HR Policies And Procedures: Guide, Examples + Templates

If you’re wearing the HR hat on top of everything else, “just write the handbook” can feel like a trap. The stakes are real: inconsistent decisions, compliance exposure, confused managers, and a culture that drifts. You don’t need a wall of legalese—you need clear, defensible HR policies and procedures that people actually use, backed by templates that save hours and reduce risk.

This guide gives you exactly that. We’ll walk through the essential HR policies and procedures every growing U.S. employer should have, explain what each one covers, call out must‑have clauses, flag common pitfalls, and include a practical template or checklist you can plug into your HR manual or employee handbook. From EEO, harassment, accommodations, and time off to remote work, data privacy, pay practices, recruiting, discipline, termination—and even generative AI—we’ve curated what matters now, with plain‑English guidance you can implement. Prefer done‑for‑you? The first section shows how Soteria HR can build or refresh your policies end‑to‑end. Ready to build a handbook you can stand behind? Let’s start with the essentials.

1. Soteria HR: done-for-you policies, procedures, and templates

Need this done right? Soteria HR builds compliant HR policies and procedures—and handles rollout.

Purpose and scope

We assess your risks and jurisdictions, then design policies that fit your ops. Each document names purpose, scope, owner, and review date.

Must-have clauses

We include must-haves counsel expects: definitions, responsibilities, reporting paths, and enforcement. We align related policies to avoid conflicts.

Common pitfalls to avoid

We cut vague language, copy‑paste templates that miss state rules, and exceptions. Policies stay defensible.

Template or checklist

Deliverables: editable templates, procedures, guides, rollout plan, and acknowledgments. Plus a quick-start checklist to refresh your handbook fast.

2. Equal employment opportunity (EEO) and non-discrimination policy

Purpose and scope

Your foundation policy. It commits the company to fair, bias‑free decisions across hiring, pay, promotions, training, and termination for applicants, employees, and interns—consistent with EEOC laws and applicable state/local requirements.

Must-have clauses

State your standards clearly, then back them up with accountability.

• EEO statement: Equal opportunity in all employment actions.
• Protected classes: Per EEOC and applicable state/local law.
• Scope: Applies to applicants, employees, interns, contractors.
• Prohibitions: No discrimination, harassment, or retaliation.
• Accommodations: ADA and religious request process.
• Reporting: Multiple channels; no manager gatekeeping.
• Enforcement: Investigation steps and consequences.

Common pitfalls to avoid

Briefly name the traps so managers don’t repeat them.

• Missing state categories (e.g., gender identity).
• Vague reporting (single channel, no timelines).
• No tie‑in to training or policy reviews.

Template or checklist

Use this to draft or audit quickly.

• Policy statement + scope + definitions.
• Protected classes + prohibited conduct.
• How to report + investigation flow + anti‑retaliation.
• ADA/religious accommodation steps + owner + review date.

3. Anti-harassment and hostile work environment policy

Purpose and scope

This policy sets zero tolerance for unlawful harassment and hostile work environments, defines prohibited conduct (including sexual and non‑sexual), and ensures timely reporting, investigation, and corrective action for applicants, employees, interns, and contractors—a core part of your HR policies and procedures.

Must-have clauses

Cover these essentials so expectations and processes are unmistakable.

• Clear definitions: Sexual/non‑sexual; verbal, visual, physical, digital.
• Examples: From slurs and jokes to unwanted advances.
• Multiple reporting paths: HR, manager, hotline/email; no gatekeeping.
• Manager duties: Act, escalate, and preserve confidentiality.
• Investigation steps: Prompt, impartial, well‑documented.
• Interim measures: Safety and work adjustments as needed.
• Consequences + no retaliation: Up to termination.

Common pitfalls to avoid

Avoid gaps that undermine credibility and legal defensibility.

• Too‑narrow definitions that miss common behaviors.
• Single reporting channel or vague timelines.
• No training or records of complaints and outcomes.

Template or checklist

Use this quick audit when drafting or updating.

• Policy statement + scope.
• Definitions + illustrative examples.
• Reporting options + investigation flow.
• Anti‑retaliation + corrective actions.
• Policy owner + effective/review dates.

4. Anti-retaliation policy

Purpose and scope

Protects anyone who raises concerns, joins investigations, or requests accommodation or leave. Applies to applicants, employees, interns, and contractors.

