1.1 This policy establishes the procedures, standards, and safeguards governing employee access to their own personnel files and the circumstances under which authorised internal personnel and external third parties may access, review, or obtain copies of personnel records maintained by the Organization. The policy is designed to ensure transparency in record-keeping practices, protect employee privacy and confidentiality, comply with applicable federal, state, and local data access and privacy laws, and balance the Organization's legitimate business needs with employees' rights to review and verify the accuracy of their personal information. This policy applies to all categories of personnel records, whether maintained in physical or electronic format, and governs all access requests regardless of the requester's role, seniority, or employment status.

1.2 This policy applies to all current and former employees, contractors, temporary staff, and interns of the Organization who wish to access their own personnel records, as well as to all managers, HR personnel, legal counsel, auditors, regulatory authorities, and third parties who may request or be granted access to personnel records in the course of their duties or legal authority. The policy covers all categories of personnel records, including master personnel files, payroll records, benefits documentation, performance evaluations, disciplinary records, and training records, but excludes confidential medical files, which are governed by the Organization's separate medical records confidentiality policy. Where applicable law grants employees broader access rights than those specified in this policy, the legal requirements shall take precedence.

1.3 The Head of Human Resources shall serve as the policy owner and shall be responsible for the implementation, communication, and periodic review of this policy. The policy owner shall designate a Personnel Records Coordinator within the HR Operations team to serve as the primary point of contact for all personnel file access requests, maintain the access log and request register, coordinate scheduled and ad-hoc file reviews, ensure that access procedures comply with this policy and applicable law, and escalate complex or disputed requests to the policy owner or Legal Counsel as appropriate. The Personnel Records Coordinator shall receive specialised training on employee privacy rights, data protection legislation, and the Organization's record-keeping systems before assuming access management responsibilities.

2.1 All current employees shall have the right to inspect and review the contents of their own personnel file, including all documents that have been used or may be used to affect their employment status, compensation, or conditions of employment. Employees may submit an access request in writing to the HR department using the designated access request form or through the Organization's HR information system. The HR department shall schedule and facilitate access within 5 business days of receipt of a valid and complete request, or within such shorter period as may be required by applicable state or local law. Access shall be provided during normal business hours at a location designated by the HR department, in the presence of a designated HR representative. Employees may inspect their file up to two times per calendar year under normal circumstances; additional access requests shall be accommodated where the employee provides a reasonable justification or where required by law.

2.2 Employees shall have the right to request and obtain copies of specific documents contained in their personnel file, including but not limited to employment agreements, performance evaluations, disciplinary notices, training records, and signed policy acknowledgements. Requests for copies shall be submitted in writing to the HR department and shall identify the specific documents requested. The HR department shall provide the requested copies within 5 business days of receipt of the request. The Organization may charge a reasonable fee, not to exceed the actual cost of reproduction, to cover copying and administrative costs, except where applicable state or local law requires copies to be provided free of charge. Employees shall not be permitted to remove original documents from the personnel file or to alter, annotate, or deface any document during the review process. Where an employee identifies a document they wish to contest or supplement, they shall follow the dispute resolution procedure set forth in this policy.

2.3 Former employees shall retain the right to inspect and obtain copies of their personnel file for a period of 12 months following their date of separation, or for such longer period as may be required by applicable law. Former employees shall submit access requests in writing to the HR department, providing their full name, employee identification number, dates of employment, and the specific documents or file sections they wish to review. The HR department shall verify the identity of the former employee before granting access and shall facilitate the review within 10 business days of receipt of a valid request. Access for former employees may be provided at the Organization's premises during normal business hours or, at the discretion of the HR department, through secure electronic transmission of requested documents. The same copying fees and conditions applicable to current employees shall apply to former employee access requests.

3.1 Managers and supervisors may access the personnel records of their direct reports only to the extent necessary for legitimate, documented management purposes, including performance evaluation, disciplinary action, compensation review, succession planning, and workforce restructuring. All management access requests shall be submitted to the HR department and shall specify the records sought, the business purpose, and the expected duration of access. The HR department shall evaluate each request to ensure it is justified, proportionate, and compliant with this policy before granting access. Managers shall not be granted access to medical records, EEO or diversity monitoring data, investigation files in which they are a subject, or any other records excluded from management access by law or policy. Access granted to managers shall be logged in the access register and shall be time-limited to the period necessary to fulfil the stated purpose.

