COMPLIANCE DATA MANAGEMENT SYSTEMS AND METHODS
BACKGROUND OF THE INVENTION 1. Field of the Invention
The present invention relates generally to a data management system for use on a system of networked computers and, more specifically, to systems and methods for managing compliance data over the Internet. 2. Description of Related Art Computer systems in general are known. Elements of a general computer system are shown in Fig. 1, wherein processor 101 is shown, having input/output ("I/O") section 102, central processing unit ("CPU") 103, and memory section 104. I/O section 102 may be connected to keyboard 105, display unit 106, disk storage unit 109, and CD-ROM drive unit 107.
CD-ROM unit 107 may read a CD-ROM medium 108, which typically contains programs and data 110. Processor 101 may be connected to the Internet via connection 120. Once connected to the Internet, users may access public information via a World Wide Web ("WWW") interface. Web sites, which comprise one or more web pages, on the WWW may be accessed and viewed using a web browser from anywhere in the world.
Web pages may contain data, which is pertinent for public usage. One type of public data is compliance data, such as data relating to regulations, guidance documents, and/or international and domestic standards. Compliance data may be generated by governments, regulators, agencies, national or international bodies, and like sources, and is utilized by the public for personal, commercial, or industrial applications. Compliance data informs, instructs, or guides users to act in accordance with a compliance authority's rales or expectations, e.g., a product manufacturer, such as a drag or medical device manufacturer, establishes procedures for shippers or couriers to eliminate or reduce mix-ups, damage, deterioration, contamination, or other adverse effects to a product during handling. However, because compliance data may be generated at a plurality of locations and by numerous sources, e *., a plurality of remote web pages and sites on the Internet, a user is burdened by a large amount of navigation over the Internet or time consuming research through printed documents, or both. Further, a user may have to filter the compliance data of interest from large amounts of unwanted or unnecessary information. Moreover, compliance data may lack detailed organization or may be presented in data formats, which are cumbersome and not user friendly. Moreover, a user may not be familiar
with a compliance data source's administration policy, e ^, a government agency's inspection policy, and may not have sufficiently developed database skills to locate the compliance data of interest. Thus, the current distribution and organization of compliance data makes it difficult for users to gather and utilize the compliance data in a beneficial or efficient manner. Thus, compliance costs increase, and the time required of a manufacturer to get a new product to market increases.
SUMMARY OF THE INVENTION
In an embodiment of the invention, a computer system for managing compliance data is disclosed, comprising: means for gathering compliance data from one or more locations; a workstation comprising: means for supplementing and formatting a portion of the compliance data creating modified compliance data, a storage device for storing the modified compliance data, a database for organizing the modified compliance data based on a classification scheme relating to types and business applications of the compliance data, and a communication device for transmitting the modified compliance data from the workstation to a data server. The data server comprises a communication device for receiving the modified compliance data from the workstation, means for electronically providing the modified compliance data over a network to remote communication devices, and a communication network for connecting the locations of compliance data, the workstation, the data server and the remote communication devices. hi another embodiment, the invention is a method for managing information over a system of networked computers. Compliance data is gathered either manually or automatically from at least one compliance source located at one or more remote locations. The gathered compliance data is supplemented with organizational data and formatted to create modified compliance data. The modified data is stored in a publicly inaccessible database and classified according to a classification scheme relating to types and anticipated uses and business applications of the compliance data. The modified data is transferred from the publicly inaccessible database to a public data server. The public data server electronically provides the modified compliance data to remote communication devices over a system of communication network. It is an object of the invention to allow users to access compliance data from multiple sources in one convenient forum and to allow users to find information and products from separate sources, allowing them to act on and manage such data in an efficient manner. It
is a feature of the invention that compliance data is gathered from one or more compliance data sources, stored within a database, and electronically provided to compliance users at one data server. It is an advantage of the invention that the cost of compliance may be reduced and the time required to bring a product to market may be reduced. It is an object of the invention to provide users with compliance data in a manner that is easier to comprehend and utilize. It is a feature of the invention that the compliance data be organized and presented based on a classification scheme relating to the types of data, types of users, and the anticipated uses and business applications of the compliance data. It is another feature of the invention is that a central repository is provided to users to eliminate the need to search in multiple locations for the data. It is an advantage of the invention that users may locate and act on data faster and more efficiently, thereby saving them time. Another advantage of this invention is that it provides users with a "real- world" organization of compliance data that is directed toward anticipated uses and business applications, e^g., the procedures required for submitting a new drug to the Food and Drug Administration, prior to manufacturing, or the inspection requirements of a medical device after manufacture, sale, and installation, as opposed to the way a government agency may need the compliance data.
