Search
For Individuals For TPAs
All Courses Testimonials
Seminars Webinars Online Certifications Blog Other

Documenting Evidence From An Internal Investigation

11/8/2025

As information is gathered during an internal investigations, the amount of paper collected can be quite significant. This may include samples of employee’s work products, spreadsheets, reports, work schedules, photocopies of time cards, security logs, etc.

Listed below are some recommendations for Security Protocols:
  • A common mistake is allowing investigative files to be stored in the same file cabinet as personnel files. This practice can allow any number of human resource professionals or administrative staff members to view sensitive documentation from investigations. This process can cause breaches in confidentiality.
    • Cafeteria Plan Training & Certification Program
  • A separate file area should be established within the records retention area of organizations or within a security, safety, or human resource department. The file cabinets must have the ability to be locked, and only the investigators should have access.

  • Once secure file cabinets have been established for retention of hard copy documentation, the next step is securing data files. Every investigator utilizing case management software, or even simply a Microsoft Office application, must ensure that files are backed up every few hours. The loss of power, a system update, or any number of technological issues can cause a loss of investigative files.

  • Ensure that related databases are password protected, that passwords are alphanumeric, and that members of the Information Technology department sign a confidentiality agreement and do not have access to investigators’ passwords. IT professionals should be able to reset passwords, but should not be able to gain access to the investigative data files. If they are given this access, they must be made aware of consequences if security is breached.

  • Internal breaches in security and confidentiality are not the only breaches to be concerned about, however. External sources may potentially try to access secure files, so it is best to get reassurances from Information Technology professionals that the data is secured by a firewall and/or other protective measures.

  • Documentation created or collected during the course of an investigation should be retained for a significant length of time, usually the length of employment plus seven years. Once an investigation is completed, the documentation should be under the control of counsel to help protect the attorney-client and attorney work-product privileges.