Must-have clauses

Define retaliation with examples (termination, demotion, cuts, exclusion). Promise good‑faith protection, multiple reporting channels, prompt investigations, confidentiality where possible, and consequences.

Common pitfalls to avoid

Requiring proof of ‘intent’ or protecting only formal complaints. Single reporting path, no interim safeguards, or weak reminders.

Template or checklist

Include statement, scope, definitions, examples, reporting options, investigation steps, interim measures, and consequences. Name owner, timelines, training, and review date.

5. Code of conduct and ethics policy

Purpose and scope

Sets clear expectations for professional behavior, integrity, and lawful conduct for everyone representing the company—on site, off site, and online. Anchors day‑to‑day decisions to your values and legal duties.

Must-have clauses

Include clear rules and processes.

• Professional conduct: Respectful, inclusive behavior.
• Conflicts of interest: Disclosure and recusal.
• Confidentiality: Protect company and personal data.
• Resources use: Proper use of systems and assets.
• Gifts/anti‑bribery: Limits and approval.
• Reporting & enforcement: How to report and consequences.

Common pitfalls to avoid

• Vague values without examples.
• No disclosure process for conflicts.
• Silent on digital conduct (email, chat, social).
• Rules for some, not all (leaders exempted).

Template or checklist

• State purpose, scope, definitions.
• List standards with examples and prohibited conduct.
• Add COI disclosure form, reporting channels, anti‑retaliation.
• Name policy owner, effective date, review cadence, acknowledgment.

6. At-will employment statement (US)

Purpose and scope

Confirms the U.S. at‑will employment relationship: either the company or the employee may end employment at any time, with or without cause or notice, for any lawful reason. Applies to all employees unless a valid written agreement states otherwise, consistent with applicable law.

Must-have clauses

• Plain at‑will definition: Either party may terminate at any time, for any lawful reason.
• No contract: The handbook/policies are not an employment contract.
• Modification authority: At‑will status may be changed only by a written agreement signed by the CEO or authorized officer.
• Legal caveat: Decisions must comply with federal, state, and local laws (no discrimination, harassment, or retaliation).

Common pitfalls to avoid

• Job security promises: Phrases like “permanent” or “for cause only.”
• Implied guarantees: Rigid progressive discipline that appears mandatory.
• Manager assurances: Verbal promises that contradict at‑will.
• Buried notice: Hiding the statement without a signed acknowledgment.

Template or checklist

• One‑paragraph at‑will statement + non‑contract disclaimer.
• Modification clause naming who can sign changes.
• Compliance caveat (lawful reasons only; no discrimination/retaliation).
• Employee acknowledgment language + policy owner and review date.

7. Workplace health, safety, and injury reporting policy

Set clear safety rules and fast injury reporting. This policy defines emergency procedures, hazard prevention, and immediate incident reporting as part of your HR policies and procedures.

Purpose and scope

Applies to all workers and sites; covers safety standards, emergencies, reporting, and corrective actions.

Must-have clauses

Include:

• Emergency roles and contacts.
• Reporting timelines and channels.
• Investigation, documentation, remediation.

Common pitfalls to avoid

Avoid:

• Vague reporting windows.
• Single report path via manager.
• No recordkeeping or follow‑up.

Template or checklist

Quick audit:

• Post procedures and contacts.
• Train, drill, and log.

8. Workplace violence prevention and zero-tolerance policy

Purpose and scope

Sets zero tolerance for threats, intimidation, stalking, or physical violence—including domestic-violence spillover—and bans weapons. Applies to employees, contractors, and visitors at all work sites (on-site, remote, client locations). Defines emergency response, reporting, investigations, interim safety measures, and consequences, with law-enforcement cooperation as needed.

Must-have clauses

Include:

• Clear definitions and bans: Definitions; weapons list; covered locations (office, field, remote).
• Response and reporting: Multi‑channel reporting, 911 guidance, anti‑retaliation, investigation steps, and consequences.

Common pitfalls to avoid

Avoid:

• Too narrow scope: Narrow definitions; ignoring domestic‑violence impacts; single reporting path; no training or documentation.

Template or checklist

Checklist:

• Build the core: Zero‑tolerance statement, definitions, weapons ban, covered sites; reporting and emergency steps; investigation flow; consequences.

