Every business must legally store HR and payroll records for a certain period of time, otherwise they risk fines from HM Revenue and Customs (HMRC).
It’s important that HR and payroll records are accurate, up to date and feature all the required information. Without full records, HMRC may give a penalty of up to £3,000.
Companies must store payroll records for a minimum of three years from the end of the record’s tax year. These records include:
● Tax code notices
● Employee sickness absences and leave
● Payments made to HMRC
● Reports made to HMRC
● Payroll Giving Scheme documents
● Taxable benefits and expenses
After an employee leaves a company, the employer must keep PAYE, Statutory Pay and Maternity Pay records for three years after the employee has left.
Employers must keep records to prove that they’re paying their employees minimum wage. Previously, these had to be stored for three years. However, if these records meet the following, they must be kept for six years:
● Records that were created on or after 1st April 2021
● Had to be kept on 31st March 2021 under the previous three year rule
● The period the record covers starts from the last day of the pay reference period following the one they cover.
Employers must produce records for an individual pay reference period in one document.
Employee data including contracts, personal record and appraisals should be stored for six years after they have left the organisation.
Under GDPR this data is stored under legitimate interest or legal obligation.
This data can help protect a company against any tribunal claims that terminated employees may bring against you. This data can also be used in defence should there be a county court or high court claim.
During the hiring process, businesses end up with a lot of sensitive data including CVs, cover letters and interview notes.
This data should be stored for a minimum of six months. This is because this data can protect them and be used in defence should any discrimination claims be made against the organisation.
However, if a company wants to store recruitment data for longer than six month then they’ll need consent from the applicants. Without this consent, this data should be destroyed after six months.
Companies that still store paper-based employee data and payroll records in storage boxes, or in files on servers are at risk of breaching GDPR.
This can result in a severe fine - find out more about the hidden costs of non-compliance.
It is up to the data controller (the employer) to ensure compliant, up to date systems are in place and data is stored for the correct amount of time. Payescape’s HR management software and Payroll software guarantees GDPR compliance and reduces risk of errors and mistakes when it comes to record keeping.
Need help to understand what solution is best for your business?
Payescape Limited is authorised by the Financial Conduct Authority under the Payment Services Regulations 2017 (register number 821826) for the provision of payment services.