Employer Recordkeeping Requirements
February 25, 2022
Employer Recordkeeping Requirements

Federal laws, such as the Federal Insurance Contribution Act, the Fair Labor Standards Act (FLSA), the Equal Pay Act and the Civil Rights Act, impose recordkeeping duties on employers. Recordkeeping duties include creating, updating and preserving information.

 

State law also imposes several recordkeeping requirements on employers. These laws operate in addition to, or in conjunction with, federal requirements. This Employment Law Summary provides an overview of various New York recordkeeping requirements that generally apply to all employers in the state. Additional requirements may apply for employers in certain industries.

 

APPRENTICESHIPS

Employers that sponsor apprenticeship programs must make and keep all records necessary to prove that their apprenticeship programs comply with all federal and state laws. These records must also be used to periodically evaluate each apprentice’s progress.

 

An apprenticeship program sponsor’s records must include:

 

•   The apprentice-to-journey-worker ratio;

•   A certification of compliance with applicable federal, state and local health and safety standards;

•   A description of the probationary apprenticeship period;

•   Apprenticeship program modification requests submitted to the New York Department of Labor (NYDOL), if applicable; and

•   Information on program processes, such as procedures to authorize wage increases, transferring apprentices to other programs or notifying apprentices of adverse actions.

 

For each apprentice, the sponsor’s records must also show:

 

•   The training provided (must be at least 144 hours per year provided by qualified training personnel);

•   The apprentice’s age (must be at least 16 years of age);

•   The skills apprentices are expected to and have actually learned (must be verified and signed at least monthly by the apprentice’s supervisor);

•   The amount of time required in each work process or rotation;

•   The placement and registration with the program;

•   Evidence of program completion (if applicable); and

•   A signed copy of the Apprenticeship Agreement (which must also be filed with the NYDOL).


 

CHILD LABOR

New York allows employers to hire minors between 16 and 17 years old to work in occupations for which they have completed an approved work training program. For these minors, employers must maintain records showing:

 

•   The name, address and age of the minor;

•   The date the minor entered and the minor’s attendance record for the approved work training program;

•   The number of hours the minor participated in the work training program;

•   The number of hours the minor received specific training in safety; and

•   The occupation and work processes for which a certificate of completion was issued.

 

In addition, employers must maintain accurate records of each minor’s employment-related injuries and illnesses, unless the injuries were minor and required only first aid treatment.

 

Additional recordkeeping requirements apply for employers that work with child performers.

 

UNEMPLOYMENT COMPENSATION

Employers must keep a true and accurate record of each employee’s:

 

•   Name and Social Security number;

•   The amount of wages paid per payroll period;

•   The beginning and ending dates of each payroll period; and

•   The total amount of employee wages subject to unemployment compensation contributions under state law.

 

These records must be maintained for at least three years.

 

WAGE AND HOUR

New York employers must create and maintain contemporaneous, true and accurate payroll records for

at least six years. For each employee, these records must show:

 

•   The number of hours worked each week;

•   The regular and overtime wage rates and how they are calculated (hour, salary, piece or other, unless exempt from overtime compensation);

•   The number of regular and overtime hours worked (unless exempt from overtime compensation);

•   The amount of gross wages paid;

•   An itemized list of deductions;

•   An itemized list of allowances claimed as part of the employee’s wage (if any);

•   The amount of net wages paid; and

•   The employee’s student classification, if applicable.


 

Personnel records for student-employees must include a statement from the employee’s school indicating whether the student-employee is:

 

•   Participating in an instruction program that will lead to a degree, diploma or certificate (or is completing residence requirements for a degree); and

•   Required to obtain supervised and directed vocational experience to fulfill curriculum requirements.

 

For employees who are paid a piece rate, payroll records must include the applicable piece rate (or rates) of pay and the number of pieces completed at each piece rate.

 

Employers are subject to misdemeanor charges if they fail to keep or falsify payroll records or hinder the NYDOL’s access to these records during an investigation. Potential penalties for a first offense include a fine of between $500 and $5,000 or imprisonment for up to one year. For second or subsequent offenses within a six-year period from the first offense, employers may face felony charges punishable by a fine of between $500 and $20,000, imprisonment for up to 366 days or both. Each date an employer fails to comply with these recordkeeping requirements is considered a separate offense.

 

Additional recordkeeping requirements may apply for:

 

•   The farming industry;

•   Domestic workers and household employees;

•   The hospitality industry;

•   Employers that allow their employees to participate in tip pooling; and

•   The building service industry.

 

WORKERS' COMPENSATION

Employers subject to the state’s workers’ compensation laws must keep the following true and accurate records.

