Legal Forms Governance Standard

Governance controls

• State/specialty packs must retain immutable version labels and effective dates.
• Policy pack lifecycle transitions (archive/restore) are audit logged with actor and reason.
• Templates include source authority, source URL, revision date, and review-by date.
• Required-form gates block claim-readiness progression when mandatory legal forms are incomplete.
• Trigger-based forms (PIP, workers-comp, adverse-event, referral) are conditionally enforced.

Reference baseline

Security and risk governance align with OWASP API Security Top 10 (2023) and NIST AI RMF 1.0 plus NIST AI 600-1 (Generative AI Profile) as of February 8, 2026. Legal language still requires counsel approval before external customer distribution.