How an employer should draft regulations on electronic HR document management

After switching to electronic HR document management (EDM), many companies faced a new challenge: documents and communications with employees began to be scattered across different channels. Some documents are signed in the EDO service or HR system, some are sent via email or messaging apps, and certain agreements remain solely in correspondence.

The solution is a policy on alternative methods of electronic communication (EDMS). In this article, we’ll examine what problem it addresses, what it’s based on, and what it must include.

Why does an employer need a separate provision?

Frequently asked question: If we already have employment contracts, orders, and policies—why do we need yet another document? The Policy on Electronic HR Document Management is not a duplication but a framework for all electronic interactions.

Without it, problems often arise:

  • employees don’t understand where and how to sign documents;
  • HR has to explain the same processes over and over again;
  • there is no unified approach to document storage and access;
  • legal risks increase.

A well-drafted policy effectively answers four key questions: who does what, when, and how in the digital environment. The result is fewer errors, faster processes, and predictability in work.

Legal basis: what this provision is based on

The regulations on electronic HR document management (EDM) are not being created “from scratch”—they are based on several key Ukrainian regulations governing both labor relations and electronic documents and signatures.

Basic laws:

1

The Labor Code of Ukraine. It establishes general rules governing labor relations: hiring, termination, preparation of personnel documents, and the rights and obligations of the parties.

2

Law of Ukraine No. 2136-IX. Permits the use of electronic documents and alternative means of communication between employers and employees, which has become an important foundation for the implementation of the Electronic Document Management System (EDMS).

3

Law of Ukraine “On Electronic Documents and Electronic Document Management.” Establishes the legal validity of electronic documents, defines their status, and sets forth the procedures for their creation, transmission, and storage.

4

Law of Ukraine “On Electronic Identification and Electronic Trust Services.” Regulates the use of electronic signatures (KEP, UEP), user identification, and trust services.

What should be included in the EDRM policy

A well-crafted policy on electronic document management is not a mere formality “for inspection,” but a set of guidelines that the business follows on a daily basis.

General provisions

The purpose of implementing the HREDMS, for example: optimizing HR processes, reducing approval times, and minimizing paper-based document flow.

Scope of application: Does the HREDMS cover all employees, or are there exceptions—for example, production staff without access to digital tools?

Key terms and definitions: CEP, UEP, electronic document, KEDO system, etc.—to avoid differing interpretations.

The regulatory framework on which the company relies.

Which HR processes are being digitized

One of the most common mistakes is the vague description “All HR documents.” In practice, this lack of specificity quickly leads to concrete problems: it becomes difficult to determine exactly which documents the parties agreed to sign electronically and which were supposed to remain in paper form.

As a result, an employee may question the validity of a document, citing an uncoordinated format of interaction.

It is better to clearly define the list:

  • orders and directives (hiring, termination, leave, business trips);
  • employee requests (leave, termination, data changes);
  • notifications and acknowledgments (regarding policies, orders, changes in terms);
  • supplementary agreements and other employment-related documents.

Additionally, it is worth specifying:

  • which documents will remain in paper form (if any);
  • whether a hybrid format (electronic + paper) is permitted;
  • the transition procedure for new types of documents in the future.

What channels and systems are used for electronic communication

This section forms the technical foundation of the entire system. The following must be specified:

  • the specific KEDO service (e.g., “Vchasno.Kadry”);
  • methods of access (web portal, mobile app, corporate email, etc.);
  • authentication methods (username/password, two-factor authentication);
  • type of electronic signature (KEP—specifying in which cases it is used);
  • action confirmation mechanism (signature, OTP code, email confirmation, etc.).

It is also worth specifying:

  • what constitutes proper confirmation of acknowledgment;
  • what to do in the event of technical failures or service unavailability.

Procedure for preparing, signing, sending, and receiving documents

This is one of the most important and practical sections. It should describe the entire lifecycle of a document:

  • Document creation (who initiates it, on what basis, and in what format);
  • Approval (which roles are involved, and whether there are mandatory approvers);
  • Signing (sequence of signatures, deadlines);
  • Sending to the employee (via which channel and when);
  • Confirmation of receipt (what constitutes acknowledgment or signature);
  • Handling refusals or non-responses (what happens if the employee does not sign the document).

It is also recommended to include:

  • deadlines for each stage;
  • liability for delays;
  • typical scenarios (use cases).

Procedures for storing and organizing documents

If a company transitions to KEDO, it must immediately determine where exactly files are stored, how they are organized, and who is responsible for their integrity.