 

IDENTITY, ORGANIZATIONAL AND OCCUPATIONAL RECORDS

•   Federal Employer Identification Number;

•   Business name (including certificates of assumed business names);

•   Business form (such as corporation, limited liability company or partnership);

•   Articles of incorporation or organization (including amendments to the articles, occupational license, trade licenses or certifications); and

•   A current list of the officers, partners or principals of the business.

 

EMPLOYMENT RECORDS

•   The number of employees;

•   Each employee’s name, Social Security number or other identifying number;

•   Each day, month, year or pay period worked by each employee;

•   Each employee’s classification;

•   A description of each employee’s general duties (must provide enough information for a proper employee classification);

•   The amount of wages paid or owed to each employee;

•   The method of payment used to calculate each employee’s wages;

•   Wage payment records;

•   The value of credits and allowanced claimed for each employee’s wages (tips, employer-provided meals, lodging or similar benefits);

•   Annual wage or earnings statements for each employee (including IRS Forms 1099 and W-2);

•   Any written contracts or agreements that describe the terms of employment;

•   Documentation of all and any employee accidents and injuries;

•   Tax records (federal, state and the New York State Department of Labor filings);

•   Financial account records (general ledgers and monthly, quarterly or annual statements of all opened or closed business accounts); and

•   Insurance coverage and eligibility records.

 

PENALTIES

Employers that violate these recordkeeping requirements may face criminal and administrative penalties. Criminal penalties include misdemeanor charges and fines of between $5,000 and $10,000 for failing to keep or falsifying these records. Second and subsequent violations can lead to class E felony charges and fines of between $10,000 and $25,000. Administrative penalties include a $1,000 fine for every ten-day period of non-compliance or a fine equal to twice the cost of compensation for the employer’s payroll for the period when the violation takes place.

 

In general, employers must maintain these records for a period of at least four calendar years.

 

EMPLOYEE INJURIES

Employers must record every injury and illness employees suffer in the course of employment on a form prescribed by the New York State Workers’ Compensation Board. This injury record must be kept for at least 18 years. The Workers’ Compensation Board does not require employers to file an injury or illness report, unless the injury or illness causes the employee to:

 

•   Miss a day of work beyond the shift or day when the injury or illness took place; or

•   Receive medical treatment beyond ordinary first aid or more than two treatments by a person rendering first aid.

 

Employers that refuse or neglect to keep employee injury and illness records may be charged with a misdemeanor, punishable by a fine of up to $1,000 and an additional administrative fine (imposed by the Workers’ Compensation Board) of up to $2,000.

Sign up for our newsletter.

Your Medicare Plan Is Discontinued: What’s Next?

October 14, 2025
If you recently received notice that your Medicare plan, or Medicare Advantage plan, is being discontinued, you’re not alone. Across the country (and right here in New York), insurers are scaling back or exiting less profitable markets ( Kiplinger ). While this can feel stressful, there are steps you can take to make sure your coverage doesn’t lapse and to find a better plan for your health and budget. Why Are Plans Being Discontinued? A mix of financial pressure, federal reimbursement changes, and rising health costs is driving insurers to reduce their Medicare Advantage footprints: Some major insurers are cutting back or exiting entire counties. For example, UnitedHealth announced it will discontinue its Medicare Advantage presence in 109 U.S. counties in 2026, according to Reuters . Local carriers in New York are also making changes: MVP is dropping several plans, and CDPHP is eliminating certain drug-coverage options, the Times Union explains . These shifts are happening alongside tighter government funding and increased regulatory strain. Because insurers must absorb the extra cost of covering benefits while meeting regulatory caps (for example, on prescription drug out-of-pocket limits), some plans become financially unsustainable and are discontinued ( the Kaiser Family Foundation ). Steps to Take if Your Plan Is Discontinued Here’s how to act so you don’t lose coverage: 1. Review the notice you received carefully Your insurer is required to send you a non-renewal or discontinuance notice. It often includes deadlines, whether you can enroll through a Special Enrollment Period (SEP), and what options you have. 2. Note the relevant enrollment period The Annual Enrollment Period (AEP) runs October 15 to December 7, 2025 , during which you can switch Medicare Advantage or Part D plans. If your plan was discontinued, some notices allow you to select a new plan until December 31 without penalty. In limited cases, you may qualify for a Special Enrollment Period (SEP) following the discontinuation. 3. Research your options early Don’t wait until the last minute. Compare plans available in your area. Key things to look at: Provider networks: Will your doctors still be covered? Drug formularies: Does the plan cover your medications and at what cost? Premiums, deductibles, and out-of-pocket max: These can vary significantly. Benefit trade-offs: Some plans reduce supplemental benefits (vision, dental, wellness perks) when trying to maintain financial viability. 4. Enroll in the new plan Submit your enrollment by the relevant deadline (typically December 7 for the Annual Enrollment Period (AEP). However, If your plan was discontinued, you may have until December 31 to choose a new one without penalty). Make sure the new plan starts January 1 to avoid coverage gaps. 5. If your plan wasn’t discontinued, still review Even if your current plan remains active, benefits, networks, and costs often change each year. It’s wise to compare alternatives anyway, especially after insurer shake-ups. Why Timing & Support Matter Delays cost you: Failing to enroll by deadlines could mean losing drug coverage or being locked into a less ideal plan. Support can ease the burden: Licensed agents can help you compare side-by-side, explain trade-offs, and guide you through enrollment. You deserve the best match: Everyone’s health and financial needs differ. Don’t settle for the first available option unless it truly fits. How Simco Can Help At Simco, we understand the stress of sudden plan changes. Our licensed insurance advisors are ready to: Help you interpret your discontinuance notice Compare plan options available in your area Assist with enrollment paperwork Explain benefit trade-offs and cost implications You don’t have to navigate this alone. Whether your Medicare Advantage plan was discontinued or you’re simply exploring your options, our team is here to support you. Contact us today to schedule a 1-on-1 consultation, and let us help you find the plan that keeps you covered and confident in 2026 and beyond.

