Do you need help creating your small business’s HR policies, or updating the ones you already have? We’ve got the HR compliance checklist for you.

Here's what you need to know:
-
You can use calendars and checklists to stay on top of compliance requirements and due dates at the local, state, and federal levels
-
A checklist can help you keep track of general HR tasks, recruiting, hiring, compensation, benefits, payroll, and legal requirements
You know that staying in compliance is critical to the success of your business. Sometimes, however, keeping up with everything is easier said than done. Wouldn’t it be great if there was a tool you could use to keep all of the critical dates organized in one place?
We’ve got your back! This HR Compliance Checklist, in conjunction with the Zenefits 2022 Compliance Calendar, will take the stress out of your deadlines and get you on track to submit everything on time.
How can I keep on track of compliance?
It seems that there are constantly moving targets when it comes to HR compliance. So how are you supposed to keep track of each function? Let’s start by dividing things into more manageable chunks.
Every HR department has requirements that can be sorted by:
- Predictable or calendar-based compliance deadlines
- Employee or hire-dependent compliance deadlines that are more unpredictable
- Dynamic compliance deadlines that happen at the commencement of a leave of absence or separation
When you break your compliance requirements into these 3 buckets, it is easier to track what you need to care for and when you need to fulfill those requisite tasks. So let’s dig in.
Predictable compliance deadlines
There are certain compliance events you can count on every year, which can be put on your calendar to make sure you meet specific deadlines. Some of those include items such as:
- W2s to employees and the IRS – You must provide employees with this federal form demonstrating how much pay they earned, taxes that were deducted, and retirement benefits that were provided
- EEO-1 Reporting – If you have at least 100 employees or have at least 50 or more employees and are a federal contractor, you are required to file your company’s EEO-1 report to the EEOC to certify that you are complying with this regulation.
- Prior year’s OSHA report – You must post a summary of the prior year’s worksite injuries and Occupational Safety and Health Administration (OSHA)-related injuries and illnesses in a location where all employees can view it. Similarly, if you employ 250 or more employees (or 20-249 employees in a high-risk industry), you must file the OSHA form 300-A.
- ACA reporting – If you are an applicable large employer (ALE) of 50 or more employees, you must provide employees with their benefits-related reporting via form 1095C to your employees and both the 1094C and the 1095C to the IRS. If you are self-insured or do not fall under the ALE definition, you must file the 1095B to all employees and both the 1094B and 1095B to the IRS. Related to this, if you participate in the Multiple Employer Welfare Agreement (MEWA), you must file the M-1 if you provide benefits for 2 or more employees.
- PCORI reporting – If you offer your employees self-funded health care options, you must file Form 720 to meet the Patient-Centered Outcomes Research Institute Trust Fund (PCORI) requirements.
- Medicare Part D notification – You must provide employees information regarding Medicare Part D annually. This will usually be included as part of your annual benefits enrollment process and deadlines as it specifically ties to any prescription benefits you offer.
- Workplace posters – These are a requirement of the DOL (Department of Labor) and must be placed in a prominent location where all employees have access and can read them.
These are not your only annual compliance requirements, but they are the ones with specified deadlines that you can count on every year.
Employee-event driven compliance requirements
It would be wonderful if we could just put all of our reporting requirements on the calendar at the beginning of the year. Unfortunately, the nature of being in the business of people prevents us from doing that. So let’s discuss the reporting that must be completed based on employee-driven events.
Benefits and insurance-related reporting
There are rare times when an insurance company will provide you with a rebate for the premiums you have paid for health insurance. When this occurs, if your employees bear any of the cost of those benefits, you must notify them of the rebate and distribute their portion of the returned funds. If you have employees who have been grandfathered into certain programs, you must provide them with annual written notice.
Companies that collect any health-related data on employees must notify the employees and provide the EEOC with related Wellness Program reporting. And because there isn’t enough to keep track of, if your company fails to provide any reporting relating to the many healthcare-related requirements, you must also file a Form 8928 to disclose your failure to meet reporting requirements. There are more items you need to care for, including:
- HIPAA
- The National Medical Support Notice (NMSN)
- The Mental Health Parity and Addiction Act (MHPAA)
- Summary Plan Descriptions (SPDs)
- COBRA
- OSHA illness and injury reporting
- Michelle’s Law, and several more
For complete information, you can access an extensive list of all of the benefits and healthcare-related regulatory requirements available in Zenefits’ 2022 HR Compliance Guide.
I-9 filing
When a new employee joins your company, you must obtain verification of their legal ability to work in the US within 3-days of their hire and retain those documents for at least 3 years or at least 1-year after their termination.
Dynamic filing deadlines often dependent on plan changes
There is employee-specific information that must be provided when they are involved in a plan. Still, there are times when information about a plan changes, and employees must be notified. Some of our usual suspects will show up in this section, and you will generally have a brief window within which you have to provide the data.
COBRA
When an employee elects Consolidated Omnibus Budget Reconciliation Act (COBRA) coverage and changes to the related healthcare plan, you must provide that former employee notification of these changes and their recourse. There are also times when a payment is late or missed. You have to notify the participant within what period of time that their coverage will be canceled if payment is not received.
Summary of Benefits and Coverage (SBC)
When changes are made to benefits plans, you have a limited amount of time to notify the plan participants.
Newborns’ and Mothers’ Health Protection Act Notice (NMHPA)
Healthcare plans must include prescriptive care for newborns and mothers. This information must always be included in any SBC communications.
CHIPRA
The Children’s Health Insurance Program aligned with Medicaid must be communicated to all parents to ensure they have access to affordable healthcare for their children.
