Content
- Introduction
- Why does an employer need a separate provision?
- Legal basis: what this provision is based on
- What should be included in the EDRM policy
- How does a statement differ from an employee's consent?
- Template for regulations on electronic HR document management
- Risks if such a provision is missing
- Conclusion
After switching to electronic HR document management (EDM), many companies faced a new challenge: documents and communications with employees began to be scattered across different channels. Some documents are signed in the EDO service or HR system, some are sent via email or messaging apps, and certain agreements remain solely in correspondence.
The solution is a policy on alternative methods of electronic communication (EDMS). In this article, we’ll examine what problem it addresses, what it’s based on, and what it must include.
Why does an employer need a separate provision?
Frequently asked question: If we already have employment contracts, orders, and policies—why do we need yet another document? The Policy on Electronic HR Document Management is not a duplication but a framework for all electronic interactions.
Without it, problems often arise:
- employees don’t understand where and how to sign documents;
- HR has to explain the same processes over and over again;
- there is no unified approach to document storage and access;
- legal risks increase.
A well-drafted policy effectively answers four key questions: who does what, when, and how in the digital environment. The result is fewer errors, faster processes, and predictability in work.
Legal basis: what this provision is based on
The regulations on electronic HR document management (EDM) are not being created “from scratch”—they are based on several key Ukrainian regulations governing both labor relations and electronic documents and signatures.
Basic laws:
The Labor Code of Ukraine. It establishes general rules governing labor relations: hiring, termination, preparation of personnel documents, and the rights and obligations of the parties.
Law of Ukraine No. 2136-IX. Permits the use of electronic documents and alternative means of communication between employers and employees, which has become an important foundation for the implementation of the Electronic Document Management System (EDMS).
Law of Ukraine “On Electronic Documents and Electronic Document Management.” Establishes the legal validity of electronic documents, defines their status, and sets forth the procedures for their creation, transmission, and storage.
Law of Ukraine “On Electronic Identification and Electronic Trust Services.” Regulates the use of electronic signatures (KEP, UEP), user identification, and trust services.
What should be included in the EDRM policy
A well-crafted policy on electronic document management is not a mere formality “for inspection,” but a set of guidelines that the business follows on a daily basis.
General provisions
The purpose of implementing the HREDMS, for example: optimizing HR processes, reducing approval times, and minimizing paper-based document flow.
Scope of application: Does the HREDMS cover all employees, or are there exceptions—for example, production staff without access to digital tools?
Key terms and definitions: CEP, UEP, electronic document, KEDO system, etc.—to avoid differing interpretations.
The regulatory framework on which the company relies.
Which HR processes are being digitized
One of the most common mistakes is the vague description “All HR documents.” In practice, this lack of specificity quickly leads to concrete problems: it becomes difficult to determine exactly which documents the parties agreed to sign electronically and which were supposed to remain in paper form.
As a result, an employee may question the validity of a document, citing an uncoordinated format of interaction.
It is better to clearly define the list:
- orders and directives (hiring, termination, leave, business trips);
- employee requests (leave, termination, data changes);
- notifications and acknowledgments (regarding policies, orders, changes in terms);
- supplementary agreements and other employment-related documents.
Additionally, it is worth specifying:
- which documents will remain in paper form (if any);
- whether a hybrid format (electronic + paper) is permitted;
- the transition procedure for new types of documents in the future.
What channels and systems are used for electronic communication
This section forms the technical foundation of the entire system. The following must be specified:
- the specific KEDO service (e.g., “Vchasno.Kadry”);
- methods of access (web portal, mobile app, corporate email, etc.);
- authentication methods (username/password, two-factor authentication);
- type of electronic signature (KEP—specifying in which cases it is used);
- action confirmation mechanism (signature, OTP code, email confirmation, etc.).
It is also worth specifying:
- what constitutes proper confirmation of acknowledgment;
- what to do in the event of technical failures or service unavailability.