9. Drug and alcohol policy

Purpose and scope

Sets substance‑use rules to protect safety within your HR policies and procedures; applies during work time, on company property and job sites, including safety‑sensitive roles.

Must-have clauses

Ban possession/impairment; define testing (reasonable suspicion, post‑incident, random for safety/DOT roles); prescription disclosure; consequences and EAP.

Common pitfalls to avoid

Vague “impairment” definition, ignoring state/local rules, untrained supervisors, and weak documentation/chain‑of‑custody.

Template or checklist

Include statement/scope, prohibited conduct, testing triggers/procedures, DOT carve‑outs, consequences, EAP, policy owner, and review date.

10. Accommodation policy (ADA, pregnancy, and lactation)

Purpose and scope

Part of your HR policies and procedures, this defines reasonable accommodations for disability, pregnancy, and lactation under applicable law. Applies to applicants and employees on‑site and remote.

Must-have clauses

Include definitions; a prompt interactive process; request channels (HR/manager); confidentiality; lactation breaks and private space; anti‑retaliation.

Common pitfalls to avoid

Avoid demanding “100%” fitness, over‑collecting medical info, single reporting paths, or pushing leave before job modifications.

Template or checklist

Provide: request form, process steps/timelines, decision notice, and a lactation room checklist.

11. Religious accommodation policy

Purpose and scope

Ensure equal treatment by providing reasonable accommodations for sincerely held religious beliefs and practices. Applies to applicants and employees across scheduling, dress/grooming, prayer/observance, and job duties—consistent with U.S. law and applicable state/local requirements as part of your HR policies and procedures.

Must-have clauses

State the standard and make the process easy to use.

• Definitions: “Sincerely held belief/practice,” covered observances.
• Request process: How to ask (HR/manager), timelines, minimal documentation.
• Interactive process: Good‑faith dialogue; alternatives considered.
• Examples: Schedule swaps, holiday observance, prayer breaks, dress/grooming exceptions, job reassignments where feasible.
• Undue hardship: Case‑by‑case assessment consistent with applicable law.
• Confidentiality & anti‑retaliation: Protect requestors and participants.

Common pitfalls to avoid

• Blanket denials or forcing PTO when adjustments exist.
• Requiring clergy letters or burdensome proof.
• Inconsistent approvals across teams; poor documentation.
• Treating religious requests differently from other accommodations.

Template or checklist

Include: request form, evaluation steps and timelines, decision notice with rationale, appeal option, policy owner, effective/review dates, and manager training notes.

12. Work hours, scheduling, and overtime compliance policy

Purpose and scope

This policy defines work hours, scheduling authority, timekeeping, and overtime rules in line with federal, state, and local wage‑and‑hour laws. It applies to all employees and clarifies expectations for non‑exempt vs. exempt roles, approval of overtime, and accurate records—key pillars of defensible HR policies and procedures.

Must-have clauses

Include:

• Workweek definition; scheduling authority.
• Accurate timekeeping; no off‑the‑clock work.
• OT for non‑exempt per law; preapproval.
• Exempt pay treatment; permissible deductions only.

Common pitfalls to avoid

Avoid:

• Misclassifying roles as exempt.
• Auto‑deducting meals without verification.
• Expecting after‑hours work from non‑exempt.

Template or checklist

Checklist:

• Define workweek and scheduling process.
• OT approval workflow; timekeeping instructions.
• Owner, monitoring/audits, effective/review dates.

13. Attendance and punctuality policy

Purpose and scope

Sets expectations for showing up ready to work, how to report lateness or absences, and when documentation is required. Applies company‑wide and supports scheduling and compliance in your HR policies and procedures.

Must-have clauses

Include:

• Notification: Deadlines, approved methods, contact.
• Definitions & consequences: Tardy, no call/no show, job abandonment.
• Documentation & tracking: Medical notes; pattern review; progressive discipline.

Common pitfalls to avoid

Avoid:

• Single-channel reporting that delays notice.
• Ignoring protected leave when assessing absences.

Template or checklist

Use:

• How to report: Who, when, how.
• Decision tree: Excused vs. unexcused; escalation.

14. Meals and rest breaks policy

Purpose and scope

This policy defines duty‑free meal periods and paid rest breaks in compliance with federal, state, and local wage‑and‑hour rules. It applies to all employees; specific scheduling, duration, and pay treatment primarily affect non‑exempt staff, while exempt employees follow professional scheduling expectations.