The policy should specify:

  • the location where documents are stored (a specific system or repository);
  • the structure of directories/registers (by employee, document type, or date);
  • retention periods in accordance with legal requirements;
  • rules for archiving and deletion;
  • the procedure for restoring access to documents (in case of loss or incidents);
  • the ability to export documents;
  • access during audits or inspections.

Responsible persons and their roles

Without clearly defined roles, EDM quickly devolves into a chaotic exchange of documents: it is unclear who initiates the process, who approves it, who signs it, and who is responsible for errors. That is why the delineation of responsibilities is not a formality, but the foundation of the manageability and security of electronic document management.

The policy should specify:

  • the EDM process owner (usually the HR manager or HR Director);
  • the system administrator (configuration, access, support);
  • the person responsible for information security;
  • process participants (initiators, approvers, signatories).

For each role, it is worth specifying:

  • area of responsibility;
  • access level;
  • actions in non-standard situations.

Security and document access policies

This section protects not only data but also the legal validity of documents. At a minimum, it must include:

  • access control (access levels, etc.);
  • a prohibition on sharing login credentials with third parties;
  • procedures for granting and revoking access (especially upon termination or a change in role);
  • authentication requirements (passwords, 2FA, etc.);
  • logging of user actions (who did what in the system);
  • response to security incidents.

How does a statement differ from an employee’s consent?

The Policy on Electronic Document Management and the Employee’s Consent to Use Alternative Methods of Electronic Communication are related but fundamentally different documents. They do not replace one another but work in tandem.

The policy on electronic HR document management is the internal set of rules for the entire company.

Employee consent is confirmation that a specific individual agrees to work under these rules. To put it simply: the policy describes the system, and consent connects the employee to it.

Template for regulations on electronic HR document management

Templates are an effective way to get started quickly and avoid unnecessary mistakes. They help you:

  • understand the structure of documents;
  • comply with basic legal requirements;
  • avoid wasting time developing documents from scratch.

But it’s important to understand clearly: a template ≠ a ready-made solution. Every company has its own unique characteristics, so templates need to be adapted to:

  • the company’s organizational structure;
  • actual HR processes;
  • roles and responsibilities;
  • internal security policies.

Risks if such a provision is missing

The absence of a provision regarding the KEDO is not merely an “oversight,” but a source of systemic risks that will sooner or later surface in day-to-day operations or during audits.

Key risks include:

  • legal uncertainty — it is difficult to confirm that an employee has approved, signed, or reviewed a document;
  • process chaos — documents get lost, duplicated, or stuck in limbo;
  • HR overload — many tasks are performed manually due to the lack of a standardized process;
  • errors and discrepancies — different departments interpret “the right way” differently;
  • audit risks — the lack of clear regulations complicates the audit process and communication with regulatory authorities.

As a result, the company appears to be “digital,” but in reality operates without transparency, manageability, or an adequate level of security.

Conclusion

The policy on alternative methods for creating, transmitting, and storing HR documents is a foundational internal document that transforms electronic communication from a chaotic process into a managed system.

If the rules are clearly defined and align with actual processes, the EDMS becomes a management tool: it reduces the workload on HR, speeds up approvals, and provides control over documents.

HR records without paperwork or hassle

✔️ Work with HR documents: create, approve, and sign them online
✔️ Automate all employee-related processes: from digital onboarding to offboarding

Try Vchasno.Kadry

FAQs

What is important to consider in the KEDO policy?

The most important thing is specificity. You need to clearly define processes, roles, communication channels, types of signatures, and document handling procedures.

What constitutes a valid signature on an electronic document?

This depends on the rules specified in the policy: typically, it involves applying a KEP or UEP. It is important that the method of signing be explicitly specified and applied consistently.

How is an employee’s receipt of a document confirmed?

Receipt can be confirmed via a signature, electronic confirmation, an OTP code, or another specified mechanism. The key is that this method be specified in the policy.

Is it necessary to separately define the procedure for storing electronic documents?

Yes. Without this, even a well-established electronic document management system quickly turns into a chaotic repository. It is important to define the structure, retention periods, and archiving rules.

When does an employer need a full-fledged electronic document management system?

When the volume of HR documents increases, remote employees join the workforce, or paper-based document flow slows down work processes.

Where are electronic documents stored in “Vchasno.Kadry”?

In a centralized electronic repository within the system, with the ability to quickly search, filter, and access documents based on user roles.

Who has access to documents in “Vchasno.Kadry”?

Access is determined by user roles and permissions. Each user sees only the documents necessary to perform their duties.

Who decides whether to archive or destroy documents?

This is determined by the EDMS policy: typically, responsibility falls on HR or another authorized person in accordance with internal policies and legal requirements.