Defensible retention for your closed matters.

Built to hold what you can’t delete, and delete what you can’t keep.

A regulator doesn’t ask whether the matter is closed. It asks whether you can find it, protect it, produce it, and destroy it on time.

Most firms store closed matters. Few can govern them. So every access request, every breach, every audit becomes a retrieval test the firm never prepared for. Compliance Studio Digital turns each closed digital matter into a governed record from the day it closes. Indexed, sealed, retrievable, and on a retention clock.

BOOK A DEMO

Take control of your closed matter retention.

Your PMS opens the matter. File Republic closes it.

One unbroken chain of custody, from the day a matter opens to the day it is certified destroyed.

When a matter closes in your PMS today, nothing really changes about the file. It stays editable. It stays held. The personal information inside it sits there long after the work is done. The risk grows at the moment everyone stops watching.

We close that gap. Working alongside your PMS, not instead of it. The moment a matter closes, the file becomes a sealed, governed record, and the chain stays unbroken from there.

For the obligations that start
when a matter closes

A regulator doesn’t ask whether the matter is closed.
It asks whether you can find it, protect it, produce it, and destroy it on time.

  • Protect personal information and destroy it when it is no longer needed.

    PII detection, restricted access, Australian region AWS retention, cryptographic sealing, compliant destruction or de-identification at end of retention. Closed matter PII stops being a liability the moment it closes.

  • Produce any personal information you hold about an individual on request.

    Fully indexed, OCR searchable archive. Any matter retrievable in seconds with a comprehensive access request report. Access requests move from days to minutes.

  • Notify the OAIC and affected individuals when a breach is likely to cause serious harm.

    Sealed, access controlled closed matters shrink the breach surface and give fast forensic answers.

  • Destroy client documents only after seven years, unless instructions or legislation require otherwise.

    Default seven year retention applied at closure, extendable where required, with certified destruction and an audit record. Retention is automatic. Destruction is defensible.

  • Record retention policy, segregation of archived files, access controls, audit trails, encryption, MFA, clear lifecycle.

    A structured, segregated archive sitting alongside your PMS, with controlled ingestion, sealing, restricted access and defensible destruction.

All of our services, none of the cost*

A single, all-inclusive fee applies per new matter.

Charges can be automatically recorded against the client ledger in your practice management system**.

The fee is fully recoverable as a client disbursement or cost recovery, ensuring no out-of-pocket cost to the firm.

Lower storage expenses, improve productivity, and strengthen compliance processes.

*Services are disbursable to clients due to per-matter billing **Automatic recording where integration is enabled

Protect your client’s Personal Identifiable Information.

  • Information preservation

    Our process starts with extracting and preserving the valuable metadata that sits behind your files, protecting case-critical evidence, such as image geo-tags, dates and times. Your files are also converted to PDF/A ensuring long term preservation and avoiding file corruption.

  • Sensitive data redaction

    Find and index personal identifiable information buried deep in the metadata of all electronic documents, or within a photo that could easily be overlooked, and use the power to redact within the application once the information is no longer needed.

  • Optical character recognition

    Optical character recognition scans and comprehensively indexes all text found in your documents, from the location a picture was taken to the sensitive data in a photo of a driver’s licence or scan of a bank statement, making it fully searchable.

  • Tamper-proof certification

    Your files are secured and certified with a cryptographic seal to prevent any unwanted modification or tampering. This high level of additional security gives you the peace of mind that your data will remain admissable in court into the future.

  • Global compliance

    Data breaches are becoming increasingly common. By anonymising sensitive personal data through de-identification, or redaction, it reduces the risk of breaches, aligns with global compliance standards such as the Australian Privacy Principles, GDPR, and HIPAA.

  • Disbursable cost

    When you first create the matter, our fee will automatically be captured against the Client ledger so you can easily recover the costs. Our single fee per matter charge allows you to convert your archiving costs into a legitimate client disbursement.

BOOK A DEMO

Certified so you can be certain.

