DYNAMICALLY GENERATING SITE SPECIFIC COMPLIANCE PROGRAMS
BACKGROUND OF THE INVENTION
1. Field of the Invention
The invention relates generally to a method and system for (1) the dynamic generation of site specific compliance programs from a generic compliance program using an expert system, and (2) administering and monitoring user adherence to compliance activities .
2. Description of the Art
Compliance refers to the act of complying with the many rules, regulations, guidelines, plans and the like developed by regulatory bodies, governments, industry, employee unions, consumer protection groups, etc. These rules and regulations include those to implement best business practice, to protect and manage financing and investments in public companies, to regulated the health care industry, and to protect the health and safety of people in their workplaces, homes and environment. Some of the most pervasive rules, regulation and guidelines have been establish by regulatory bodies such as the
Occupational Health and Safety Administration (OSHΔ) , the
Environmental Protection Agency (EPA) , the Department of
Transportation (DOT) , the Securities and Exchange Commission
(SEC) and Health Insurance Portability and Accountability Act
(HIPA) . These regulatory bodies have established rules,
guidelines and regulations which effect almost every person and business in the United States.
While the benefits to the welfare, health and safety of individuals, employees and the environment provided by these regulations are unquestionable, the effort's necessary for companies, employees and students to determine which regulations are applicable 'to them and to comply with the applicable regulations can be onerous. This problem is particularly acute for companies that may be subject to many different regulations, some of which may be applicable to one facility but not another.
Typically, a company must hire a consultant at great expense to (1) evaluate the activities of its businesses and employees at each of its locations and departments, (2) ascertain the regulations applicable to the companies activities and businesses, and (3) develop a compliance program in accordance with the applicable regulations. The company must then either administer and monitor the program itself or hire an administrator so as to adhere to the regulations governing its activities. Compliance with the regulations will typically require that each employee review a plan, take an exam, or engage in some other compliance activity. The administration of these activities must be done by the company or through a third party provider at further expense to the company.
Compliance programs may be manually developed on a location by location, department by department, and/or job by job basis, tailored to the site specific activities of each location, department or job. Alternatively, a general compliance program may be developed which covers all regulations whether or not applicable to a specific location, department or job. Each method has benefits and detriments.
Developing site specific programs for each location, department and/or job is currently very expensive. Development of a site specific plan requires a consultant or expert to repeat the steps outlined above for each and every site - visiting each site, ascertaining the applicable regulations, and developing a tailored site specific compliance program for each location, department and/or job. Although this method is likely to yield the best compliance program, the cost can be prohibitive. The costs are even greater when considering the need to modify and update each site specific program as rules and regulations, upon which the program was developed, are enacted, repealed, or amended.
The alternative of generating a single compliance program covering all company locations, departments and/or jobs can be less costly to prepare and maintain. However, the savings may be lost in a less effective compliance program in
which employees must study and review procedures and practices inapplicable to their location, department or job functions.
The ideal compliance program would comprise relatively low development cost, site specific programs that could easily be maintained and updated to reflect future rule and regulation changes. In addition, the compliance program would be coupled with a system for assignment of compliance activities, and for administering and monitoring of employee adherence to the assigned compliance activities. However, there are currently no i systems available for handling these tasks.
For the foregoing reasons, there is a need for a method and system for generating site specific compliance programs, assigning compliance activities to users, and administering and monitoring the users compliance with the i activities while doing so at a relatively low cost and with high ef iciency.
SUMMARY OF THE INVENTION The present invention fulfills the aforementioned needs and provides numerous features and advantages .
) In one embodiment, the method and system of the present invention uses an expert system in conjunction with a topic specific generic compliance program to dynamically generate topic specific, site specific compliance programs. A
topic specific compliance program may include a topic specific compliance plan and/or topic specific training course.
The topic specific generic compliance program is created and the content tagged to identify sections of issue specific content called issue specific modules. An expert system is created having a knowledge base and logic. The knowledge base contains questions and answers designed to identify which issue specific modules are applicable to a particular site. The logic then associates the questions and responses to applicable issue specific modules. The expert system and topic specific generic program form a component solution directed toward a particular topic of regulation.
Once a component solution is developed, a plurality of site specific programs may be generated by running the expert system. Running the expert system, interviews the user by asking questions from the knowledge base and receiving responses from the user. Based on the questions and responses, and using the logic, the expert system identifies applicable issue specific modules. This interview process identifies all applicable issue specific modules from the topic specific generic program. The compliance application server then generates a site specific program from the identified applicable issue specific modules.
According to one embodiment of this invention, the applicable issue specific modules are identified by providing pointers to applicable issue specific modules. The pointers point to the applicable issue specific modules in the topic specific generic compliance program. For each expert system run, a list of pointers to the applicable issue specific modules in the topic specific generic program is stored. The compliance application server then dynamically generates a site specific program by extracting and compiling the applicable issue specific modules from the topic specific generic program.
