List of Policies Every Company Should Have (HR Compliance Checklist)
If you’re searching for a list of policies every company should have, you’re likely trying to do two things at once: protect the business and stay compliant with labor and employment laws. Below is a focused, practical set of company policies examples that most employers should implement—plus where federal, state, or local compliance requirements commonly apply.
For a broader, step-by-step framework, pair this page with SwiftSDS’s human resources checklist and the full human resources compliance audit checklist.
Why “must-have” company policies matter for compliance
Written policies do more than set expectations—they create documentation that supports consistent practices, reduces discrimination risk, and helps prove compliance during audits, unemployment claims, wage disputes, or agency investigations.
Many policies also connect directly to legal obligations, such as:
- Wage and hour compliance under the Fair Labor Standards Act (FLSA)
- Anti-discrimination requirements under federal and state civil rights laws
- Safety obligations under OSHA and state workplace safety rules
- Leave administration under federal, state, and local leave laws
Policies are typically formalized in an employee handbook. For location-specific guidance, see employee handbook requirements by state.
Core HR and employment policies every company should have
1) Equal Employment Opportunity (EEO) and non-discrimination policy
What it should include (actionable elements):
- A clear EEO statement covering protected classes under federal law (and expanded categories where required by state/local law)
- A commitment to reasonable accommodations (disability, religion)
- A statement that employment decisions are based on job-related factors
Compliance tie-ins: Title VII, ADA, ADEA—and state agencies often require additional protections. For example, Massachusetts employers commonly reference MCAD guidance; related posting is Fair Employment in Massachusetts.
2) Anti-harassment and complaint reporting policy
What it should include:
- Definition and examples of harassment (including sexual harassment)
- Multiple reporting channels (supervisor, HR, hotline, alternate manager)
- Anti-retaliation statement
- A documented investigation process with timelines and confidentiality expectations
Practical tip: Train managers on intake and escalation. A policy without a reporting workflow is a common failure point.
3) Wage and hour policy (timekeeping, overtime, pay practices)
This is one of the most important company policies examples for compliance.
What it should include:
- Accurate timekeeping requirements for non-exempt employees
- Meal/rest break rules (especially important in states like California)
- Overtime authorization rules (and a reminder that unauthorized overtime must still be paid)
- Prohibition on off-the-clock work
- Payroll deductions rules and pay-day schedule
Compliance tie-ins: FLSA posting requirements and employee rights education. Many employers also provide access to the federal notice Employee Rights Under the Fair Labor Standards Act. Public-sector employers may need the version for government workers: Employee Rights Under the FLSA – State and Local Government.
For posting rules by jurisdiction, review Federal (United States) Posting Requirements and your state page.
4) Attendance, punctuality, and scheduling policy
What it should include:
- How employees report lateness/absence
- Call-in procedures and notice deadlines
- Job abandonment definition
- Scheduling expectations and flexibility standards
Compliance note: Some jurisdictions have predictive scheduling or reporting-time pay rules. Always align the policy with the state/local requirements where you operate.
5) Leave and time-off policy (sick, PTO, family/medical leave)
What it should include:
- Eligibility rules and accrual (if applicable)
- Request/approval process
- Documentation rules (where legally allowed)
- Carryover/caps and payout upon separation (state-specific)
- Coordination with legally protected leave (FMLA, state paid family/medical leave, military leave, jury duty)
Actionable step: Create a simple leave intake form and designate who makes eligibility determinations to avoid inconsistent decisions.
6) Workplace safety policy and hazard reporting
What it should include:
- General duty to follow safety rules and use PPE
- Injury/incident reporting process (immediate reporting)
- Hazard reporting and no-retaliation statement
- Emergency procedures and evacuation plan
Compliance tie-ins: OSHA (and state equivalents) often expect training, reporting, and documentation. If you have public employees in Massachusetts, this notice may apply: Massachusetts Workplace Safety and Health Protection for Public Employees.
