HR policies and procedures

Well-drafted HR policies are a cornerstone of good business management. They provide clarity for both employees and managers, ensuring that everyone understands the standards of behaviour and the processes for dealing with workplace issues. The key benefits include:

• ensuring legal compliance - they help you meet your obligations under employment law, protecting your business from costly legal disputes and employment tribunal claims

• promoting fairness and consistency - policies ensure that all employees are treated in the same way in similar situations, which helps to build a positive and transparent culture

• setting clear expectations - they clearly communicate your standards on everything from conduct and performance to absence and the use of the employer’s technology

• providing a framework for decisions - they give managers a clear process to follow when handling difficult situations, such as disciplinary issues or employee grievances

It’s crucial to understand that not having a written policy does not grant an employee’s legal rights. Your staff are still entitled to all their statutory protections under UK employment law. A policy doesn't create these rights; it simply provides a clear, consistent, and fair framework for how your business will manage them.

Which HR policies are legally required?

While most HR policies are considered best practices, a few are legally required for businesses.

A written statement of employment particulars

This is the most fundamental document you must provide to your staff. While not an HR policy itself, it is a legally required summary of an individual's main terms of employment that you must give to all employees and workers on or before their first day.

Crucially, the statement must also contain your business's disciplinary and grievance rules, or refer to another accessible document that does (more below). 

The written statement of employment particulars often forms the basis of a more comprehensive Employment contract.

A health and safety policy

All businesses must have a Health and safety policy. If you have five or more employees, this policy must be in writing. It should outline your commitment to providing a safe workplace, who is responsible for what, and the practical arrangements you have in place to manage risks. For more information, read Health and safety, Control of substances hazardous to health (COSHH), and RIDDOR and accident reporting.

Disciplinary and grievance procedures

You must set out your rules and procedures for handling disciplinary and grievance situations in writing and make them accessible to all staff. You can do this using a Disicplinary procedure and a Grievance procedure.

Following a fair process, as outlined in the Acas Code of Practice, is essential to avoiding claims of unfair dismissal.

Data protection and privacy policies

The Data Protection Act 2018 (DPA), the main legislation implementing the General Data Protection Regulations (GDPR) in the UK, requires employers to comply with the principles for processing personal data. This includes being transparent and providing information to staff about personal data and how it is used. Employers can meet this obligation by:

• providing an Employee privacy notice when an employee starts work

• providing a Consultant privacy notice when engaging a consultant

• adopting and following a Data protection and security policy

An equal opportunities policy

While employers aren’t legally required to have a written equal opportunities policy, they are required to prevent unlawful discrimination in the workplace under the Equality Act 2010. Having an Equality opportunities policy is seen as strong evidence of compliance with this legal duty. 

This type of policy helps create an inclusive workplace and outlines how employers prevent discrimination (including by making reasonable adjustments for disabilities).

A whistleblower policy

For certain regulated businesses (eg those operating in finance), this is a legal requirement under the Public Interest Disclosure Act 1998. For all others, it is strongly recommended to have a written Whistleblowing policy in place. It provides a safe and confidential process for employees to report wrongdoing within the business (eg about criminal offences or endangerment of health and safety). For more information, read Whistleblowing.

What other HR policies should a business have?

Beyond the legal minimum, a range of other policies is strongly recommended as best practice to protect your business and support your employees. These are often collected together in a Staff handbook.

Policies for conduct and performance

These policies set clear expectations for employee behaviour and performance at work. They include:

• an Anti-harassment and bullying policy - shows your commitment to preventing all forms of harassment and bullying. It is often seen as supplementary to an Equality opportunities policy

• a Menopause policy - sets out how you will support staff experiencing menopause-related symptoms, and can help prevent sex-based discrimination 

• an Employee vaccination policy - details the business's approach to staff vaccination and vaccinations in the workplace

• an Anti-bribery and corruption policy - this is crucial for demonstrating compliance with the Bribery Act 2010 and sets out a zero-tolerance approach to bribery

Policies for leave and absence

These policies provide clarity for employees on how to request time off for various common situations. They include:

