Policy-Driven Records Governance — with Retention, Legal Hold, and Defensible Disposition on AWS Infrastructure You Control
Records management is the discipline of controlling records through their entire lifecycle — from declaration through classification, retention, legal hold, and disposition. Unlike general document management, which focuses on operational document handling, records management is driven by regulatory obligation, legal risk, and organizational policy. Every record has a defined retention period, a classification, and a disposition action — and the system managing those records must produce audit evidence that each step was executed lawfully, on schedule, and by an authorized actor.
FormKiQ provides records management capabilities within an API-first platform that deploys directly into your AWS account. Retention schedules, legal holds, disposition workflows, and audit trails all operate within your own AWS environment — giving records managers and compliance teams full control over the infrastructure, encryption, and regional placement of their records without depending on a vendor's hosted environment.
What Is Records Management?
Records management governs information that has been declared as a record — a document or data object that an organization is required to retain, protect, and eventually dispose of according to defined rules. Not every document is a record, but every record was once a document.
| Concept | Definition |
|---|---|
| Record | A document or data object that has been declared as having legal, regulatory, or operational significance and is subject to a defined retention and disposition policy |
| Records series | A group of related records that share a common retention schedule — all records in the series follow the same retention period and disposition action |
| Vital records | Records essential to continued operations — needed to resume business after a disaster, establish legal rights, or protect organizational interests |
| Retention schedule | A policy specifying the retention period and disposition action for each category of record — how long it must be kept, what triggers the retention clock, and what happens when the period expires |
| Retention period | The defined duration for which a record must be retained — measured from creation date, triggering event, end of business relationship, or other defined reference points |
| Legal hold | A temporary suspension of normal disposition to preserve records relevant to anticipated or active litigation, regulatory investigation, or other legal proceeding |
| Litigation hold | A specific form of legal hold applied in response to anticipated or active litigation — preserving all records potentially relevant to the matter |
| Disposition | The action taken when a record reaches the end of its retention period — typically destruction, transfer to an archive, or permanent preservation |
| Defensible disposition | A disposition process that can be demonstrated to have been lawful, authorized, and consistent with applicable retention requirements — supported by a complete audit trail |
The Records Lifecycle
Records management follows a defined lifecycle. FormKiQ supports each stage within your AWS environment:
| Lifecycle Stage | What Happens | How FormKiQ Handles It |
|---|---|---|
| Creation / Capture | A document is created or received by the organization | API upload, web console, Document Gateway Modules (SharePoint, Google Drive, Email, SFTP, Scanner), bulk import |
| Declaration | A document is classified as a record and assigned to a records series | Document type definitions and metadata schemas trigger automatic or manual declaration based on configurable rules |
| Classification | The record is assigned metadata, a records series, and a retention schedule | Tag schemas, composite keys, and document type definitions enforce required metadata at the point of declaration |
| Active Use | The record is accessed, referenced, and used in business operations | Full-text search, metadata search, ABAC-controlled access, document versioning, check-in/check-out |
| Retention | The record is retained according to its retention schedule, with access controls maintained | Configurable retention policies at the document, folder, and document-type level with automatic enforcement |
| Legal Hold | Normal disposition is suspended to preserve records for legal or investigative needs | Legal holds applied to individual records or record sets — preventing modification or deletion regardless of retention schedule |
| Disposition | The record reaches the end of its retention period and is destroyed, transferred, or preserved | Audit-logged disposition workflows with timestamps, actor identification, authorization records, and disposition confirmation |
Why Records Management on AWS
Legacy records management systems — whether standalone RMA platforms or records modules within ECM suites — typically operate in vendor-controlled environments where the organization trusts the vendor to enforce retention, protect holds, and produce audit evidence. This creates three structural risks:
Audit Evidence You Don't Own
When retention enforcement and disposition logging happen in a vendor's environment, your audit evidence depends on the vendor's reporting capabilities and willingness to provide it. If a regulator or opposing counsel asks for proof that a record was retained for the required period and disposed of lawfully, you're relying on vendor-generated reports rather than infrastructure you control.
FormKiQ's audit trails are recorded in AWS CloudTrail and in FormKiQ's document-level audit log — both within your AWS account. Every retention event, hold event, access event, and disposition event is recorded with timestamps and actor identification in infrastructure you own.
