for general HR system access, and store medical file credentials in a separately secured location. For FMLA documentation specifically: medical certifications received from healthcare providers must be treated with the same confidentiality protections as ADA medical records, even though FMLA does not technically require the same separation as ADA. Best practice is to store FMLA certifications in the medical file, not the general personnel file, regardless of the technical legal requirement. For disability accommodation documentation: the accommodation request, the medical certification supporting it, the interactive process notes, and the accommodation decision should all be in the medical file. The general personnel file should contain only a one-line notation that an accommodation exists — not what the accommodation is or what condition prompted it. When a medical file PDF needs to be shared outside HR — with a workers' compensation insurance carrier, or an outside attorney reviewing a disability claim — watermark the document with 'CONFIDENTIAL — MEDICAL RECORDS — NOT FOR FURTHER DISTRIBUTION' before transmitting, and retain a log of every external disclosure.

I-9 compliance is one of the most audited areas of HR practice. ICE (Immigration and Customs Enforcement) conducts thousands of I-9 audits annually, with penalties ranging from $281 to $2,789 per violation for paperwork errors and substantially higher for substantive violations or pattern violations. The I-9 record for each employee must be maintained in its own file — not in the general personnel file, not in the medical file — and must be retrievable within three days of an ICE audit Notice of Inspection. For digital I-9 management, USCIS regulations permit electronic storage but impose specific requirements: the system must include an audit trail that records who accessed, created, or modified each I-9 record; the records must be indexed to allow retrieval by employee name or other identifier; and the system must be capable of producing legible copies on demand. A basic folder of PDF files maintained in a shared drive without access logging does not fully satisfy these requirements. However, for smaller employers without enterprise HR software, a well-organized PDF system with the following elements generally demonstrates good-faith compliance: each employee's I-9 is a separate PDF file named consistently (I9_LastName_FirstName_EmployeeID_HireDate.pdf), stored in a dedicated I-9 folder with its own access controls, and backed up regularly. Copies of supporting documents (passport, driver's license and Social Security card, etc.) should be scanned and stored in the same PDF file or as an attachment to the I-9 PDF. Retention schedules for I-9 records are specific and must be tracked: retain each I-9 for three years from the date of hire OR one year after the date of termination, whichever is later. An employee hired January 1, 2020 and terminated March 15, 2022 must have their I-9 retained until March 15, 2023 (one year after termination, which is later than three years from hire date of January 1, 2023). Build retention date tracking into your I-9 folder naming or maintain a separate retention schedule spreadsheet. For remote hires — an increasingly common situation — the I-9 completion process requires a physical document inspection by an authorized representative. Document this process: save the authorized representative's name and contact information, the date of inspection, and any video verification records in the same I-9 PDF package.

New employee onboarding generates a predictable set of documents that should arrive as a complete, organized package — not a series of ad hoc emails and attachments. Standardizing onboarding documentation as PDF packages reduces errors, ensures nothing is missed, and creates a clear paper trail demonstrating that the employee received and acknowledged required disclosures. A complete onboarding PDF package typically includes: the signed offer letter, benefits enrollment forms, direct deposit authorization, the signed employee handbook acknowledgment, applicable state new-hire disclosures (these vary significantly by state and must be current), any required safety training acknowledgments, and the confidentiality or non-disclosure agreement if applicable. Some employers also include the job description signed by both parties. Merge these documents into a single, organized onboarding PDF for the employee's general personnel file — with the most legally significant documents (offer letter, handbook acknowledgment, state disclosures) first. Use LazyPDF's merge tool to combine the individual signed documents into one file per employee. This single-file approach makes the onboarding package easy to locate during audits and eliminates the risk of individual documents being lost in a disorganized folder. For onboarding packages delivered electronically to new hires before their start date, compress the combined PDF before emailing. Onboarding packages frequently include scanned or photographed documents submitted by the employee (identification for I-9 purposes, professional certifications, prior employment verification responses) that can create large files. LazyPDF's compress tool reduces these to email-friendly sizes without losing readability. Keep state-specific disclosure requirements current — state labor law compliance requirements change frequently. Assign a specific HR team member responsibility for reviewing and updating onboarding PDF templates annually, documenting the review date in the template filename.