Forget Me Not
The data contained in most HR systems covers a lot of ground. There are many dimensions of data kept on employees from personal data to employee data to payroll. Regulations differ on how long each dimensions must be kept. For example, FMLA requires data is kept 3 years, but OSHA requires 5 years. And even within a regulation different dimensions can differ. For example, ADA requires 3 years for name, but only 1 year for address or pay rate.
Different dimension are removed at different time frames. So what is not apparent to most people is “removing someone’s data” is not a whole sale delete all data about that person. Some data maybe removed, but other data could be retained as the company sees fit.
Other regulations affect a company depending on the their industry. For example, OSHA regulations require companies retain data for 30 years. The reason is it can take a long time for people to show signs of injury. For example, asbestos claims showed up 20-30 years after handling hazardous chemicals. This can also applies to sports teams because of things like CTE.
The good news is that we created a chart of the different human resources data and their retention periods for various laws. Each row represents a different data set, and each column a different law. On the right are combined statistics for the row. This includes the minimum, the maximum period, and the recommended retention periods.