Encryption and Access You Don't Control
Records under retention or legal hold often contain the most sensitive information in the organization. In a vendor-hosted environment, encryption key management is the vendor's responsibility — and access controls are enforced by the vendor's platform rather than your organization's identity infrastructure.
FormKiQ encrypts records with AWS KMS customer-managed keys and enforces access through Amazon Cognito and IAM — both within your AWS account. Your security team controls the keys, the identity layer, and the access policies.
Data Residency You Can't Verify
Records retention requirements often intersect with data residency obligations. A record that must be retained for seven years under SEC 17a-4 may also need to reside within a specific jurisdiction under GDPR or PIPEDA. Verifying that a vendor's hosted environment meets both requirements simultaneously requires trusting the vendor's architecture claims.
FormKiQ deploys to a specific AWS region. Records, metadata, search indexes, and audit logs all reside within the region you select. Data residency is verifiable through your own AWS account configuration — not through vendor attestations.
Records Management Capabilities in FormKiQ
Retention Policies
FormKiQ provides configurable retention policies that can be applied at multiple levels:
- Document level — retention rules applied to individual records based on their classification or metadata
- Folder level — retention inherited by all records within a governed folder structure
- Document type level — retention rules tied to document type definitions, automatically applied when records are declared
Retention periods can be triggered by:
- Date of creation or ingestion
- A defined business event (contract expiry, employee termination, case closure)
- Metadata value changes
Legal Hold
| Capability | Description |
|---|---|
| Hold application | Apply legal holds to individual records, record sets, or entire records series |
| Hold protection | Records under hold are protected from modification, deletion, and disposition regardless of retention schedule |
| Hold tracking | Hold status tracked with full audit trail — application date, authorizing actor, matter reference, and release date |
| Multiple concurrent holds | A single record can be subject to multiple holds simultaneously — the record is protected until all holds are released |
| Hold release | Controlled release process with authorization requirements and audit logging |
Defensible Disposition
- Disposition eligibility review — records reaching the end of their retention period are flagged for review before disposition
- Authorization workflows — disposition requires explicit authorization from designated roles
- Disposition confirmation — every disposition event is recorded with the record identifier, disposition action (destruction, transfer, preservation), timestamp, and authorizing actor
- Hold check — disposition is blocked for records under active legal hold, regardless of retention schedule status
- Bulk disposition — records series reaching end-of-retention can be processed in batch with per-record audit logging
Classification and Metadata
- Tag schemas and composite keys — consistent metadata application across records series
- Document type definitions — enforce required metadata fields at the point of record declaration
- Records series assignment — records grouped by series with shared retention schedules and disposition actions
- Attribute-based access control (ABAC) — records visibility tied to metadata values, enabling access policies based on classification level, department, matter, or custom attributes
Search and Discovery
- Full-text search — powered by Amazon OpenSearch for rapid discovery across large records repositories
- Metadata search — query by any combination of classification attributes, retention status, hold status, and custom metadata
- Cross-repository discovery — search across multiple records repositories and document collections within a single FormKiQ deployment
Records Management Standards and Frameworks
FormKiQ's records management capabilities support alignment with widely adopted standards and regulatory frameworks:
| Standard / Framework | Scope | How FormKiQ Aligns |
|---|---|---|
| ISO 15489 | International standard for records management — principles, policies, and procedures for creating, capturing, and managing records | Retention lifecycle controls, classification schemas, disposition workflows, audit trails |
| DoD 5015.02 | US Department of Defense design criteria for records management applications; referenced internationally alongside MoReq2010 and national archives standards | Records declaration, retention scheduling, legal hold, disposition with audit evidence, access controls |
| NARA | US federal records management requirements — scheduling, transfer, and disposition of federal records | Retention schedule management, disposition authorization workflows, transfer-to-archive capability |
| UK / Canadian / Australian National Archives | UK National Archives (TNA), Library and Archives Canada (LAC), and National Archives of Australia (NAA) requirements for government records management | Retention schedule management, disposition authorization workflows, transfer-to-archive capability, data residency within relevant AWS regions |
