Challenges of Large-Document Management in Highly Regulated Environments

Photo by chuttersnap on Unsplash

All organizations are regulated.

Many organizations have minimal regulation and few, if any compliance, issues regarding documentation, beyond the proper attribution of copyright and trademarks.

But other organizations, especially those with very complex products and services, which often operate in a highly regulated environments, need to be ready to invest much, much more in large-document management in order to stay within the laws or even stay in business.

In this article, Alexandre Loukakos, CEO of DocTech, reflects on the history and trends of large-document management in highly regulated environments. He offers some guidance for choosing tools to support it in an upcoming piece.

The concept of regulated environments might be thought of as a continuum, depending on how broadly one defines an industry. Alexandre notes as an example that “‘medical supplies” can range from selling medical supplies that are not really regulated (reselling pre-packaged band aid products) all the way up to producing medical supplies such as MRI scanners.”

Generally speaking, the more that human lives or public safety are at stake, the more regulated the industry will be, and the more detailed scrutiny of the company’s documentation will be required. A regulated environment usually refers to an industry that requires its members to continuously conform to specific laws and/or standards around operating in that industry. Players in the most highly regulated environments establish detailed quality systems and processes to maintain pre-defined quality standards.

Alexandre defines large documents as those comprising 500 to 10,000 pages depending on the content, e.g., the amount of text versus the number of images.

The Evolution of Industry Regulation

In fact, Alexandre says, some industries have regulated themselves from their beginnings, such as aerospace, ground transportation, and pharmaceuticals, even in cases where “no lives are at stake, such as banks” And the growth of government regulation has expanded as industry has grown for several key reasons.

Some industries, such as commercial drone activities and e-commerce, emerged without self-regulation, but came to it as more players entered, and safety, security, logistical and other concerns appeared. At the same time, governmental organizations, sometimes slower to identify the risks associated with an industry’s development, start to add regulatory and compliance requirements to address these concerns. Financial institutions, for example, saw significant increases in regulation as a response to financial crises like the 1929 stock market crash and the 2007 meltdown. Thus, players in emerging or rapidly evolving industries face additional challenges related to keeping up with the pace and volume of regulatory changes from various government and industry sources.

Other industries, particularly those that are more mature and well developed, may be less regulated. However, the companies in the supply chains for these industries find that “conforming to a given quality standard brings a lot of savings, synergies and efficiency gains that help them remain competitive,” Alexandre notes. “A good example is a consumer goods manufacturer where production and maintenance of user manual editions can be cumbersome, time consuming and very error-prone. As such, problems in document maintenance ultimately reflect poorly on the product.” In addition, less regulated industries feel the impact of the trend towards traceability and increased reporting.

He observed that some industries are so regulated that their players are reluctant to conform to any standard. The legal profession is a good example of such an industry, where practitioners are bound by laws and regulations, but industry standards regarding large-document management are non-existent. “As a result, small law firm—and some larger ones—tend to be overly dependent on word-processing applications, and don’t see the productivity gains they could have with an appropriately scaled document and content management solutions.

Drone Warning: Photo by Martin Sanchez on Unsplash

Photo by Martin Sanchez on Unsplash

When asked whether and how regulated environments differ in the US, Europe, China and other regions, Alexandre says, “In truth, they are not all that different. Languages differ, certainly, as do geographic operational constraints. But development of international standards in such industries means that overall goals remain the same, even if implementation varies.”

An International Standard is a governance method applying uniformly across borders, allowing only for differences in adaptation where company specific operational or geographical constraints prevail. Alexandre finds that in most, if not all cases, such adaptations must be clearly documented and demonstrate that this adaptation is necessary to achieve the standard’s original intent.

Most standards were, for a long time, “wide but not deep.” He clarifies by noting that international standards were “wide in their definitions and field of application, but rarely went deep into operations.”

Development of new, more complex international standards occurred because:

  • Regulatory bodies recognized that their standards were too generalist, and they often saw that their own quality systems would benefit from greater specialization. Hence a standard such as ISO9100, which addressed quality management systems, gave birth to industry-specific standards like ASD9100 which addresses quality management systems in aviation, space and defense.
  • The time and effort needed for technologies to catch up with the standard-required level of reporting created operational inefficiencies everywhere. This often killed the synergies that companies were trying to achieve, and as a result, organizations from top to bottom rejected the generalist standards.

Trends and Best Practices in Highly Regulated Large-Document Management Environments

Highly regulated environments typically have longer Product Life Cycles (PLCs), and Alexandre thinks that current conditions are beginning to force “a shift from desktop applications to client/server applications, believe it or not.”

He recognizes that larger organizations have not yet begun to focus on lightening end-user workload, and “some are still deploying tremendous energy into inefficient processes and adding a thick coat of reporting to that, all using word processors and exchanging big word files on a cloud by email with a long distribution list—that gives these abused servers a run for their money.”

But smaller market players have a definite need for more efficiency as a matter of business survival. These smaller players look to reach a compliance level that makes them eligible to penetrate new markets. Others lack the workforce or finances to deploy a group of 30 or more people on a project, and feasibility demands they make do with three or four people to manage distribution of updates to hundreds, even thousands, of end users.

Highly regulated industries have product release processes that include an approval process that varies by project size and the department involved. Each project and/or department within the organization establishes its own document approbation and distribution processes. These organizations turn to solutions like those offered by DocTech to automate approval notifications, and to create cloud storage processes that automatically distribute the newly approved revisions and reminders. They also can streamline the approval process in how they handle disapprovals and resubmissions, showing only those revisions that have yet to be approved during subsequent reviews.

Large-document management in highly regulated industries focuses on reducing the risks associated with failure to comply. Companies in these industries face investigations when they may have problem with a given law or when they see exposure of corporate responsibility as an emerging issue. Alexandre likens such investigations to an external audit. The investigating entity checks for compliance or (lack of) given a given and widely accessible standard, and it requires documentary evidence of compliance. When such evidence cannot be produced, companies face a breach of contract that can result in the loss of the contract or fines. If the breach creates damages to customers, suppliers or end users, they also face suits for liquidated damages, tort negligence or worse.

Conclusion

Companies, no matter whether they are large or small, can continue to thrive in highly regulated environments, when they focus on flexibility and efficiency in their large document management systems. Building or rebuilding a solution to meet the challenges requires a thoughtful and analytical approach to analyzing needs, identifying requirements, and deploying a system. We cover this in an article on Evaluating and Deploying a Large-document Management Solution.