Other objects, features, and advantages of the present invention will be apparent to those skilled in the relevant art from drawings and the description of the preferred embodiments, which follows, or may be learned from the practice of the invention.
BRIEF DESCRIPTION OF THE DRAWINGS
The present invention may be further understood from the following description and the accompanying drawings, in which:
Fig. 1 depicts a general distributed, PC-based computer system. Fig. 2 is a schematic of the data management system according to an embodiment of the invention;
Fig. 3 is an operational flowchart of an embodiment of the invention;
Fig. 4 depicts an organization of modified compliance data electronically provided to users of the invention; Fig. 5 depicts a compliance data classification scheme according to an embodiment of the invention;
Fig. 6 depicts a presentation scheme according to an embodiment of the invention.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS Compliance data comprises information that is publicly available, for example,
Food and Drug Administration ("FDA") regulations at http://www.fda.gov/, Occupational Safety and Health regulations and standards at http://www.osha.gov/comp-links.html, Import and Export Expectations via the U.S. Department of Commerce at http://www.mac.doc.gov/tcc/, Environmental Protection laws and regulations via the U.S. Environmental Protection Agency ("EPA") at http://www.epa.gov/epahome/lawreg.htm, printed books and research reports located at a depository, and the like. An example of compliance data is U.S. environmental protection laws and regulations contained within the Code of Federal Regulation related to Title 40: Protection of Environment, which may be found at http://www.epa.gov/epahome/cfr40.htm. Compliance data, particularly standards, include information that serves as a rule for making judgements or as a basis for comparison, infonnation authorized as the measure of quantity or quality, or information that serves as a standard or basis. Compliance data also may comprise non-published data, such as information relating to the knowledge and products of a private company which may be provided to its customers or those authorized by the company. Further, compliance data includes any information directly relating to the regulations, standards, expectations, compliance issues, data regarding knowledge and products, and the like; e.g., discussions or news about regulations.
Fig. 2 illustrates a data management system. The environment, in which the invention is used, encompasses general distributed computing systems, wherein general purpose computers, workstations, or personal computers are connected via communication links of various types to a distributed network such as the Internet, a local area network ("LAN"), intranet, or combinations thereof. Compliance data is generated by compliance data sources at one or more locations 210 on the network. This compliance data is gathered from locations 210 and is then modified, classified, and stored, according to the method as discussed hereinafter, within relational database 220 implemented on a workstation or computer. Such a workstation or computer may be accessible to only administrators of the workstation and not the general users, as will be explained hereinafter. The modified compliance data is transferred to public data server 230, ej^, Internet service provider ("ISP") or WWW server, and made available to one
or more users at locations 240. A user has a remote computing or communications device, or data receiver at location 240, e^g., personal computer, web phone, handheld data organizer, or the like, which may be connected to the communications network via a modem, Ethernet connection, wireless connection, or any other type of data communications link. Referring to Fig. 3, a method of compliance data management according to the invention is presented. Compliance data is generated, or published, or both, (step 310) by one or more sources, e.g., FDA, at one or more locations, ., http://www.fda.gov/. The compliance data then is gathered (step 320) from the various sources and locations. Step 320 may either be performed manually or automatically by a computer routine or application. Manual gathering comprises the scanning of printed compliance documents into digital or other machine readable and storable format. Once the compliance data is gathered from the one or more locations, a portion or all of the gathered compliance data is modified (step 330). Modification may include one or more of the following steps: supplementing the gathered compliance data with organizational or other cataloging data, e.g., data used to organize the compliance data into specific categories, examples of which are provided hereinafter; formatting the gathered compliance data, e^g., changing the display arrangement or appearance, or the specified code format of the data; and removing unnecessary or non-pertinent information within the gathered compliance data. Step 330 may be implemented by a computer application, such as a text editor or word processor. The modified compliance data then is classified and stored (step 340) into a relational database based on a classification scheme relating to types and anticipated uses and business applications of compliance data. The relational database is implemented using a structured query language ("SQL") or any programmable database language or application. Once the compliance data is organized into a database, e.g., the modified compliance data is ready to present to users, the data is transferred (step 350) to a web site or public information server. The modified compliance data is displayed (step 360) electronically to users connected on the network.
Alternatively, step 330 maybe omitted, i this embodiment, the compliance data displayed at step 360, will be identical to the compliance data gathered at step 320.