• a Sickness policy - explains the procedure for reporting sickness and details of any sick pay entitlement

• an Annual leave policy - sets out the business’s holiday year and the process for booking time off. Remember that staff working full-time are entitled to at least 5.6 weeks’ paid holiday per year, and that this is pro-rated for part-time and other workers. For more information, read How to calculate holiday entitlement

• a Bereavement leave policy - sets out your approach to time off following a bereavement

• a Jury service policy - explains the procedure if an employee is called for jury service

Family-friendly policies

These policies explain the support and leave available to employees for reasons relating to parenthood and family life, covering their statutory rights. They include:

• a Time off for dependants policy - outlines the right to take unpaid time off for family emergencies

• a Maternity policy - outlines the rights and obligations for employees during pregnancy and maternity leave

• a Paternity policy - details the leave and pay available to partners following a birth or adoption

• an Adoption leave policy - sets out the leave and pay entitlements for employees who are adopting a child

• a Parental leave policy - explains the right for parents to take unpaid time off to care for a child before the child’s 18th birthday

• a Shared parental leave policy - explains how a couple may share a leave entitlement when having a child

• a Neonatal care leave policy - details the leave rights and pay for parents whose baby requires neonatal care

For more information, read Family leave and rights.

Policies for working arrangements

These are increasingly important for defining how and where your employees work, and include

• a Flexible working policy - outlines the process for employees to formally request flexible working arrangements

• Remote, Hybrid, and Temporary working from home policies - these set out the rules and expectations for employees who work fully or partially from home, and address your health anfd safety obligations for remote workers 

• a Lone working policy - communicates health and safety procedures for those who work alone (including staff, consultants, and volunteers)

Policies for technology, data, and communications

These policies are vital for protecting your business's assets, data, and reputation. They include:

• a Communications and equipment policy - outlines the rules for using company IT equipment and resources

• a Social media policy - sets out the rules on social media use at work. This is important as employers will generally be liable for what their employees do on social media in connection with their employment; however, care must be taken to comply with matters relating to discrimination, privacy, and data protection

• an AI policy - lets staff know how artificial intelligence can be used in your workplace

Policies for business operations

These policies provide a consistent framework for key business and employment processes. They include:

• a Recruitment policy - sets out details of your recruitment process and your commitment to equal opportunities when hiring new staff

• a Redundancy policy - details the business's procedure for handling redundancies fairly

• an Expense policy - provides clear rules for staff claiming business expenses

• a Safeguarding policy - explains how your organisation protects those it works with from harm

• an Environmental policy - helps you manage the environmental impacts of your business

While this guide covers essential HR policies, your specific industry or activities may require others, such as a customer complaints procedure or a retirement policy. You should also take into account any sector-specific requirements that may apply (eg dealing with hazardous substances). Use our Bespoke drafting service if you need personalised policies drafted.

How to implement HR policies

Making policies is only the first step; they must be implemented effectively to have any impact:

1. communicate clearly: you must ensure every employee knows the policies exist, understands them, and can easily access them

2. train your managers: your managers are responsible for applying policies day-to-day, so they need to understand them thoroughly to ensure they act fairly

3. apply policies consistently: failing to do so can undermine a policy's purpose and may  lead to claims of unfair treatment or discrimination 

How often should HR policies be reviewed? 

HR policies are not static documents; they should be reviewed regularly to ensure they remain effective, compliant with the law, and relevant to your business. As a general rule, you should aim to review your policies at least once a year.

However, you should conduct a review sooner if certain triggers occur, such as:

• a change in UK employment law - for example, when new legislation is passed

• a significant change in your business - such as rapid growth, a shift to remote working, or a company restructure

• an issue or dispute - if a problem arises that highlights a gap or ambiguity in your current policy

• feedback from staff - employees or managers may point out that a policy is unclear or no longer fit for purpose

Clear and comprehensive HR policies are the foundation of a well-run and compliant workplace. They protect your business from legal risks while providing your employees with the clarity and support they need to thrive. If you need to create or update your policies, you can make an Employee handbook or Ask a lawyer for advice on your specific business needs.