Womens’ Health and Cancer Rights Act Notice (WHCRA)
This notice must include specific information regarding what the plan offers, required deductibles, coinsurance limitations, and what is not covered under the plan.
HIPAA
Any plan changes must also include updated and current Health Insurance Portability and Accountability Act (HIPAA) notifications.
Avoid fines and watch lists
When you take time to make sure you are fully in compliance with all of the HR-related compliance regulations, you will keep your company in good working order. You will also help your company demonstrate that they value your employees.
For more information on this topic, you can also read:
- HR Compliance is a Hot Topic Amidst Reopening Small Businesses
- Outsourcing HR Compliance: What are the Benefits?
- The Importance of HR Compliance
Small business owners and HR leaders are working hard to manage the people center of their company while also staying on top of compliance requirements and calendar-based deadlines. Whether you’re a growing startup or an established small business, your HR team needs systematic approaches to remain compliant.
Use compliance calendars and checklists to pay attention to requirements and due dates like fixed, rolling, and dynamic deadlines at the local, state, and federal levels for compliance-related tasks.
Download Zenefits’ 2022 compliance calendar for legally-vetted information that helps you avoid missing important dates and the risk of hefty penalties. Use the following compliance checklist to create your HR policies — or as a way to revamp existing ones.
Whether you’re a growing startup or an established small business, your HR team needs systematic approaches to remain compliant.
Other general HR compliance tasks you may want to pay attention to
Employee files
- Make sure to create them and store them in a safe location
- Include employee’s application, disciplinary history, and performance reviews
- Double check that personal documents, drug test results, or polygraph tests don’t live in general employee files. You should store them in confidential files
Compliance posters
Ensure the United States Department of Labor’s mandatory posters are hung in a common area and clearly visible.
Performance reviews
Determine or review your performance review policy. If you’re still using the annual review, now may be the time to consider a more consistent and timely system of feedback.
Recruiting and hiring
Make sure your business has:
- Offer letter templates
- Form I-9 employment eligibility verification procedures. HR teams need to analyze and record employee verification documents — keep these in a designated place. Employers must provide these documents within 3 business days when requested
- Relevant non-competes, NDAs, invention disclosure, or intellectual property forms
- Documented policies on Title VII, age discrimination, sexual harassment, ADA, and FMLA. Your employee handbook is a good place to put these
Review or update:
- Verbiage on at-will employment
- Where your company posts job ads
- How to determine your target candidates
- What your onboarding process looks like
- Interviewing procedures, like who interviews and what questions to ask
- How to manage references
- How your applications ask for ADA status to make sure the wording is legal
Compensation, benefits, and payroll
Pay
Review your approach for structuring competitive pay. Factors like the multi-generational workforce and rise of the gig economy can make this tricky. Confirm your payroll structure, and revisit the payroll technology you’re using.
Benefits
What are your benefit offerings? Consider:
- PTO: Will you offer standard PTO or bundle with a flexible PTO policy?
- Voluntary benefits: Do you offer dental, vision, life insurance, and 401Ks? Companies do not have to provide these, but most competitive employers do
- Mandatory benefits: Unemployment, workers compensation (check your state’s specific laws), and if you have over 50 employees, health insurance coverage as well
Company compliance
Check for compliance on the following requirements. Have an automated compliance system in place where you can pull this information easily.
Fair Labor Standards Act
The FLSA requires compliance with minimum wage, overtime, child labor laws and provides guidelines for classifying employees as exempt or nonexempt. Check that you have systems in place for correctly paying overtime wages and keeping track of employee hours.
Equal Employment Opportunity Commission
The EEOC requirements include:
- Title VII of the Civil Rights Act: Bars discrimination on the basis of race, color, religion, sex, and national origin
- Title I of the Americans with Disabilities Act: Employers cannot discriminate “against qualified individuals with disabilities in job application procedures, hiring, firing, advancement, compensation, job training, and other terms, conditions, and privileges of employment”
- Age Discrimination Employment Act: Prohibits age discrimination in persons over 40
- Equal Pay Act: Requires equal pay for equal work for all sexes. Discrepancies are only permitted if they are “affirmative defenses” — and it is the employers’ burden to prove that they apply
Family and Medical Leave Act
The FMLA requires employers to provide 12 weeks of unpaid, job-protected leave for new parents, to care for sick loved ones, or for a number of other qualifying reasons.
Affordable Care Act
Under the ACA, employers with 50 or more full-time employees must provide healthcare to employees. Make sure your employee handbook is up to date with healthcare information.
Consolidated Omnibus Budget Reconciliation Act
COBRA requires that employers with more than 20 employees offer a continuation of healthcare with the same scope following a “qualifying event” that results in a change of employment status. Double check that your COBRA policy is clearly communicated, or you may face potential legal action.
Unemployment
Generally, employees who are terminated for performance reasons after a 90-day probationary period are entitled to unemployment pay, while those fired for misconduct are not.
Occupational Safety and Health Administration
Check that you have all the proper security measures in place for OSHA. This will largely depend on your business.
For example, companies that have certain chemicals on the premises must have material safety data sheets on-site. Other considerations for your HR compliance checklist are to clearly communicate workplace hazards to employees and double check you have a documented emergency action plan in place.
Anti-discrimination measures
Anti-discrimination training is mandated in the 6 states of California, Connecticut, Delaware, Illinois, Maine, and New York, but it’s a smart thing for all SBOs to provide regardless of legal obligation. Check your state’s requirements for training, signed acknowledgement, and more.
Triggered events
Confirm your company compliance procedures for the following:
- Injury at work
- FMLA
- Terminations
- Change in employment status, like from contractor to employee