Users communicating with the public data server, via device at locations 240, are prohibited by a computer application from downloading, printing, or receiving, e&, receiving a copy on a mass storage device, a portion of the displayed compliance data on the data server unless authorized or allowed to do so. A user may become authorized to receive data by
subscribing via the payment of fees or by the registration of user information, or both. Software executed on the data server is used to subscribe and register users. Other portions of the displayed compliance data can be downloaded or printed without authorization.
Users may upload compliance data to a storage area on the public data server. Upon receiving the uploaded compliance data at the public data server, the data is then transferred to relational database 220 where it is then modified, stored, transferred back to the public data server, and presented according to respective steps 330, 340, 350, and 360.
The displayed compliance data may be customized according to an individual user's preferences, e.g., display options, such as, a preferred presentation format or immediate display of frequently used compliance data. A user may configure the display preferences based on user group types or through the user's own submission and interaction with public data server 230. Alternatively, user preferences may be set automatically by a computer application which monitors user traffic, log patterns, usage history, and the like.
The data stored within the database may be transferred at specified time intervals, e^ ., daily or hourly, to a public data server. Therefore, data may be entered or changed at the database without direct interaction with the data server. Further, synchronization between the database and public data server is regularly performed to insure that the public data server maintains accurate and current information. Synchronization is performed manually or in an automated fashion via software. Information security also is of importance, hi an embodiment of the invention, the relational database is publicly inaccessible and is password protected at the administrator, management, and data entry levels via software. The general public is prevented from accessing the database on the back-end side of the web site.
The user may access the modified compliance data at step 360 in a format that the user efficiently comprehends and understands via the use of a compliance data classification scheme based on a manner of presenting information from a "real-world" viewpoint that addresses the business applications and anticipated uses of an end user, as opposed to the needs of a government agency. Fig.4 displays a general overview of how the compliance data maybe made available and presented to users according to at least one of the following elements: 1. Classification of Compliance Data (Knowledge): Managing the data by a classification scheme, via the database, and presenting it in a "real-world" viewpoint that is directed toward the anticipated uses and business applications of compliance
data, in addition to presenting compliance facts, information, and products. For example, displaying all compliance requirements for selling, producing, disposing, or importing x, wherein x may refer to a product, e.g., drug, medical device, or any manufactured product. 2. Common Areas of Compliance Usage (Community): Teaching users of a common interest in a particular type of compliance through a focus on common problems and concerns and frequently asked questions, and on matchmaking common interests. Users may interact and network via an Internet chat session.
3. Pooled Compliance Resources (Process Outsourcing): Outsourcing business processes of interest to a group via the Internet or intranets to allow a group of users to focus on their specific needs. Compliance tools or solutions are provided to a common task, such as bringing a drug to market, that may be accessed from anywhere and used by all who need to perform that task.
4. Improved Compliance (Learning): Teaching users about compliance, how to become compliant, or to how to improve compliance implementation by providing tutorials that are Internet and intranet based and that focus on compliance management directly related to a group of users with common interests, for example, teaching users why a specific requirement exists.
5. Business Compliance (Infrastructure Support): Focusing on business applications of compliance data. Providing a mechanism that allows businesses and consumers to communicate with each other, for example, suppliers who want to sell to a market may advertise or sell their products. Addressing compliance issues relating to business-to-business-to consumer commerce that connects a group of users with common interests, for example, raw material suppliers to manufacturers to end-user consumers.
Fig. 5 depicts a compliance data classification scheme according to an embodiment of the invention. The figure is divided into left and right halves representing, respectively, "The Back End" and "The Front End" of the system. The Back End refers to the components of the system not accessible to the end-users and the steps prior to step 360. The Front End refers to the data server and step 360. On the bottom of the figure, from left to right, the general steps of gathering, classifying, and modifying the compliance data are shown. After the compliance data is gathered, and modified according to the above method, the data is
classified according to a scheme based on the categories presented on the left side of the figure. In this embodiment of the invention, the classification scheme comprises 13 main categories for organizing the various kinds of gathered compliance data.
The main categories for classifying the gathered compliance data are described as follows. 1) Type of industry, e j., medical, nuclear, and aerospace, in which the compliance data is applicable. 2) Type of compliance subject, e^g., medical device, nuclear facility, or passenger airplane, that the compliance data addresses. 3) Continent(s) where the compliance subject is developed and manufactured, e^ ., North America, Asia, Europe, or combinations thereof. 4) Continent(s) where the compliance subject is used. 5) Source of the compliance data, C ., international standard, national law, guidance document, tool, book, or the like. 6) Continent(s) of environmental impact of the compliance subject. 7) Countries where the compliance subject is developed and manufactured, e^g., United States, Japan, or both. 8) Countries where compliance subject is used. 9) Countries of environmental impact of the compliance subject. 10) Compliance requirements for subject prior to, during, and after the use of the subject, e.g., submissions to have subject approved prior to use or inspections of subject during operation. 11) Common elements of compliance requirements for subject, e^g., types of testing or reporting. 12) Business compliance needs for before, during, and after use of subject, e.g., the answers to question, such as what needs to be done for subject to become compliant, why it needs to be done, and how it may be done. 13) Perspectives of the end-users for before, during, and after use of subject, e^ ., how the data is viewed by compliance authorities, manufacturers, consumers.