Another embodiment of the invention dynamically updates the site specific compliance programs by replacing or amending outdated issue specific modules in the topic specific generic compliance program with current issue specific modules.
According to a further embodiment of the invention, site specific information is collected from the user, stored, and dynamically incorporated into the site specific plan during generation. The site specific information may include, for example, identification of emergency equipment locations or ) emergency contact personnel .
Other embodiments of the present invention "further include knowledge maintenance. Knowledge maintenance is the method and system of maintaining adherence to the compliance program requirements by assigning compliance activities,
administering compliance activities, and monitoring adherence to the assigned activities.
Additional features and advantages of the present invention as well as the structure and operation of various embodiments of the present invention are described in detail below with reference to the accompanying drawings .
BRIEF DESCRIPTION OF THE DRAWINGS
Fig. 1 illustrates the system architecture of one embodiment of the invention.
Fig. 2 shows an exemplary registered user database.
Fig. 3 shows an exemplary component solution database.
Fig. 4 shows an exemplary site specific program database
Fig. 5 illustrates a topic specific component solution.
Fig. 6 illustrates a topic specific generic plan.
Fig. 7 illustrates a portion of an expert system tree.
Fig. 8 is a flow chart illustrating the method of creating a topic specific component solution.
Fig. 9 is a flow chart illustrating the method of creating a topic specific, site specific program.
Fig. 10 is a compliance application server site map.
Fig. 11 is a flow chart illustrating the method of handling users.
Fig. 12a illustrates the dynamic generation of a site specific plan.
Fig. 12b-12c illustrates the amendment of a dynamically generated site specific plan.
Fig. 13 is a flow chart illustrating the method of knowledge maintenance.
Fig. 14 is a block diagram illustrating direct and indirect assignment of activities t-o a user.
Fig. 15 illustrates the process of administering a training course activity.
DETAILED DESCRIPTION The present invention is described in terms of the above figures. This is for convenience only and is not intended to limit the application of the present invention. In fact, after reading the following description, it will be understood how to implement the present invention in alternative embodiments . 1. Introduction
In various embodiments of the invention, an appropriate method, system and computer software, are provided which implement the method and system of creating site specific compliance programs, assigning activities to users to satisfy compliance requirements, and administering and monitoring the users completion of the assigned activities as described herein.
In the method and system for generating site specific programs, (1) a topic specific generic program is created having a plurality of issue specific modules, and (2) an expert system is created having logic and a knowledge base containing a series of questions and responses. The expert system uses the logic to link questions and responses with issue specific modules.
Generation of a site specific program is accomplished by interviewing a user with these questions, responses and using the logic to identify the issue specific modules applicable" to the site. The modules are identified by pointers pointing to the modules location in the topic specific generic program. The pointers are then stored in a site specific program database having a record containing the list of pointers generated by each expert system run. The site specific program is then dynamically generated on demand by extracting and compiling the applicable issue specific modules from the topic specific generic program.
Dynamically generating the site specific programs on demand permits revisions and amendments to be easily made to all site specific plans simply by amending an issue specific module in the topic specific generic program. The amendments and revisions are accordingly dynamically incorporated into the site specific programs during generation.
The method and system further provides for a means of assigning compliance activities, and administering and monitoring adherence with the assigned compliance activities. For example, the method and system permits a user, such as a company administrator, to assign compliance activities '"to a user, such as an employee. The system further permits a company administrator to associate a user, such as an employee, with a job or user group, and to link activities to the job or user group through job requirements or user group requirement assignments .
Once users have been assigned compliance activities, the method and system can monitor and administer the completion of assigned activities, such as by administering training courses, monitoring time spent reviewing compliance plans, and the like. In addition, the system can monitor employee incidents or accidents and alter the employees activities in response thereto.
Certain embodiments of the present invention will now be described with reference to the figures. 2. Overview of the System
Fig. 1 illustrates one embodiment of a system in accordance with the present invention, where a compliance application server 110 exchanges information through a network 100 with server administrators 102, students 104, company
employees 107 and company administrators 108 (collectively "users"). Generally, the configuration allows the compliance application server 110 to communicate with users to develop site specific plans and training courses, to assign user compliance requirements, and to administer and monitor a users compliance with the assigned requirements.
As discussed above and illustrated in Fig. 1, the group of users who communicate with the compliance application server 110 include server administrators 102, students 104,'
I company employees 107 and company administrators 108.
The server administrator 102 manages the compliance application server, including registering students 104, companies 106, company employees 107 and company administrators 108, and maintains the registered user database 200, component
> solution database 300 and site specific program database 400. The company administrator 108 registers company employees 107, generates sites specific compliance programs by conducting interviews with an expert system, and creates, modifies and assigns jobs, user groups and activities to employees 107 to
3 meet compliance requirements. The company employees 107 and students 104 access the compliance application server 110 to review compliance plans, and schedule and take training courses online or offline.