isolved Named #1 for SMBs Across the Employee Lifecycle

October 3, 2025
At Simco, we’re proud to be a trusted isolved Network Partner , which means the Human Capital Management (HCM) technology we deliver to our clients is powered by isolved People Cloud™. And now there’s even more reason to celebrate: isolved has been recognized as the #1 SMB HCM provider across the entire employee lifecycle in Sapient Insights Group’s 28th Annual HR Systems Survey. This annual survey is one of the most respected benchmarks in the HR technology industry. With feedback from over 4,500 HR professionals, Sapient Insights captures the real voice of the customer by evaluating vendors across two critical areas: User Experience (UX) and Vendor Satisfaction (VS). isolved earned an impressive 38 badges this year, the most awarded SMB vendor for the second year in a row, and ranked #1 in 13 different SMB categories . Breaking Down the Results isolved’s recognition wasn’t limited to a single function. It spanned the entire employee lifecycle, covering everything from payroll and benefits to recruiting and workforce management. Highlights from the survey include: Payroll — Ranked #1 in both User Experience and Vendor Satisfaction for SMBs Core HR — #1 in Vendor Satisfaction Benefits — #1 in User Experience Recruiting — #1 in both User Experience and Vendor Satisfaction Time & Attendance — #1 in both User Experience and Vendor Satisfaction Skills Management — #1 in User Experience Rewards & Recognition — #1 in User Experience In addition, isolved placed in the Top 5 across numerous other categories like onboarding, learning, performance management, workforce scheduling, and contingent management. What does this mean? isolved’s solution isn’t just strong in one area, it’s consistently delivering across all the areas that matter most for small and mid-sized businesses. Why This Matters for SMBs Today’s SMBs face more challenges than ever. Recruiting is competitive, employee expectations are higher, and compliance requirements grow more complex every year. Business owners often find themselves piecing together multiple vendors to handle payroll, HR, benefits, and insurance, adding complexity and risk. isolved’s sweep across the Sapient Insights report shows that SMBs no longer have to choose between great payroll software and effective talent tools, or between benefits management and workforce scheduling. With isolved, the technology already covers the full employee lifecycle, validated by real-world HR pros. From Recognition to Results isolved’s 38 badges and top rankings validate what our clients experience every day: Accuracy and trust in payroll with fewer errors and compliance risks. Simplified benefits administration that keeps employees happy and businesses competitive. Recruiting and onboarding tools that make hiring more effective. Time and scheduling solutions that align workforce needs with operational efficiency. These results aren’t just about technology; they’re about enabling SMBs to compete, thrive, and support their people better. The Simco Advantage: More Than Just Software Here’s the ultimate key: technology is only half of the solution. Technology is powerful, but the real impact comes from how it’s put into practice. At Simco, we go beyond simply providing software. We deliver a fully integrated HCM and advisory solution that ties every part of workforce management together. Here’s what sets us apart: One Point of Contact: A dedicated resource who understands your business and ensures your HCM, HR, benefits, insurance, and retirement services work in sync. All-in-One Partner: From payroll and HR to insurance and 401(k) plans, we eliminate the hassle of juggling multiple vendors. Advisory + Optimization: We don’t just implement technology. We guide you in using it to strengthen compliance, employee engagement, and growth strategies. As your business grows, your needs change. By pairing isolved’s award-winning technology with Simco’s hands-on expertise, we help you stay ahead, operate more efficiently, and build better employee experiences. Key Takeaways isolved’s recognition in the Sapient Insights report shows that SMBs have access to enterprise-grade HR technology tailored for their needs. And with Simco as your partner, you’ll never have to choose between the strength of your platform and the quality of your service; you’ll have both. Want to see how Simco + isolved can streamline your payroll, HR, benefits, and more? Contact us today.
Top 5 Cybersecurity Mistakes That Put Your Business at Risk