| ISO 16175 | Principles and functional requirements for records in electronic office environments | Metadata capture, classification, retention, search, and audit within electronic records systems |
| MoReq2010 | Modular Requirements for Records Systems — European specification for electronic records management | Modular records services, metadata schemas, retention and disposition, audit and reporting |
Regulatory Drivers for Records Management
| Regulation / Requirement | Records Obligation | FormKiQ Capabilities |
|---|---|---|
| SEC 17a-4 / FCA (UK) / APRA (Australia) / OSFI (Canada) | Financial industry records retained in non-rewritable, non-erasable format for defined periods — SEC 17a-4 (US), FCA SYSC rules (UK), APRA prudential standards (Australia), OSFI guidelines (Canada) | Immutable storage configurations on S3, retention enforcement, audit-logged disposition |
| FINRA | Financial industry records retention and production requirements | Retention schedules, search and retrieval, hold management, audit trails |
| HIPAA | Protected health information retained with access controls and audit logging | Encryption (KMS), ABAC, audit trails, retention policies, BAA-eligible AWS services |
| GDPR / UK GDPR | Personal data retained only as long as necessary, with right-to-erasure obligations | Retention enforcement, defensible disposition, right-to-erasure workflows, data residency |
| PIPEDA / Quebec Law 25 | Canadian personal information retention and disposition requirements | Canadian data residency (Montreal, Calgary), retention controls, disposition workflows |
| CCPA / CPRA | Consumer data retention and deletion request obligations | Retention policies, deletion request workflows, audit evidence |
| FDA 21 CFR Part 11 | Electronic records and signatures for life sciences — integrity, audit trails, access controls | Document versioning, audit trails, eSignature integration, access controls |
| SOX (Sarbanes-Oxley) | Financial records retention for public companies | Retention schedules for financial records, audit trails, access controls |
| FOIA / Access to Information / Freedom of Information | Government records accessible to public upon request, with defined exemptions — FOIA (US), Access to Information Act (Canada), Freedom of Information Act (UK/Australia) | Search and retrieval, classification-based access controls, redaction support |
| National, state, and provincial retention statutes | Jurisdiction-specific retention periods for employment, tax, contract, and operational records — US states, Canadian provinces, UK legislation, Australian states and territories | Configurable retention schedules by jurisdiction, document type, and business unit |
FormKiQ Editions for Records Management
Records management capabilities are available across FormKiQ editions, with governance depth increasing at each tier:
| Capability | Core | Essentials | Advanced | Enterprise |
|---|---|---|---|---|
| Document Storage, API & Web Console | ✓ | ✓ | ✓ | ✓ |
| Tagging, Search & Classification | ✓ | ✓ | ✓ | ✓ |
| OCR (Tesseract) | ✓ | ✓ | ✓ | ✓ |
| Multi-Tenant Support | ✓ | ✓ | ✓ | ✓ |
| SSO (SAML — Entra, Google, Auth0) | ✓ | ✓ | ✓ | |
| Workflows, Queues & Rulesets | ✓ | ✓ | ✓ | |
| Encryption (in-transit & at-rest) | ✓ | ✓ | ✓ | |
| Document Control & Versioning | ✓ | ✓ | ✓ | |
| OCR & IDP (AWS Textract) | ✓ | ✓ | ✓ | |
| Antivirus & Anti-Malware | ✓ | ✓ | ✓ | |
| Capability Extension Modules | ✓ | ✓ | ||
| Document Gateway Modules | ✓ | ✓ | ||
| Integration Framework Modules | ✓ | ✓ | ||
| Solution Layers | ✓ | ✓ | ||
| Multi-Instance & Multi-Region Licensing | ✓ | ✓ | ||
| Vendor-Managed & Hybrid Deployment | ✓ | |||
| Custom SLAs & Compliance Consulting | ✓ | |||
| OEM & Partner Licensing | ✓ | |||
| Support | Community (Slack & GitHub) | Support Portal (2-business-day SLA) | Private Slack + videoconference + 40 hrs onboarding | Rapid response (8-business-hour SLA) + strategic architecture support |
Who Uses Records Management on AWS
| Industry | Records Management Needs | Key Regulatory Drivers |
|---|---|---|
| Government & Public Sector | Constituent records, FOIA programs, policy records, correspondence, inter-agency records | NARA (US), TNA (UK), LAC (Canada), NAA (Australia), state/provincial retention statutes, FOIA / Access to Information / FOI |
| Financial Services & Insurance | Client records, trading records, regulatory filings, audit evidence, claims documentation | SEC 17a-4, FINRA, SOX (US), FCA, UK Companies Act (UK), APRA, ASIC (Australia), OSFI (Canada), MiFID II (EU) |
| Healthcare & Life Sciences | Patient records, clinical trial documentation, regulatory submissions, quality system records | HIPAA, FDA 21 CFR Part 11 |
| Higher Education | Student records, research data, grant documentation, institutional policy, faculty records | FERPA (US), GDPR (EU/UK), provincial privacy legislation (Canada), NARA / national archives requirements, state/provincial retention schedules |
| Legal & Professional Services | Matter files, client engagement records, correspondence, billing records | Bar association requirements, professional regulatory obligations |