The users communicate directly or indirectly with the compliance application server 110 via a network 100, such as, a local area network (LAN) , a wide area network (WAN) , an internet connection or the like, via a public switched phone network, dedicated data line, cellular network, Personal Communication System (PCS), microwave, satellite networks, cable or the like. 3. Compliance Application Server
In the embodiment shown in Fig. 1, the compliance application server 110 is implemented as a single general purpose computer as describe below. In another embodiment, the functionality of the compliance application server is distributed over a plurality of computers. In that embodiment, compliance application server 110 is configured in a distributed architecture, wherein registered user database 200, component solution database 300, site specific program database 400 and central processing units (CPU) 112 are housed in separate units or locations and are connected via a network connection as described above. It will be appreciated that an almost unlimited number of controllers may be supported. This arrangement yields a more dynamic and flexible system, less prone to catastrophic hardware failures affecting the' entire system.
Referring to Fig. 1, the compliance application server 110 is implemented as a single general purpose computer
including a CPU 112, random access memory (RAM) 113, read-only memory (ROM) 111, an input device 116, a communications port 115, a clock 114, and a mass storage device 120 for storing the registered user database 200, component solution database 300 and site specific program database 400. The CPU 112, comprises a conventional microprocessor such as an Intel Pentium processor electrically coupled to each of the compliance application server's other elements.
The CPU 112 executes program code stored in one or more of ROM 111, RAM 113 and mass storage device 120 to carry out the functions and acts described in connection with the compliance application server 110. The CPU 112 comprises at least one high-speed digital data processor adequate to execute program modules for executing the component solution development
'< process, the knowledge maintenance process, the topic specific, site specific program generation process, and user handling process. These processes are described in connection with Figs. 8, 9 and 11. The CPU 112 interacts with ROM 111, RAM 113 and mass storage device 12.0 to execute stored program code according
) to conventional data processing techniques.
According to one embodiment of the invention, each interface device 103, communicating with the compliance application server 110, shown in Fig. 1 is a web browser based system implemented as a single interactive visual display device
such as a general purpose computer, a personal digital assistant (PDA), or the like. There are many commercial web browser software programs that can enable the communications required by the interface devices 103 with the compliance application server 110, the primary function being transmission and reception of data through the network 100 and presentation of data to the users. Examples of such software programs include the Netscape Navigator browser by Netscape Corporation and the Internet Explorer browser by Microsoft Corporation.
Each interface device 103 is capable of communicating directly or indirectly with the compliance application server 110. Communication between the interface devices 103 and the compliance application server 110 is electronic by means of a network 100 and includes a conventional high-speed connection employing known communication protocols, such as TCP/IP, and is capable of decrypting and encrypting data received and transmitted between the nodes to secure transmissions using known protocols, such as secured socket layer (SSL) server certificate technology.
4. Database Formats
As discussed above, the compliance application server 110, includes a mass storage device 120 for handling storage and retrieval of information and data used to generate site specific
programs, administer the compliance programs and monitor employee compliance with program requirements. The organization and storage of data used in these processes will now be discussed in- detail with reference to exemplary database structures shown in Figs. 2-4.
Samples of the contents of the registered user database 200, component solution database 300 and site program database 400 are shown in Figs. 2-4-, respectively. The organization of these databases, including, specific data and fields illustrated in these figures represents only one embodiment of the records stored in the databases. Moreover, it should be understood that the databases themselves are only representative, that the information contained therein could equally be consolidated into fewer databases or divided up among more databases, and that the databases and their contents could be distributed among one or more storage devices.
Referring to the exemplary databases illustrated in Figs. 2-4, sample registered user records are shown in rows 230- 236, sample component solution records are shown in rows 340- 344, and sample site program records are show in rows 430-432, respectively. The columns 210-220, 310-330, and 410-420 of each database correspond to the data fields of each record in the respective database. As with the organization of the database themselves, it is to be understood that the data and fields
within the databases can be readily modified from the described embodiment and adapted to provide variations for operating the method and system described. Furthermore, each field may contain more or less information. For example, the contact information field 212 of Fig. 2 may be split into separate fields containing street address, apartment number, city, state, zip code, and phone number. In addition, some fields may have sub-fields or related fields containing additional details.
Referring' to the sample records illustrated in Figure 2, registered user database 200 contains data fields 210-220 corresponding to user 210, type 211, contact information 212, affiliation 213, site 214, departments 215, jobs 216, groups 217, activities 218, frequency 219, and incidents 220.
The registered user database 200 is used to identify compliance application server site users as registered users, to offer registered users personalized content specific to their jobs or user groups, and to monitor compliance with assigned activities .
