Managing Personnel Records

Introduction

Personnel records document the management of employees and are important records in all public offices.

These records may need to be maintained longer after an employee has left the organisation, in order to protect ongoing rights and interests of the employee and the organisation.

Personnel records contain personal and health information about individuals. They should be protected and handled as sensitive information (see NSW Government Information Classification, Handling and Labelling guidelines). 

Types of personnel records

There are a range of different types of personnel records, including:

• A personnel record or file for each employee which covers employment and service history, and includes information on separation from the public service – often known as personnel or employee files
• Non–employee specific personnel files (organised by activity or topic) e.g. Procedural or policy files, recruitment and selection records
• Records and data in various personnel management systems, including talent management systems, recruitment and on-boarding systems, performance management systems, payroll systems, etc.  
• Attendance and leave records, and often payroll are managed in business applications such as SAP.

Note: In Machinery of Government (MoG) changes, when organisations merge or unmerge, it is important to ensure that service records for employees, and records of entitlements such as leave balances and leave loading are transferred as part of administering the MoG change.

Regulatory and organisational considerations

It’s important to understand the regulatory framework for personnel records, as these requirements need to be incorporated into the design of recordkeeping systems for personnel records, and policy and procedures for managing records.

The following should be considered in managing personnel records:

• Retention periods for personnel records are specified in General retention and disposal authority: administrative records (GA28),  General retention and disposal authority: local government records (GA39)
• Privacy and Persona­­­­l Information Protection Act 1998 (PPIP Act)
• Health Records and Information Privacy Act 2002 (HRIP Act)
• Government Sector Employment Act 2013 and associated guidelines (see also Government Sector Employment Regulation 2014, )
• Awards or enterprise agreements which identify salaries, wages and conditions of employment, e.g. enterprise agreements of universities establish rules, conditions and entitlements of employees
• Policies and procedures from the NSW Public Service Commission including the NSW Government Personnel Handbook 
• Policies and procedures for access/privacy/security 
• NSW Government Information classification, handling and labelling guidelines (Currently under review)
• Organisational policies and procedures

Designing systems to manage personnel records

It’s important to design systems to manage personnel records. Here are some design tips:

• ensure that an adequate summary record of each employee’s service history is created and retained. The summary record should include employee’s name, date of birth, dates of employment/service, positions held and salary, and locations worked.  These summary records are required as State archives.
• manage personnel records with short retention periods separately to personnel records with long retention periods or required as State archives, as this enables the public office to manage the retention and disposal of records. Examples include:
  • grievance records see GA28 – PERSONNEL - Grievances - 15.5.1 and GA39 - PERSONNEL - Grievances 22.10.0
  • staff performance management records see GA28 – PERSONNEL – Performance Management – 15.9.3 and GA39 - PERSONNEL – Performance Appraisal 22.17.3
  • conflict of interest declarations see GA 28 – PERSONNEL – Employee Service History 15.4.6 and  GA39 - PERSONNEL – Disclosure of Interest 22.5.1
  • applications for leave see GA 28 – PERSONNEL – Leave, Attendances and Absences  –  15.7.2 to 15.7.3 and  GA39 - PERSONNEL – Leave 22.12.2 and 22.
• include access and permission controls in the system design to ensure that personnel records are secure and that access is restricted to authorised users.

First published 2003/Revised 2012 / Revised 2013/Revised 2020