In today's digital landscape, trust is everything.
The Cybercert SMB1001 Gold certification is our commitment – backed by independent verification – that when you entrust us with your sensitive information, it's protected by rigorous, industry-leading security practices.

Read more

Frequently asked questions.

The problem it solves.

  • It stores them, but storage is not governance. A practice management system is built to run active matters, and it does that well. It was not built to apply retention, lock down access, and arrange defensible destruction once a matter closes. So the closed file simply stays where it is, editable and held indefinitely. Compliance Studio governs what your PMS only stores.

  • Because the law expects you to protect personal information for as long as you hold it, and to destroy it when it is no longer needed. A closed matter left editable in the PMS, full of client personal information, with no retention clock and no destruction date, is exposure that quietly compounds with every matter you close. Law firms are among the top five sectors notifying the regulator of data breaches.

    Privacy Act 1988 (Cth), APP 11. OAIC Notifiable Data Breaches statistics.

  • No. A second editable working copy would double the risk. We do the opposite. We create a single, locked, sealed and access controlled record of the closed matter, allowing you to purge the live copy from your practice management system. The question to weigh is which is riskier: an editable file sitting in the PMS indefinitely, or a governed sealed record with a retention date and an audit trail.

How it works.

  • Automatically. When a matter closes in a supported practice management system such as LEAP or Smokeball, the file is ingested into Compliance Studio without your team changing how they work. On the way in, it is converted to an archival PDF/A format, the text is OCR processed so it is searchable, the personal information is detected, and a tamper evident seal is applied. Set and forget.

    PDF/A to ISO 19005. AWS Australian region hosting.

  • Most tools redact by dropping a black box over the text. The data is still underneath, and it can be lifted out in another program. True redaction burns the underlying data and metadata, so it is gone, not hidden. It cannot be undone. When you redact personal information to answer a request or share a file, that is the difference between the data being removed and merely looking removed.

  • AI driven detection scans the document text, the metadata, and the content of images. So a driver's licence or a bank statement captured as a scanned image is found, not missed because it is a picture rather than typed text. OCR makes the entire file, images included, fully searchable.

  • Yes. Each file is sealed with a cryptographic, tamper evident certificate and a trusted timestamp. If anyone questions whether a record was changed after closing, the seal is the proof it was not. Original metadata such as dates, times and geo tags is preserved, and the archival format keeps the file readable and unaltered for the full retention period.

    Cryptographic seal with trusted timestamp. ISO 19005 PDF/A preservation.

Compliance and cost.

  • When an individual asks for the personal information you hold about them, you have to find and produce it across every closed matter. In an unmanaged archive that is days of work. Here the archive is fully indexed and OCR searchable, so the right matter is found in seconds and the response moves from days to minutes.

    Privacy Act 1988 (Cth), APP 12.

  • A retention clock runs automatically against each matter, with a default of seven years. When a file reaches end of retention it is flagged for your review, and on your approval it is either destroyed and the destruction recorded, extended at your request, or de-identified and retained for intellectual property purposes. Retention is automatic, destruction is defensible.

    Default seven year retention, configurable. Australian Solicitors' Conduct Rules 2015, Rule 14.2.

  • No. Files are held in the open ISO 19005 PDF/A standard, which is designed to stay accessible, portable and readable regardless of vendor. Your records remain yours and remain usable long term. No lock in.

  • It is charged per matter, once, covering ingestion, governance and storage for the retention period. Because the charge attaches to a specific client matter, it can be treated as a recoverable disbursement and, where your PMS supports it, recorded automatically to the client ledger.

    On a net basis that means the firm gets a defensible closed matter archive while the cost is passed through at the matter level. The right per matter figure depends on your firm and volumes, so we cover it in a demo.

    Cost recovery aligns with standard legal billing practice. Recovery is at the firm's discretion per matter.

See your closed digital matters governed, sealed and searchable, and what it would cost per matter.

Book a demo →

Looking for secure physical
file storage?

Learn more