Recent Breaches
Breaches
2026PowerSchool62.4M stolen62.4M records stolen2026DISA Global Solutions3.3M stolen3.3M records stolen2026Globe Life850K stolen850K records stolen2026NHS ScotlandUndisclosed stolenUndisclosed records stolen2026HertzUndisclosed stolenUndisclosed records stolen2025Marks & Spencer9.4M stolen9.4M records stolen2025PayPal35K stolen35K records stolen2025Jaguar Land RoverUndisclosed stolenUndisclosed records stolen2025Co-operative GroupUndisclosed stolenUndisclosed records stolen2024National Public Data2.9B stolen2.9B records stolen2026NHS ScotlandUndisclosed stolenUndisclosed records stolen2026HertzUndisclosed stolenUndisclosed records stolen2025Marks & Spencer9.4M stolen9.4M records stolen2025PayPal35K stolen35K records stolen2025Jaguar Land RoverUndisclosed stolenUndisclosed records stolen2025Co-operative GroupUndisclosed stolenUndisclosed records stolen2024National Public Data2.9B stolen2.9B records stolen2026PowerSchool62.4M stolen62.4M records stolen2026DISA Global Solutions3.3M stolen3.3M records stolen2026Globe Life850K stolen850K records stolen
View All →
Firevault Legal Playbook

Close the File. Protect the Record.
A playbook on file closure, retained legal records and offline custody for UK law firms.

A 28-page playbook on file closure, retained legal records and offline custody for UK law firms, governance, retention and retrieval for private client, corporate, real estate and disputes work.

28 pages
20 min read
Managing and senior partners
Close the File. Protect the Record. cover

Get the playbook

Emailed to you within a minute

Email-gated GDPR compliant

Foreword

Legal firms are used to managing live work with discipline. The harder question is what happens when the matter finishes. The file still contains confidential information, client property, original documents, undertakings, future dates, personal data, privilege, billing evidence and decisions that may need to be proved years later. This playbook sets out how Offline Secure Storage can support a stronger file-closure model: named ownership, controlled access, deliberate retention, clear retrieval and evidence that the record has not simply been left in connected sprawl. Protecting the retained legal record is a governance decision, not a storage afterthought.

Mark Fermor · Co-Founder, Firevault

What's inside

7 parts. Written for the people who own the decision.

Each chapter opens with the decision it exists to help you make, and closes with the evidence you should expect back.

01

The case for offline legal custody

The boardroom decision in a single page: closed matters should move from working file to controlled custody, not drift into shared storage. Close, seal, prove.

  • Working file becomes governed retained record on closure
  • Custody is a control point with named owner and evidence trail
02

Matter end and file closure

Closure is where operational discipline, client duties and data protection meet. Client duties, record integrity and risk position all reconciled before archive.

  • Closure is a governance decision, not an admin afterthought
  • The firm should prove closure was completed, not assumed
03

Risk patterns and closure control

The four patterns firms inherit when completed matters stay in the connected estate, boundary drift, permission sprawl, weak archive logic, retrieval confusion, and the control map that fixes them.

  • The greatest risk is the retained record nobody owns
  • The retained record needs a custody model, not another shared folder
04

The closure evidence pack

A signed checklist turns process into evidence: matter complete, client informed, finance clear, retention set, custody arranged, destruction rules recorded.

  • Six control areas apply consistently across practice areas
  • A policy without ownership becomes shelfware
05

Retrieval and offline default

Retrieval as a controlled window, not a standing door. Request, approve, open, record, close, and the storage layer returns to an offline state.

  • Access is an event: identity-bound and time-boxed
  • The retrieval record matters as much as the retrieved file
06

The 360 Vault map and Butterfly model

A governed custody layer with named entry and retrieval routes across private client, corporate, real estate, disputes, external rooms and leadership, bridged to live work by the Butterfly model.

  • Every sensitive record sits in its own governed space
  • Closure is not the end, it is the handover between wings
07

Practice-area custody

Match custody to the matter. Private client for records that may outlive the client, corporate for deal-critical evidence, real estate for title continuity, disputes for evidence and continuity.

  • Different practice areas carry different evidence and retrieval risks
  • Custody design should reflect the matter, not the folder tree

Who it's for

Read it if you're accountable for the decision.

  • Managing and senior partners
  • COLPs, COFAs and risk partners
  • General counsel and heads of legal
  • IT, information governance and records leads

Sectors we hear from

Legal & professional servicesBarristers' chambersIn-house legalNotarial and trust practices

Frequently asked

Questions leaders ask before requesting.

Something else on your mind? Reply to any Firevault email or write to mark@fire-vault.com.

More Firevault playbooks

Board-level control blueprints.

Each playbook is written for the people who own the decision, practical, UK-grounded and free to request.

Ready to read it?

Request Close the File. Protect the Record.. It lands in your inbox within a minute, tied to your email address. No download, no fuss.

    Your privacy matters

    We use cookies to keep the site running smoothly and to understand how you use it. You are in control. Privacy Charter · Cookie Policy