3.2 External third parties, including government agencies, regulatory authorities, legal representatives, auditors, and prospective employers, may access employee personnel records only under the following circumstances: when compelled by a valid court order, subpoena, or government agency demand issued under applicable law; when required by a regulatory authority with jurisdiction over the Organization during an official investigation or audit; when the employee has provided express written consent specifying the records to be released, the recipient, and the purpose of the disclosure; or when disclosure is necessary to comply with a mandatory reporting obligation under applicable law. All external access requests shall be directed to the HR department, which shall consult with Legal Counsel before releasing any records to an external party. The HR department shall provide only the minimum records necessary to satisfy the request and shall redact information that is not relevant to the stated purpose. The employee shall be notified of any third-party access to their records, except where notification is prohibited by law or would compromise an active investigation.

3.3 The Organization shall maintain a comprehensive access log documenting every instance of personnel file access by any party, including the employee, managers, HR personnel, and external third parties. The access log shall record the date and time of access, the full name and role of the individual accessing the file, the specific records or file sections reviewed or copied, the stated business purpose or legal basis for the access, and any documents provided or copied. The access log shall be maintained by the Personnel Records Coordinator and shall be stored separately from the personnel file to prevent tampering. The access log shall be retained for a minimum of 5 years following the last recorded access event. The HR department shall review the access log on a quarterly basis to identify any irregular access patterns and shall report any suspected unauthorised access to the policy owner and, where appropriate, to the Information Security team.

4.1 Employees who believe that any document or information in their personnel file is inaccurate, incomplete, misleading, or improperly included shall have the right to request a correction or amendment by submitting a written request to the HR department. The request shall identify the specific document or information in question, explain the basis for the claimed inaccuracy, and provide any supporting documentation. The HR department shall review the request within 10 business days and shall consult with the originator of the document, the employee's manager, or Legal Counsel as necessary to determine the appropriate resolution. If the HR department agrees that a correction is warranted, the record shall be amended and the employee shall be notified in writing. If the request is denied, the employee shall be informed in writing of the reason for the denial and shall have the right to submit a written rebuttal statement of reasonable length, which shall be permanently attached to the contested document in the personnel file.

4.2 The HR department shall acknowledge receipt of all correction and rebuttal requests within 2 business days and shall process the request within 10 business days of receipt, or within such shorter period as may be required by applicable law. The HR department shall document the review process, including any consultations conducted and the rationale for the final determination. Where a correction request is approved, the amendment shall be made to all copies of the affected record, including any backup or archived copies, and the date and nature of the amendment shall be recorded. Where a request is denied, the HR department shall provide the employee with a written explanation of the denial, a copy of the rebuttal attachment procedure, and information about the employee's right to escalate the matter through the Organization's formal grievance procedure. The Organization shall not retaliate against any employee for exercising their right to request corrections or submit rebuttal statements under this policy.

4.3 The Organization shall not remove documents from an employee's personnel file at the employee's request unless the HR department determines, following review, that the document was filed in error, pertains to a different employee, contains factual information that has been conclusively demonstrated to be false, or has exceeded the applicable retention period and is eligible for disposal under the Organization's retention schedule. Documents that form part of the official record of employment actions, including performance evaluations, disciplinary notices, and investigation outcomes, shall not be removed from the file regardless of the employee's objections, but the employee retains the right to attach a written rebuttal as provided in this policy. Where a document is removed from the file, the removal shall be documented in the file index, including the date of removal, the reason, and the authorising individual, and the removed document shall be securely destroyed in accordance with the Organization's disposal procedures.

5.1 Any violation of this policy, whether by act or omission, shall be subject to disciplinary action proportionate to the severity and nature of the violation. Violations include, but are not limited to, accessing personnel files without authorisation or a legitimate business purpose, disclosing personnel file contents to unauthorised parties, failing to process employee access or correction requests within the prescribed timeframes, tampering with the access log or access records, and retaliating against an employee for exercising their rights under this policy. Disciplinary consequences may include formal counselling, written warning, suspension of record access privileges, suspension from employment, or termination of employment. The Organization reserves the right to pursue legal remedies against individuals who engage in wilful misuse or unauthorised disclosure of personnel file information.

5.2 This policy shall be reviewed comprehensively at least once every 12 months by the policy owner in consultation with Legal Counsel, the Data Protection Officer, and senior HR leadership. An interim review shall be triggered by any material change in applicable data access or privacy legislation, a significant organizational restructuring, the findings of an internal or external audit, or a complaint or legal proceeding that reveals a policy deficiency. Proposed amendments shall be reviewed by Legal Counsel for legal sufficiency, approved by the Head of Human Resources and the Chief Executive Officer, and communicated to all employees at least 14 calendar days before the effective date. All employees shall be required to acknowledge receipt and understanding of material amendments through a signed acknowledgement or digital confirmation in the Organization's HR information system. A complete version history shall be maintained as an appendix to this policy.