Manage employee files with Microsoft 365 and SharePoint  — Gravity Union (2023)

Every organization has employee files, and they need to be managed carefully to follow compliance rules.

Is the Microsoft 365 platform a good option for managing employee files? We think so!

There isn’t one standard process for managing employee files however. Every organization does it slightly differently, and there is also a ton of choice in the market for managing employee files.

There are general solutions like file shares as well as specialized HR systems. With our clients, we’ve seen that Microsoft 365 is a good starting point for managing employee files securely and efficiently. Let’s go through a few ways for building a great employee file solution with Microsoft 365.

What is an employee file?

An employee file is a collection of documents and information related to an employee's work history. They typically contain areas such as:

  • Employer contracts and NDAs

  • Original job description

  • Job offer letter

  • Performance reviews

  • Bonus and pay information

  • Training certificates

  • Notes on discipline, promotions, etc.

These assets could be saved all in one place, or they could be scattered in various systems, network drives, email, or nowhere at all.

Why invest in a Microsoft 365 solution for employee files?

Microsoft 365 can bring everything together and give people a central place to save and collaborate on employee files.

Even if your organization already has an HR system such as PeopleSoft or Workday for managing some or all parts of an employee file, Microsoft 365 and SharePoint can be beneficial for a few reasons:

  • Collaboration – Managers and contributors can work together to edit reviews, training plans, etc. before saving the ‘official’ version in the HR system of record.

  • Access – Sometimes only managers have access to the HR system, but contributors might need to view or edit assets at times. Generally, more people have access and licenses to M365 in an organization.

  • Security and compliance – It’s, of course, critical to protect employee files from unauthorized access, loss, or manipulation. This can be done by using M365 features such as encryption, permissions, audit logs, data loss prevention, and sensitivity labels. Legal requirements for data retention and deletion can be met with Purview retention policies and eDiscovery tools.

  • Integration and automation - Employee files can be integrated with other Microsoft 365 services, such as Teams, Outlook, OneDrive, Power Automate, and Power BI. You can also automate common HR tasks, such as creating new employee files, sending notifications, generating reports, and more.

To set up your employee file solution on Microsoft 365, we recommend the following steps:

  1. Plan the file structure

  2. Make use of metadata

  3. Design the user experience

  4. Configure security settings

  5. Handle the lifecycle and updates

  6. Layer in records management

1. Plan the file structure

The first step is to decide how you want to organize your employee files in SharePoint libraries and folders.

Every organization varies in how they define the requirements for an employee file, and there isn’t a one-size-fits-all approach.

Instead, when structuring the file and metadata, weigh the pros and cons of different structures.

For example, here are a few requirements from a client we worked with recently:

  • The organization has about 20,000 employee files including active and departed staff

  • Each employee file had 5 areas including contracts, payroll, training and performance

  • Each area has different security access requirements. For example, only HR staff can view contracts and payroll items.

Here’s the example structure of the employee file:

Because of the last security requirement, the employee file needs to have different permissions applied to each area. When you’re planning employee files for your organization, it’s crucial to understand these requirements before deciding on a structure.

In this case, we narrowed the design to two options:

1. Create one document library (or site) per employee that contains the 5 areas and secure each folder/item


2. Create a document library (or site) for each area which is secured at this top-level - e.g. a site for Contracts, another for Training and so-on.

For this special case, we chose option 2 because the security settings are easier to manage – there’s no need to break item-level or folder-level inheritance in every document library. The permissions are set once at the top-level — e.g. one group has access to Contracts, another to Payroll and so on.

The downside to this option is that it’s not as user friendly because you don’t navigate by employee and see all the files for one person together.

For other organizations, Option 1 for one site or document library per employee will make more sense. Option 1 is the more common and easier to use approach for most organizations.

However, like all things in SharePoint, you can design a great experience for either option with a little effort and knowing how to use webparts (we’ll show this below).