Top 5 Cybersecurity Mistakes That Put Your Business at Risk

October 1, 2025
In today’s digital-first world, small and mid-sized businesses are just as vulnerable, if not more so, than large corporations when it comes to cyberattacks. Limited budgets, fewer in-house IT resources, and the perception of being “too small to target” often leave business owners dangerously exposed. The reality? Hackers don’t discriminate based on size; they look for the easiest entry points. Here are the top five mistakes businesses make, how to avoid them, and what steps you can take today to protect your company, your employees, and your bottom line. 1. Relying on Weak or Outdated Passwords Passwords are often the first line of defense, and also the weakest. Too many businesses rely on simple or reused passwords that can be cracked in seconds with modern tools. The Modern MFA Landscape While passwords remain standard, multi-factor authentication (MFA) has become the new baseline. However, how you implement MFA matters: Avoid email for MFA codes. If a phishing attack compromises an employee’s inbox, bad actors can intercept the code and access sensitive systems. SMS is better but not bulletproof. Text messages provide an extra layer of security but can still be intercepted. Authenticator apps are the gold standard. Tools like Authy, Microsoft Authenticator, or Google Authenticator create time-based one-time codes that aren’t tied to email or SMS. Forward-looking companies are also exploring passwordless authentication, a model that reduces dependence on static credentials altogether. Until then, tightening password hygiene and upgrading MFA methods should be immediate priorities. 2. Overlooking Employee Training Even the most advanced cybersecurity tools can’t stop an employee from clicking a malicious link or downloading infected files. Human error remains the biggest vulnerability in most organizations. What Employees Need to Know Instead of broad, once-a-year sessions, ongoing training should focus on real-world risks employees face daily. Consider including: How to spot suspicious links and attachments Why “urgent” or “CEO fraud” emails are red flags Safe internet practices for remote or hybrid workers How to report suspicious activity without fear of blame Building a Culture of Cyber Awareness Cybersecurity isn’t just an IT issue; it’s a company-wide culture. Leadership should model secure behavior and celebrate employees who catch threats. Over time, security becomes second nature rather than an afterthought. 3. Neglecting Regular Software Updates Software vendors release updates for a reason: to fix vulnerabilities. Delaying or ignoring these updates gives hackers a direct pathway into your systems. The Risk of Outdated Systems Running outdated operating systems, browsers, or applications often leaves “open doors” attackers can exploit. Businesses that don’t patch quickly enough have been at the center of major breaches. Automating updates or assigning a designated IT contact for patch management ensures vulnerabilities are closed before they can be exploited. Even for smaller businesses without dedicated IT staff, outsourced providers or managed IT services can fill this role affordably. 4. Failing to Prepare an Incident Response Plan (IRP) Too many businesses wait until a breach happens to figure out how to respond. By then, panic sets in, time is lost, and the financial damage increases. Why an IRP Matters An Incident Response Plan is essentially a playbook for what your business will do in the first 24–72 hours after an attack. It should outline: Who is responsible for containment and communication Steps for isolating affected systems Legal or regulatory reporting requirements How to restore backups and resume operations Tip: Run Cybersecurity Fire Drills Just like fire drills, businesses should run simulated cyber incidents. Testing your IRP helps employees understand their roles and uncovers gaps before a real attack occurs. 5. Assuming Insurance Alone Is Enough Some business owners mistakenly believe their general liability insurance will cover cyber-related losses. Unfortunately, most policies exclude data breaches, ransomware, or social engineering scams. The Role of Cyber Liability Insurance Cyber liability insurance fills these gaps by covering costs like forensic investigations, customer notifications, legal fees, regulatory fines, and even ransom payments (where legal). For small businesses, this coverage can mean the difference between survival and bankruptcy after a breach. But insurance should never replace prevention. Instead, think of it as a financial safety net that complements strong security practices, not one that replaces them. Click here to learn more about how Simco’s Commercial Insurance team can help protect your business with cyber and data breach coverage and beyond. Secure Your Business for the Future Cybersecurity is no longer optional for businesses; it’s a core part of protecting your employees, customers, and reputation. By addressing these five common mistakes, you’ll not only reduce your risk of an attack but also build trust with clients who want assurance that their data is safe in your hands. Taking proactive steps now, including strengthening authentication, investing in training, creating an IRP, and supplementing with cyber liability insurance, can save untold amounts of money, stress, and reputational damage later.

Have a question? Get in touch.