There are no federal and no known state rules regarding file storage. There are penalties and lawsuit consequences if confidential information is exposed to unauthorized persons. Best practice is an always-locked file cabinet in a private office that is locked when un-occupied. Files should not be left on a desk when the HR staff goes to lunch or break.
Medical information is covered by ADA regulations which requires medical information be kept separate from personnel files. Access to this sensitive information should be very restrictive â€“ even supervisors should not have regular access.
The laws do specify how to implement the required security but there are consequences when security fails.
Hope that helps you out. =)
A note about HR laws:
Laws concerning employee treatment, benefits, hiring and firingâ€¦etc are multi-level. What this means is that there are Federal laws, state laws and sometimes local regulations that have jurisdiction over an employee. The information presented here should not be considered legal advice. Ultimately, employers with serious legal questions should consult local attorneys with expertise in worker relations.
The questions and answers presented here are based on research and data from internet sources and should not be considered the final word.