Procedure for preparing, signing, sending, and receiving documents
This is one of the most important and practical sections. It should describe the entire lifecycle of a document:
- Document creation (who initiates it, on what basis, and in what format);
- Approval (which roles are involved, and whether there are mandatory approvers);
- Signing (sequence of signatures, deadlines);
- Sending to the employee (via which channel and when);
- Confirmation of receipt (what constitutes acknowledgment or signature);
- Handling refusals or non-responses (what happens if the employee does not sign the document).
It is also recommended to include:
- deadlines for each stage;
- liability for delays;
- typical scenarios (use cases).
Procedures for storing and organizing documents
If a company transitions to KEDO, it must immediately determine where exactly files are stored, how they are organized, and who is responsible for their integrity.
The policy should specify:
- the location where documents are stored (a specific system or repository);
- the structure of directories/registers (by employee, document type, or date);
- retention periods in accordance with legal requirements;
- rules for archiving and deletion;
- the procedure for restoring access to documents (in case of loss or incidents);
- the ability to export documents;
- access during audits or inspections.
Responsible persons and their roles
Without clearly defined roles, EDM quickly devolves into a chaotic exchange of documents: it is unclear who initiates the process, who approves it, who signs it, and who is responsible for errors. That is why the delineation of responsibilities is not a formality, but the foundation of the manageability and security of electronic document management.
The policy should specify:
- the EDM process owner (usually the HR manager or HR Director);
- the system administrator (configuration, access, support);
- the person responsible for information security;
- process participants (initiators, approvers, signatories).
For each role, it is worth specifying:
- area of responsibility;
- access level;
- actions in non-standard situations.
Security and document access policies
This section protects not only data but also the legal validity of documents. At a minimum, it must include:
- access control (access levels, etc.);
- a prohibition on sharing login credentials with third parties;
- procedures for granting and revoking access (especially upon termination or a change in role);
- authentication requirements (passwords, 2FA, etc.);
- logging of user actions (who did what in the system);
- response to security incidents.
How does a statement differ from an employee’s consent?
The Policy on Electronic Document Management and the Employee’s Consent to Use Alternative Methods of Electronic Communication are related but fundamentally different documents. They do not replace one another but work in tandem.
The policy on electronic HR document management is the internal set of rules for the entire company.
Employee consent is confirmation that a specific individual agrees to work under these rules. To put it simply: the policy describes the system, and consent connects the employee to it.
Template for regulations on electronic HR document management
Templates are an effective way to get started quickly and avoid unnecessary mistakes. They help you:
- understand the structure of documents;
- comply with basic legal requirements;
- avoid wasting time developing documents from scratch.
But it’s important to understand clearly: a template ≠ a ready-made solution. Every company has its own unique characteristics, so templates need to be adapted to:
- the company’s organizational structure;
- actual HR processes;
- roles and responsibilities;
- internal security policies.
Risks if such a provision is missing
The absence of a provision regarding the KEDO is not merely an “oversight,” but a source of systemic risks that will sooner or later surface in day-to-day operations or during audits.
Key risks include:
- legal uncertainty — it is difficult to confirm that an employee has approved, signed, or reviewed a document;
- process chaos — documents get lost, duplicated, or stuck in limbo;
- HR overload — many tasks are performed manually due to the lack of a standardized process;
- errors and discrepancies — different departments interpret “the right way” differently;
- audit risks — the lack of clear regulations complicates the audit process and communication with regulatory authorities.
As a result, the company appears to be “digital,” but in reality operates without transparency, manageability, or an adequate level of security.
Conclusion
The policy on alternative methods for creating, transmitting, and storing HR documents is a foundational internal document that transforms electronic communication from a chaotic process into a managed system.
If the rules are clearly defined and align with actual processes, the EDMS becomes a management tool: it reduces the workload on HR, speeds up approvals, and provides control over documents.