Must-have clauses

Set clear, lawful rules and the mechanics to enforce them.

• Jurisdiction compliance: Break lengths/timing vary by location; follow the most protective rule.
• Duty‑free standard: No work during meal periods; paid rest breaks are uninterrupted and on‑the‑clock.
• Timekeeping & attestations: Record meal start/end; report missed/short/late meals; pay any premiums as required by law.
• No off‑the‑clock work: Working through breaks requires advance approval and must be recorded.
• Manager duties: Schedule coverage, prevent work during breaks, monitor exceptions, escalate issues.
• Related policies: Coordinate with overtime, accommodation, and remote‑work procedures.

Common pitfalls to avoid

Small gaps here create big wage‑hour risk.

• Auto‑deducting meals without verification or attestation.
• Allowing or encouraging work during breaks (answering emails/calls).
• One‑size‑fits‑all rules that ignore state/local requirements.
• No training or audits of time entries and exception reports.

Template or checklist

Use this to draft or audit fast.

• Policy statement + scope + definitions (meal vs. rest).
• Jurisdiction matrix listing required durations/timing by location.
• Duty‑free language + prohibition on working through breaks.
• Timekeeping steps + exception reporting and any required premiums.
• Manager responsibilities + employee attestations.
• Owner, effective date, review cadence, and required postings (where applicable).

15. Paid time off (PTO), vacation, and sick leave policy

Purpose and scope

Defines how PTO, vacation, and sick leave are earned, requested, tracked, and paid, consistent with applicable state/local laws.

Must-have clauses

Cover essentials.

• Accrual/frontload; eligibility; carryover/payout per law.
• Requests: Notice/approvals, blackout dates, minimum increments.
• Sick leave: Protected uses, documentation limits, separate tracking if required.

Common pitfalls to avoid

Avoid these.

• No sick‑leave tracking where mandated.
• Blanket doctor’s notes; unlawful use‑it‑or‑lose‑it.

Template or checklist

Plug in.

• Accrual table (status/tenure).
• Request flow; carryover/payout/overlap; owner/review date.

16. Protected leaves policy (FMLA, military, jury duty, voting)

Protect leave rights with clear, compliant HR policies and procedures.

Purpose and scope

Covers FMLA, USERRA military leave, jury duty, voting, and comparable state/local leaves; defines eligibility, documentation, job protection, and benefits coordination.

Must-have clauses

Make obligations explicit.

• FMLA: eligibility, notice, medical certification, benefits maintenance, job restoration.
• USERRA: leave, reemployment rights, benefits; differential pay if offered.
• Civic leaves: jury duty and voting; pay rules by jurisdiction; no retaliation.

Common pitfalls to avoid

Small gaps cause big liability.

• Uniform rules that ignore stricter state/local laws.
• Manager denials or pressuring work during leave.

Template or checklist

Use this to draft fast.

• Process map: request, eligibility, notices, tracking, return.
• Forms & timelines: notices, certifications, designation; owner and review date.

17. Bereavement leave policy

Purpose and scope

When people experience loss, they need clarity, not hoops. This policy explains who is eligible, how much bereavement leave is available, whether it’s paid, how to request it, and how it coordinates with other time‑off or protected leave laws—applies to all employees, with compliance to any applicable state or local requirements.

Must-have clauses

State the standard in plain English, then remove ambiguity with clear terms.

• Eligibility and coverage: Who qualifies and what relationships are covered.
• Leave entitlement: Number of days per loss; whether days are paid/unpaid.
• Timing: When leave must be taken (immediately or within a defined window).
• Documentation (if any): Reasonable proof; acceptable forms; privacy safeguards.
• Process: How to request, who approves, after‑hours/emergency contact.
• Coordination: Interaction with PTO, sick leave, and protected leaves where applicable.

Common pitfalls to avoid

Don’t leave this to ad‑hoc judgment or force employees to bargain during grief. Pitfalls include vague definitions of “immediate family,” inconsistent manager approvals, rigid documentation for every case, and no guidance for multiple losses or extended travel needs.

Template or checklist

Give managers and employees a simple path.

• Define relationships + days + pay status.
• Request/approval steps + emergency notice option.
• Documentation rules (optional) + privacy note.
• Timing window + multiple‑event guidance.
• Policy owner, effective date, review cadence.

