← All posts

What 'automated retention' really means for your documents

18 June 2026 · Nasugn NDMS · 3 min read
retentionrecords managementdispositioncomplianceWORM

Most teams can tell you their retention policy. “Contracts for seven years. Tax records for five. Employee files for the life of employment plus seven.” What almost no one can tell you is whether that policy is actually happening — because in a shared drive or a generic DMS, retention is a spreadsheet someone is supposed to act on, not a thing the system does.

That gap is where risk lives. Keep records too long and you’re holding liability — and personal data you were supposed to dispose of. Delete them too early and you’ve destroyed something you were required to keep. Both failures look identical from the outside until an auditor or a court asks.

A policy the system runs, not a reminder someone ignores

Automated retention closes the gap by attaching a policy to the document, then letting the platform enforce it on a schedule. In NDMS a retention policy is a small, explicit object:

  • how long the document stays active,
  • how long it’s kept in archive after that,
  • and what happens at the end — delete, anonymise, or hold.

A scheduled sweep does the work. When a document’s active window elapses, it transitions to cold storage. When its archive window elapses, it’s disposed according to the policy. No one has to remember, and nothing depends on a person clearing a task queue on the right day.

Archiving is a storage decision, not a status label

“Archived” shouldn’t just mean a badge in the UI. When NDMS archives a document it moves the underlying object to a cold storage tier (think S3 Glacier), which is both cheaper and a genuine signal that the record has left active life. A ten-year-old invoice batch shouldn’t cost the same to store as last week’s contract, and it shouldn’t sit in the same hot path either.

The part that makes it defensible: WORM

Here’s the difference between “we have a retention policy” and “our storage enforces it”: Object Lock, in compliance mode. When NDMS archives a record under retention, it can write it as WORM — write once, read many. For the length of the retention window the object cannot be modified or deleted, not even by an administrator with full access.

That property is what turns retention from a promise into evidence. If someone asks whether a record could have been quietly altered or destroyed before its time, the answer isn’t “we trust our staff” — it’s “the storage physically wouldn’t allow it.”

Disposition is a feature, not an afterthought

The unglamorous half of records management is getting rid of things on time. Automated disposition — delete the blob, or anonymise it while keeping non-identifying metadata for statistics, or place a legal hold that blocks disposal entirely — is a first-class part of the lifecycle, and every step lands in an audit log.

The short version

A retention policy you can’t see the system enforcing is just a hope. Automated retention makes the lifecycle real: active, archived to cold storage, WORM-locked while it must be kept, and disposed on schedule — with a record of each transition. That’s the difference between managing documents and managing records.


Ready to see it? NDMS runs the whole document lifecycle — capture, search, e-signature, retention and disposal — with hard tenant isolation and a full audit trail. Start free →