7) Drug-free workplace and impairment policy (where applicable)
What it should include:
- Prohibition on working while impaired
- Testing rules (pre-employment, reasonable suspicion, post-accident) if used
- Prescription medication guidance (focus on safety-sensitive roles)
- Compliance with state cannabis laws and disability accommodation obligations
Practical tip: If you operate in multiple states, avoid one-size-fits-all cannabis language; align with each jurisdiction.
8) Code of conduct and disciplinary policy
What it should include:
- Standards for professional behavior
- Workplace violence prevention expectations
- Progressive discipline framework (with discretion language)
- Reporting obligations for misconduct
Actionable step: Document disciplinary actions consistently (date, policy violated, corrective steps, employee acknowledgement).
9) Confidentiality, privacy, and data security policy
What it should include:
- Confidential information definition (customer data, pricing, employee records)
- Acceptable handling and sharing rules
- Password/device security expectations
- Consequences for violations
Compliance note: Privacy requirements can vary widely by state (and industry). If you operate in California, ensure your policy aligns with state privacy and employment rules—see California (CA) Labor Law Posting Requirements for compliance items that often accompany HR documentation efforts.
10) Technology and acceptable use policy (email, internet, devices)
What it should include:
- Company device and network usage rules
- Monitoring disclosures (where required)
- Social media expectations (while respecting protected concerted activity rights)
- Remote work security requirements
11) Remote work / telework policy (if any work is performed remotely)
What it should include:
- Work hours/timekeeping for non-exempt employees
- Expense reimbursement rules (state-specific requirements may apply)
- Home-office safety expectations
- Where work may be performed (tax and labor law implications)
Multi-state reminder: Remote work can trigger new state posting and policy obligations. If you have employees in Florida, Ohio, or Maryland, start with:
- Florida (FL) Labor Law Posting Requirements
- Ohio (OH) Labor Law Posting Requirements
- Maryland (MD) Labor Law Posting Requirements
12) Complaint resolution and non-retaliation policy (general)
While anti-harassment policies include anti-retaliation language, many employers also adopt a broader policy covering:
- Wage complaints
- Safety complaints
- Ethics concerns
- Leave-related issues
Actionable step: Provide at least two reporting avenues and document resolution outcomes.
How to implement and maintain these policies (quick compliance workflow)
- Inventory what you already have using SwiftSDS’s human resources checklist.
- Map policies to where employees work (HQ state, remote states, job sites).
- Confirm posting and notice obligations via Federal (United States) Posting Requirements and state pages.
- Publish policies in an employee handbook and track acknowledgements. For deeper guidance, see HR policies and procedures.
- Train supervisors on the highest-risk policies (harassment, wage/time, leave, safety).
- Review annually (or when laws change). If you want tools that reduce manual tracking, compare options on HR compliance companies.
FAQ: Company policy requirements and best practices
What policies are legally required for every business?
Requirements vary by jurisdiction and workforce size. However, most employers need written guidance that supports compliance with wage and hour laws (FLSA), anti-discrimination/harassment rules, and safety obligations. Many states also effectively require certain policies to administer paid sick leave, leave benefits, or scheduling rules correctly.
Are company policies the same as required labor law posters?
No. Posters are mandatory notices employers must display (or distribute electronically for remote workers) to inform employees of their rights. Policies are your internal rules and procedures. You typically need both. Start with Federal (United States) Posting Requirements and then add your state requirements.
How often should we update our employee handbook and policies?
At least annually, and anytime you add a new state, change payroll/timekeeping systems, or a major law changes (e.g., paid leave updates, harassment training rules, wage changes). A yearly review using the human resources compliance audit checklist helps catch gaps before they become claims.
Keeping an up-to-date, legally aligned policy set is one of the simplest ways to reduce HR risk. Use this list as your baseline, then tailor it by state, industry, and workforce type to ensure your policies match how work actually happens in your organization.