18. Remote and hybrid work policy

Remote and hybrid work thrive when expectations are explicit and lawful. This policy sets the rules so flexibility doesn’t create wage‑hour, data security, or performance risk within your broader HR policies and procedures.

Purpose and scope

Defines eligibility, schedules, location approvals, and performance standards for remote, hybrid, and occasional telework. Applies to all employees approved for non‑onsite work, including exempt and non‑exempt roles.

Must-have clauses

Set clear norms employees and managers can follow.

• Eligibility & approvals: Roles, criteria, and written agreement.
• Scheduling & availability: Core hours, response times, meetings.
• Timekeeping & overtime: No off‑the‑clock; preapproval for OT.
• Security & equipment: VPN, BYOD rules, reimbursements, support.
• Workspace & safety: Ergonomics, safe workspace attestation.
• Onsite days & travel: Office cadence and expense rules.
• Performance & revocation: Metrics, review, and termination of arrangement.

Common pitfalls to avoid

Don’t leave gaps that invite disputes or noncompliance.

• One‑size rules that ignore non‑exempt wage‑hour limits.
• Vague availability that fuels after‑hours creep.
• No data‑security standards for home networks/devices.
• Unclear expense/reimbursement and workspace expectations.

Template or checklist

Use this to draft fast.

• Eligibility + approval form + remote agreement.
• Schedule/availability grid + timekeeping instructions.
• Security/BYOD standards + equipment and reimbursement matrix.
• Workspace safety checklist + performance metrics + review cadence.

19. International remote work policy

Purpose and scope

Sets rules for employees working from another country, addressing legal, tax, immigration, payroll, and data‑security risks. Applies to approved arrangements as part of your HR policies and procedures.

Must-have clauses

Cover:

• Allowed countries and maximum duration.
• Application/approvals and lead time.
• Governing law, tax/PE risk, payroll/benefits; security and availability.

Common pitfalls to avoid

Avoid:

• “Work from anywhere” without legal/tax review.
• Paying via home entity when local payroll is required.

Template or checklist

Include:

• Request form + country matrix.
• Agreement addendum + security/availability checklist.

20. Social media and external communications policy

Your brand and legal risk are one careless post away. About half of workers say their employers have social media rules, but clarity is rare. This policy turns gray areas into guardrails within your HR policies and procedures.

Purpose and scope

Covers company and personal use when referencing the company, brand-affiliated accounts, media inquiries, public speaking, reviews/testimonials, and crisis communications.

Must-have clauses

• Brand representation & disclaimers: Personal views aren’t the company’s.
• Confidentiality & privacy: No sensitive or personnel data.
• Prohibited conduct: No harassment, hate, or discrimination.
• Spokespeople & approvals: Who may speak; required pre-approvals.
• Crisis escalation: Immediate routing to Comms/HR; no ad‑hoc posts.

Common pitfalls to avoid

• Overbroad bans on lawful off‑duty activity.
• No guidance for personal accounts, logos, or images.

Template or checklist

• Insert do/don’t rules + disclaimer language + media contact.
• Add workflows: Content approvals, crisis escalation, owner, review date.

21. Electronic communications and acceptable use policy

Email, chat, video, collaboration apps, phones, and cloud files power your work—and create risk. This policy sets professional standards for use, security, and recordkeeping, clarifies ownership of systems and data, and explains the company’s right to monitor company resources within your broader HR policies and procedures.

Purpose and scope

Applies to all users of company systems and data (including approved BYOD), on and offsite: email, IM, video, phones, laptops, networks, cloud storage, and licensed software.

Must-have clauses

State expectations in plain English, then make them enforceable.

• Authorized use: Business purpose; limited personal use.
• Security basics: Strong passwords/MFA; phishing rules.
• Data handling: No confidential data sharing/auto‑forwarding.
• Monitoring: Company may access/monitor company resources.
• Accounts/Access: Provisioning, least privilege, revocation.
• BYOD: MDM/wipe consent; encryption.
• Records: Retention/legal hold compliance.
• Incidents: Report suspected breaches immediately.

Common pitfalls to avoid

• Vague “be smart online” guidance with no monitoring notice.
• BYOD ambiguity (no MDM/wipe rights; no encryption).
• Silence on retention, legal holds, or de‑provisioning on exit.