2. Make use of metadata

We recommend using the term store for metadata columns to add additional information to your files, such as employee name, department, or status.

With metadata, the experience of navigating and finding employee files is easier.

For example, you can create SharePoint document library views for active vs. archived employees, or sort by most recent Hiring Date:

One key consideration is to plan how you will apply metadata to the files.

Of course, the metadata can be manually entered by staff, but the task is time-consuming and error prone.

Another option is to migrate the metadata on files using a migration tool like Sharegate, especially if coming from an older version of SharePoint or a structure of file folders.

Another great option is to use automation tools like Microsoft Syntex to extract the metadata automatically from the documents. If files are semi-structured, you can build Syntex models to find and apply metadata.

This is why the previous step where you plan for metadata is so critical — the filters build upon that metadata design.

Search respects security and will only return content the employee has permission to access. It’s a great solution to enable staff to find specific employee files and to use the properties available as metadata in SharePoint.

4. Configure security settings

A key step in the process is to set the permissions and sharing options for your site and libraries.

You can use Microsoft 365 groups or roles to assign different levels of access to different users. Also make sure you define the process for setting security for new files going forward if that’s needed. Ideally though you pick an approach that automates the security settings or sets it once at the beginning as we described above.

For advanced settings and to protect employee files further, use sensitivity labels and data loss prevention policies to classify and protect your files.

5. Handle the lifecycle and updates

Managing the lifecycle and changes to employee files going forward are critical to the success and adoption of the solution.

To minimize steps and mistakes, we recommend using Power Apps. A Power App can be designed to provide quick access to common tasks such as making updates to metadata, handling role/position changes and adding new employees:

The reason we use Power Apps is to make it easier for people to complete these common lifecycle tasks and to execute multiple commands at once. These commands might even update other systems if needed such as syncing with the HR system of record or updating Active Directory.

Behind the scenes, we use Power Automate workflows to manage the sync of properties such as addresses, employee names to the HR system of record. We also use workflows to handle common tasks such as moving an employee from an active to an archive state.

6. Layer in records management

On the records management side, work with your Records Management team to add in the appropriate file plan to Purview and use the admin settings to auto-apply policies when files are added or changed:

You can also create rules to initiate automatic retention based on an employee event such as departure. For example, when the Status column changes to Terminated, employee files are then retained for a specific period.

We have a post that goes into more depth about using Purview records management and KQL.

What about physical records?

Your organization might keep paper copies of important signed documents such as offer letters or employment contracts.

A scanning solution that moves files into a document library is a good option for this. If you don’t use scanning, a tracking list can be created that contains info about where the files are stored, and for managing file check-in/out:

6. Train users

After setting up the solution and doing migration, don’t forget to educate your users on how to use the employee file solution on Microsoft 365.

We typically provide a checklist, guides, videos, or recorded workshop session on how to access, upload, edit, share, and search for employee files.


By using Microsoft 365 as your employee file solution, you can streamline your HR processes and improve the employee experience. One of the key benefits and value from using the M365 platform is the collaboration on employee file documents. Employees, managers and HR staff can update and work on employee files together, in a secure and compliant environment.

Top Articles
Latest Posts
Article information

Author: Francesca Jacobs Ret

Last Updated: 10/06/2023

Views: 6263

Rating: 4.8 / 5 (48 voted)

Reviews: 95% of readers found this page helpful

Author information

Name: Francesca Jacobs Ret

Birthday: 1996-12-09

Address: Apt. 141 1406 Mitch Summit, New Teganshire, UT 82655-0699

Phone: +2296092334654

Job: Technology Architect

Hobby: Snowboarding, Scouting, Foreign language learning, Dowsing, Baton twirling, Sculpting, Cabaret

Introduction: My name is Francesca Jacobs Ret, I am a innocent, super, beautiful, charming, lucky, gentle, clever person who loves writing and wants to share my knowledge and understanding with you.