How should a solutions architect ensure that documents uploaded to a web application cannot be modified or deleted, in compliance with new regulatory requirements?