Template or checklist

• Policy statement, scope, approved tools, personal‑use limits.
• Security standards (MFA, phishing), monitoring notice, access rules.
• BYOD addendum (MDM, wipe consent), incident reporting flow.
• Records retention/legal hold, owner, effective date, review cadence.

22. Data privacy, confidentiality, and personnel records policy

Purpose and scope

Safeguard employee data and company secrets with a clear policy that defines what’s confidential, who can access it, how it’s stored, and when it’s destroyed. This also covers personnel files—what’s kept, who can view them, and required notices and audits—within your HR policies and procedures.

Must-have clauses

• Data classification: Define confidential/internal/public with practical examples.
• Access controls: Least‑privilege access, approvals, logs, training.
• Retention & destruction: Schedules, legal holds, secure disposal.
• Personnel files: Contents, access rights per applicable law, requests.
• Breach response & vendors: Incident reporting, third‑party safeguards.

Common pitfalls to avoid

• Mixing sensitive data without role‑based controls.
• No retention schedule or legal‑hold process.
• Ignoring state rights to review personnel files.

Template or checklist

• Inventory and classify data and personnel records.
• Map access, retention, destruction and legal‑hold steps.
• Add request forms, owner, dates (effective, review) and audit plan.

23. Compensation and pay practices policy

Purpose and scope

Defines how pay is set, adjusted, and administered to ensure fairness, consistency, and compliance. Applies company‑wide and anchors wage‑hour compliance in your HR policies and procedures.

Must-have clauses

Codify the rules you actually use.

• Pay philosophy/structure: Ranges; market and internal equity.
• Classification & pay rules: Exempt/non‑exempt status, overtime rules, timekeeping, pay changes/approvals, lawful deductions, pay frequency.

Common pitfalls to avoid

Misclassification; off‑the‑clock work; undocumented pay changes; “comp time” in lieu of OT; ignoring stricter state/local rules.

Template or checklist

Include philosophy, ranges, classification matrix, approvals, deductions, audits, owner/dates.

24. Performance management and salary review policy

Links goals, feedback, and pay. Standardizes reviews and merit so decisions are consistent and employees see how performance affects compensation.

Purpose and scope

Applies company‑wide; covers reviews, calibration, salary and promotion changes.

Must-have clauses

Include:

• Defined rating scale.
• Goal/competency model.
• Merit matrix with pay‑equity checks.

Common pitfalls to avoid

Avoid:

• Forced quotas.
• Hidden criteria or manager promises.

Template or checklist

Provide timeline, forms, rater training, calibration guide, and merit worksheet.

25. Discipline and corrective action policy

Purpose and scope

Sets a fair, consistent process for addressing conduct and performance while preserving at‑will status; applies to all employees and managers.

Must-have clauses

Include these essentials so actions are defensible and consistent.

• Progressive steps with discretion: Coaching, verbal, written, final; immediate action for egregious conduct.
• Documentation + employee response: Facts, dates, expectations, timelines, signatures.
• Investigations: Impartial process, confidentiality, anti‑retaliation, witness handling.
• Interim measures: Paid suspension pending investigation; consequences up to termination.

Common pitfalls to avoid

Don’t undermine compliance or at‑will status.

• Mandatory step ladders that imply “just cause.”
• Inconsistent enforcement across teams or roles.
• Missing records/signatures and unclear expectations.

Template or checklist

Use this to move fast and stay consistent.

• Decision tree + sample wording for each step.
• Forms: Coaching note, warning, PIP, termination summary.
• At‑will disclaimer + review/appeal option and policy owner/date.

26. Recruiting and hiring policy (EEO, pay transparency, background checks)

Purpose and scope

Standardizes fair, compliant hiring from requisition to conditional offer: job ads, selection, documentation, and handoffs. Ensures decisions align with EEO, applicable pay‑transparency rules, and lawful screening—core to defensible HR policies and procedures.

Must-have clauses

Include these to keep hiring consistent and lawful.

• EEO compliance: Ads, interviews, selection, records.
• Pay transparency: Post ranges where required.
• Structured interviews: Job‑related questions and scorecards.
• Background checks: Post‑offer; authorizations and adverse‑action notices.
• Accommodations: Applicant ADA/religious request process.

Common pitfalls to avoid

Keep risk low by avoiding these missteps.