| Energy & Utilities | Environmental compliance records, permit documentation, safety records, operational logs | EPA, OSHA (US), HSE (UK), provincial OHS legislation (Canada), SafeWork Australia, national environmental regulations |
| Manufacturing | Quality records, supplier qualification, inspection records, standard operating procedures | ISO 9001, FDA (for medical devices), sector-specific quality regulations |
Deployment Models
| Model | Description | Availability |
|---|---|---|
| Customer-Managed AWS | Deploys directly into your AWS account via CloudFormation. Full control of infrastructure, networking, encryption keys, and operations. | All editions |
| Vendor-Managed | FormKiQ manages the AWS infrastructure on your behalf — deployment, updates, and operational support. | Enterprise |
| Hybrid | You retain control of specific components (encryption keys, network config) while delegating operational management to FormKiQ. | Enterprise |
Every deployment is a dedicated, isolated instance in an AWS account owned by or designated by the customer. FormKiQ does not operate a shared multi-tenant environment.
Getting Started
FormKiQ Core can be deployed to your AWS account in fifteen to twenty minutes using a one-click install via AWS CloudFormation. FormKiQ Essentials, Advanced, and Enterprise instances typically complete onboarding in under an hour.
For organizations evaluating records management on AWS, FormKiQ offers a Proof-of-Value program — a three-month deployment in a FormKiQ-managed AWS environment that provides full platform access in a non-production setting.
Frequently Asked Questions
What is records management on AWS?
Records management on AWS refers to deploying a records management system on Amazon Web Services infrastructure — using AWS storage, encryption, identity, and regional availability to manage the records lifecycle (declaration, classification, retention, legal hold, and disposition) within a cloud environment the organization owns and controls.
What is the difference between document management and records management?
Document management focuses on the operational handling of documents — capture, storage, retrieval, access control, and versioning. Records management is a governance discipline that controls records through a defined lifecycle driven by regulatory requirements, legal obligations, and organizational policy. Records management adds retention scheduling, legal hold, defensible disposition, and regulatory audit evidence on top of core document management capabilities. FormKiQ provides both within a single platform.
What is a legal hold?
A legal hold is a temporary suspension of normal disposition processes to preserve records that may be relevant to anticipated or active litigation, regulatory investigation, or other legal proceeding. Records under legal hold must not be altered, deleted, or disposed of regardless of their normal retention schedule. FormKiQ supports legal hold application and tracking with full audit evidence throughout the hold lifecycle.
What is defensible disposition?
Defensible disposition is the process of destroying, transferring, or permanently preserving records at the end of their retention period in a way that can be demonstrated to be lawful, authorized, and consistent with the applicable retention schedule. FormKiQ records every disposition event with the record identifier, disposition action, timestamp, authorizing actor, and applicable retention policy — providing the audit evidence needed to defend disposition decisions.
Does FormKiQ support ISO 15489, DoD 5015.02, and international records management standards?
FormKiQ's records management capabilities support alignment with ISO 15489 (an international standard for records management lifecycle controls, classification, and disposition) and DoD 5015.02 (US Department of Defense design criteria for records management applications). The platform also supports alignment with international equivalents including MoReq2010 (European specification), UK National Archives requirements, Library and Archives Canada guidance, and National Archives of Australia standards. The platform architecture supports the functional requirements of these standards within your AWS environment.
Can FormKiQ manage retention schedules across multiple jurisdictions?
Yes. FormKiQ supports configurable retention schedules by document type, classification, records series, and business unit — allowing organizations to apply different retention periods based on the jurisdiction, regulation, or business context applicable to each record. Combined with multi-region deployment support on Advanced and Enterprise editions, organizations can enforce both retention and data residency requirements simultaneously.
How does FormKiQ handle records under both retention and legal hold?
When a record is subject to both a retention schedule and a legal hold, the legal hold takes precedence. The record is protected from modification, deletion, and disposition until all holds are released — regardless of whether the retention period has expired. Once all holds are released, the record resumes its normal retention lifecycle. All hold and retention events are recorded in the audit trail.