Making the move to digital doesn't need to be overwhelming. Breaking it down into manageable steps makes handling the whole process easier. Start by choosing the right document management system for your needs.
You'll want NZ-specific compliance features so you're not trying to adapt overseas systems to our local requirements. Look for configurable retention policies that match the periods required by NZ law, role-based access controls to protect sensitive information, and good integration with your existing systems. The vendor should understand New Zealand employment legislation and have experience helping businesses through compliance audits.
Begin with digitising the current employment documentation for your existing employees since that's what you will likely need to access most often. Once that's working well, expand to digitising your existing employees’ historical records. The final step is then to digitise the employment documents for former employees (starting with the most recent and working backwards), noting that you don’t need to digitise the employment records for past employees who left 6 years ago as per retention periods table above). Setting clear timelines for each phase of the digitisation helps keep the project on track.
Quality control is crucial for maintaining the legal value of your documents. You need to verify that each document is complete with all its pages and attachments, that signature and date fields are properly validated, that documents are correctly named and classified for retention purposes, that access permissions are appropriate, and that version tracking is accurate. These checks ensure your digital documents hold the same legal weight as their paper predecessors.
Remember to communicate with your team. The Privacy Act requires transparency about digital storage practices. Ensure your staff knows how their documents are stored and secured, their rights to access personal information, how they can request corrections if needed, and how long different documents will be kept.
Regular reviews are essential for maintaining compliance. Plan for quarterly access permission reviews, annual retention policy audits, regular security testing, and sample-based documentation checks.
These systematic reviews help ensure that access security controls and the digitised employment documentation are complete and up to the required standards. This ongoing maintenance separates truly compliant systems from those that look good on paper.