• Illegal questions (age, disability, family).
• Salary‑history asks where prohibited.
• Skipping adverse‑action steps after screenings.

Template or checklist

Use this pack to draft or audit fast.

• Req form + posting template (with range field).
• Interview guides + scorecards and lawful question bank.
• Screening authorizations + notices and timing.
• Selection file checklist + retention timeline.

27. Nepotism, conflict of interest, and workplace relationships policy

Purpose and scope

Prevents favoritism and unmanaged conflicts in hiring, pay, promotion, supervision, purchasing, and vendor relations. Applies to all employees and managers wherever work is performed.

Must-have clauses

In your HR policies and procedures, cover what counts and how to handle it.

• Definitions: Covered relationships and conflicts.
• Disclosure: Deadlines, required form, who receives.
• Supervision rules: No direct/indirect oversight; transfer/recusal.
• Business ties: Vendor/financial interests; gifts/entertainment limits.
• Confidentiality/enforcement: Protect disclosures; no retaliation; consequences.

Common pitfalls to avoid

Avoid these gaps.

• Over‑broad bans or narrow definitions that don’t fit operations.
• Chilling disclosures by penalizing relationships instead of conflicts.
• Uneven enforcement/documentation across teams or leaders.

Template or checklist

Use this mini‑pack.

• Disclosure form + routing (HR/legal/leadership).
• Mitigation plan (transfer, recusal, change of approver).
• Decision log + owner/dates (effective, review, version control).

28. Employee resource groups (ERGs) policy

ERGs can boost inclusion, retention, and leadership pipelines—but only when they’re well‑governed. This policy defines how ERGs form, operate, and use company resources as part of your HR policies and procedures, while protecting confidentiality and keeping activities aligned to business goals.

Purpose and scope

Establishes a consistent framework for launching, funding, and overseeing ERGs; applies to all employee‑led affinity groups and sponsors.

Must-have clauses

• Formation & charter: Purpose, eligibility, leadership, sponsor, and annual goals; approval workflow.
• Membership & access: Voluntary, open membership; ally participation; accessibility expectations.
• Funding & resources: Budget requests, allowable spend, use of company time/tools, and reporting.
• Governance & guardrails: Code of conduct, privacy, data use, meeting cadence, alignment to DEI and anti‑harassment policies.

Common pitfalls to avoid

• Executive sponsorship “in name only” and inconsistent funding.
• Gatekeeping membership or collecting sensitive data without consent.

Template or checklist

• ERG charter template (mission, goals, leadership, sponsor, metrics) + request/renewal form.
• Budget/event approval workflow, code of conduct, data/privacy guidelines, and annual impact report outline.

29. Generative AI and emerging technologies use policy

Purpose and scope

This policy governs how employees use generative AI (e.g., large language models, image/code assistants) and emerging tech (automation, wearables, biometrics, IoT). It sets guardrails on data, accuracy, bias, security, and ownership so innovation supports business goals without creating legal, compliance, or reputational risk.

Must-have clauses

State what’s allowed, what’s not, and who’s accountable before anyone clicks “generate.”

• Approved tools & use cases: Registry of permitted tools and business‑ready scenarios.
• Data handling: No confidential, personal, or customer data in public models; de‑identify and minimize data.
• Human review: Mandatory fact‑check, attribution, and manager sign‑off for external content.
• IP & copyright: Company owns work product; respect third‑party licenses; no plagiarism.
• Security: API over consumer accounts; no auto‑sync to public libraries; access controls and logs.
• Prohibited uses: High‑stakes decisions (e.g., hiring/discipline), legal/medical advice, or anything discriminatory.
• Disclosure: Note AI‑assistance where appropriate; follow brand and comms rules.
• Vendors: Due diligence and data‑processing safeguards for third parties.

Common pitfalls to avoid

Set expectations that prevent “shadow AI” and bad outputs.

• Overbroad bans that push work to personal accounts.
• PII/PHI in prompts or uploading confidential files to public tools.
• Treating outputs as facts without review; no citations or source checks.
• Skipping bias checks that create EEO risk; no training or approvals.

Template or checklist

Give teams a simple, enforceable playbook.

• Scope + definitions + owner (with effective/review dates).
• Tool registry + use‑case matrix + approval workflow.
• Data rules: PII/PHI prohibition, de‑identification, retention.
• Human‑in‑the‑loop: Review, disclosure text, and sign‑offs.
• Security: Access, API use, logging, incident reporting, vendor controls.

