Compliant records and backdated ones are forensically identical.
ISO 9001:2015 Clause 7.5.3 requires documented information to be protected from unintended alteration, but altering a file leaves no detectable trace unless an independent timestamp of the original already exists. When a product recall, HSE inspection, or product liability claim demands to know when your risk assessment was last reviewed, when that CAPA was closed, or whether your supplier qualification was current at the time of manufacture, file metadata is the only answer, and it is editable by any system administrator in seconds.
Companies have already paid the price.
Where immut earns its keep in manufacturing.
Every one of these activities already happens in your quality, safety, and production teams. immut adds a layer of independently verifiable proof to each one.
Producing and maintaining COSHH and PUWER risk assessments for every hazardous substance and piece of work equipment across the site.
Timestamp each risk assessment at the point of sign-off. When an incident occurs and the investigation asks whether the risk assessment was adequate and in force at the time, the blockchain record shows its exact date of existence, independently of the file's own metadata, which any administrator can alter.
Tata Chemicals Europe was fined £1.125M (HSE, June 2024) after an investigation found that no permit was in place for hazardous work and risks had not been properly assessed. The company had previous prosecutions for the same site. The question in every HSE prosecution is not whether you have risk assessments today, but whether they existed and were adequate at the time.
Three steps. Seconds per file.
Hash the file.
immut generates a SHA-256 hash of your file on our servers. For sensitive workloads, dedicated servers are available so files stay inside infrastructure you control.
Record on the public ledger.
The hash is committed to the XRP Ledger, a public blockchain, with a precise timestamp.
Timestamped certificate.
immut returns a certificate of the record and its timestamp. Blockchain-anchored evidence of this kind has been accepted in courts across 88 countries and 171 jurisdictions.
immut sits under the records your quality and safety teams already produce, in any tool. Files stay where they live; immut writes the proof that anyone can verify.
Proof that satisfies the four properties regulators and courts require.
Timestamped at the moment of creation.
Any change after creation is detectable by mathematics.
A regulator, auditor, or court can verify without trusting you or your vendor.
Blockchain-anchored timestamps of this kind have been accepted as legal evidence in 88 countries across 171 jurisdictions.
Prove it without publishing it.
Because only the hash is ever made public, tooling designs, process parameters, and manufacturing know-how can be proven to exist on a given date without disclosing the underlying file. Public proof. Private work.
How immut protects manufacturing IP →