The above categories address the anticipated uses of compliance data and are applicable to most or all types of compliance data. Further, through the implementation of the classification scheme, users may efficiently find the answers to a wide variety of questions arising from the applications of compliance data. For example, the invention provides a centralized source for users to acquire the answers to at least the questions listed in the right half of Fig. 5.
Specifically, in view of the five general categorical elements described above [i.e., those labeled
Knowledge, Community, Learning, Process Outsourcing, and Infrastructure Support] the invention provides detailed answers to knowledge type users questions, such as, what are the sources of compliance requirements, what is an overview of the source documents, and what requirements are in the documents. Further, the invention efficiently provides the data to answer community type user questions, such as, what are others doing and who may help, e^g., business
or government services. Moreover, the invention manages data addressing learning type user questions, such as, how does a user use those requirements and how does a user tailor those requirements for unique needs. In addition, the invention manages data to answer support type questions, such as, what may a user use or buy to make compliance easier and what best practices can a user employ to improve compliance.
Fig. 6 depicts a hierarchical presentation scheme according to an embodiment of the invention. This embodiment is given as an example for the purpose of understanding the underlying basis of the invention. Depicted is compliance data presentation template 400, applicable to, for example, a web site comprising a plurality of web pages on public data server 230. For the purposes of the following discussion, a web site is used as an example of one of many implementations of a data presentation template. Nevertheless, the present invention may be implemented on any type of hierarchical type of information distribution system.
The modified compliance data, which is to be displayed or presented on the web site, is stored within the relational database using tables, which are referred to as database tables ("DBT"s). The DBTs are linked to or accessed by one or more web pages and vice versa. The modified compliance data is displayed according to viewpoints relating to a user's experience in compliance requirements, for example, for those who are very knowledgeable in a particular area and may perform a 'search' on exactly what is needed, or for novices who may have to repeatedly select by viewing all the possible selections, to understand the compliance data, e.g., compliance expectations.
Home 405 is a starting point or homepage for users to access public data server 230. Home 405 is linked to data contained within database table 410, e.g., DBT#1. Home 405 also provides links to other web pages, such as web pages 415, 420, 425, 430, and 435, which contain information and data regarding particular compliance data applications. In an embodiment of the invention, web page 415 contains a tool for searching the entire web site. Web page 420 contains information pertaining to web site news and links to specific sub-topics, such as, becoming a subscriber of the web site, or news. Web site 425 is linked to data contained within DBT#2 and DBT#4 at link 440. Web site 425 also is linked to web pages relating to specific categories of the modified compliance data, such as the following topics: required or voluntary submissions, inspections, compliance, designing, trends, hot topics, law/liability, and best practices. Each of these web pages has a link to a database table. As shown, web page 445,
relating to submissions information, is linked to table 450, ej*., DBT#19, and web page 455, relating to inspections information, is linked to table 460, e^g.. DBT#20.
For example, table 460 may contain fields associated with sub-topics such as: inspections to recognized standards, general inspections, 'for cause' inspections, routine surveillance inspections, pre-market inspections, quality systems inspections techniques, hazard analysis critical control points, and guidelines for inspections.
Data classification scheme and presentation template 400 is presented as an example of a possible embodiment of a data presentation template, e j., design of a web site, however, presentation template 400 maybe modified to accommodate different compliance data or various viewpoints and perspectives of the users.
Data presentation template 400 may be implemented in part using Extended Markup Language (hereinafter "XML"), Hypertext Markup Language (hereinafter "HTML"), the object-orientated programming language JAVA (a registered trademark of Sun Microsystems, Inc.), or any other suitable programming language. While this invention has been described with reference to illustrative embodiments, it is to be understood that this description is not intended to be construed in a limiting sense. Modifications to and combinations of the illustrative embodiments will be apparent to persons skilled in the art upon reference to this description. It is to be further understood, therefore, that changes in the details of the embodiments of the present invention and additional embodiments of the present invention will be apparent to persons of ordinary skill in the art having reference to this description. It is contemplated that such changes and additional embodiments are within the spirit and true scope of the invention as claimed below.