30. Work authorization and immigration compliance policy (I-9, E-Verify)

Hiring in the U.S. means verifying every employee’s identity and work authorization—correctly, consistently, and without discrimination. This policy anchors your HR policies and procedures for Form I‑9, optional/required E‑Verify, reverification, storage, audits, and manager training.

Purpose and scope

Define how the company verifies employment eligibility for all U.S. hires (full‑time, part‑time, temporary) and rehires, including remote hires, within statutory deadlines and without discriminatory practices. Applies wherever work is performed.

Must-have clauses

State the standard, then lock in the process employees and managers will follow.

• Form I‑9 completion: Steps, deadlines, and who may act as an authorized representative.
• Document handling: Accept any valid combination; no document preferences or over‑documentation.
• Remote inspection: DHS‑permitted procedures (if used) and identity fraud safeguards.
• E‑Verify (if enrolled/required): Case timing, Tentative Nonconfirmation (TNC) process, and closures.
• Reverification & rehire rules: Only when required by law; track expirations.
• Retention & storage: Access controls, secure storage (separate from personnel files), destruction schedule.
• Anti‑discrimination: Citizenship/immigration‑status and national‑origin protections; no retaliation.
• Audits & training: Periodic self‑audits and manager/HR training requirements.

Common pitfalls to avoid

Avoid practices that trigger liability and rework.

• Requesting specific documents or treating candidates differently based on origin/status.
• Skipping TNC steps or taking adverse action before resolution.
• Poor records: I‑9s in personnel files, missed retention/destruction, no audit trail.

Template or checklist

Give teams a crisp, auditable workflow.

• I‑9 SOP: Roles, timelines, authorized rep option, remote inspection (if applicable).
• E‑Verify SOP (if used): Case creation timing, TNC resolution flow, notices.
• Controls: Retention matrix, storage/destruction, audit calendar, training roster, policy owner/effective/review dates.

31. Termination, offboarding, and final pay policy

Purpose and scope

This policy standardizes resignations, layoffs, and involuntary terminations while preserving at‑will status. It coordinates notice, documentation, final pay, benefits wrap‑up, security, and access removal for all separations (including job abandonment and end‑of‑assignment) across locations as part of your HR policies and procedures.

Must-have clauses

Cover these essentials to stay compliant and consistent.

• Approvals/reason codes + separation letter.
• Final pay timing/PTO payout per law; include due commissions and reimbursements.
• Benefits wrap‑up: COBRA/state notices and end dates.
• Property return + IT deprovision + confidentiality/IP reminders; rehire status and records.

Common pitfalls to avoid

• Delaying final wages or tying pay to property return.
• Thin documentation or uneven severance criteria.
• Missed access revocation or improper BYOD wipes.

Template or checklist

• Offboarding flow: roles, timelines, decision memo.
• Final pay worksheet + required notices/COBRA packet.
• IT deprovision + property log + unemployment response SOP.

32. Policy governance and employee handbook acknowledgment

Make your handbook a living system: ownership, versioning, review cadence, notices, acknowledgments.

Purpose and scope

Defines how HR policies and procedures are created, approved, updated, communicated, stored, and acknowledged across jurisdictions.

Must-have clauses

Lock in the basics.

• Owner/approver
• Versioning + dates (effective/review)
• Change notice + postings + acknowledgments with non‑contract/at‑will disclaimers

Common pitfalls to avoid

Avoid:

• Silent updates
• Missing acknowledgments

Template or checklist

Include:

• Policy register + version log
• Communication plan + posting tracker
• Handbook acknowledgment form (and receipt tracker)

Next steps

You now have a practical blueprint for HR policies and procedures. Start by prioritizing your highest‑risk areas—EEO, anti‑harassment/retaliation, wage‑and‑hour (timekeeping, overtime, breaks), accommodations, and leaves—then assign a policy owner, set a review cadence, train managers, and capture signed acknowledgments. Keep everything versioned, centralized, and easy to find. When in doubt, simplify the language, clarify the process, and align overlapping policies so they don’t conflict.

If you want this done right and fast, bring in a partner. We’ll build or refresh your handbook, tailor it to your jurisdictions, train your team, and keep it current. Start with Soteria HR.