The data fields for each record are populated with information provided by a user, such as the student 104, employee 107, server administrator 102 or company administrator 108. The user field 310 contains the registered user's name. The type field 311 identifies the user as a student 104, server administrator 102, or company administrator 108 or employee 107.
The contact information field 312 contains the address and phone number of the user.
The affiliation field 213, site field 214, department field 215, job field 216, group field 217, activities field 218, frequency field 219, and incidents field 220 primarily"apply to users affiliated with a company 106, such as employees 107 and company administrators 108. These fields are all used directly or indirectly in the administration, monitoring and assignment of compliance activities to users as will be discussed in detail below in conjunction with the knowledge maintenance process.
The affiliation field 213 identifies whether a user is affiliated with a company 106 by identifying the name of the company. The site field 214 identifies the company facility. or location where the employee works. The departments field 215 identifies the department where the employee works .
The job field 216, the group field 217, and activities field 218, are all used by the knowledge maintenance process to assign compliance activities to each user. The job field 216 identifies jobs assigned to the employee. The group field 217 ) identifies any user groups to which the employee is assigned. The job field 216 and group field 217 associate the employee to jobs or user groups which in turn have associated activities. The activities field 218 contains compliance activities assigned directly to the employee. These fields may contain subfields for
recording a users completion of each assigned activity. Alternatively, it should be understood that a separate database may be maintained to manage and monitor compliance activities assignments. Finally, the incidence field 319 identifies any accidents or incidents involving the employee.
Fig. 3 is an exemplary component solution database. The component solution database contains a record for each topic specific component solution. A topic specific component solution is a component solution for a particular regulatory topic, such as, blood born pathogens, confined space entry, hearing any noise, or the like.
Referring to the component solution database 300 shown in Fig. 3 each component solution 310 is comprised of an expert system 312, and a topic specific generic program 323.
The expert system field has two subfields, the knowledge base field 316 and logic field 322. The knowledge base field 316 is further subdivided into a questions field 318 and a response field 320 containing the questions and responses respectively used by the expert system. The logic field 322 contains the logic used by the expert system. It should be understood that these fields may be combined into one* field in a database record containing the entire expert system, or a command line or link may be stored to executable program code to run the expert system.
The topic specific generic program field 323 comprises a topic specific generic plan subfield 324 and topic specific generic training course subfield 326. The topic specific generic training course subfield 326, is further divided into two subfields, study materials 328 and test questions 330. The topic specific generic program field 323 and subfields store the topic specific generic plans and training courses having tagged issue specific modules.
Referring to Fig. 4, the site specific program database 400, is used to store the site specific program information generated by each interview process run with a component solution expert system. The site specific program database 400 contains data fields 410-420 corresponding to company 410, site 412, component solution 414, pointers to applicable plan modules 416, pointers to applicable training modules 418, and site specific information 420. The company field 410 identifies the company to which the site program relates. The site 412 identifies the company location, division, department or the like to which the site program relates. The component solution field 414 identifies the component solution for which site specific programs have been generated at each site. The pointers to applicable plan modules 416 and training modules 418 point to the applicable issue specific modules in each topic specific generic plan and
training course. The site specific information 420 contains site specific information such as emergency contact information, safety equipment location or the like to be incorporated into the dynamically generated site specific compliance plan. The use of this data will be discussed in detail below in conjunction with the site specific program development and generation processes.
5. Component Solution Structure
As illustrated in Fig. 5, a topic specific component solution contains an expert system 514 and a topic specific generic program 530 having one or both of a topic specific generic training course 526 or plan 528 elements. The topic specific generic training course 526 and plan 528 are composed of issue specific modules 526-1 through 526-N and 528-1 through 528-N respectively. The expert system 514 includes a knowledge base 516 and logic 522. The knowledge base 516 further includes a series of questions 518 and responses 520. The topic specific generic training course 526 includes study materials and test questions . Topic Specific Generic Program
Referring to Fig. 6, a topic specific generic program element is illustrated by an exemplary topic specific generic plan 528. The topic specific generic plan 528 represents a
comprehensive compliance plan covering all rules, regulations and polices relating to a specific topic. Examples of topics include forklift operation, blood born pathogens, confined space entry, etc. The plan is developed using industry and government recognized procedures for compliance with the rules, regulations and policies for the specified topic.
The topic specific generic plan 528 shown in Fig. 6 is tagged to identify issue specific modules 528-1 through 528 -N. The modules each identify a portion of the plan relating to"a site specific issue. For example, assume the topic specific generic compliance plan covers rules and regulations relating to forklift operation. Module 2 528-2 may relate to operation of a forklift outside and module 3 528-3 may relate to operation of a forklift in a ship's cargo hold. In this instance there is an issue relating to the place of operation of the forklift. Accordingly, these issues are tagged, and as will be discussed in detail below, expert system questions 518 are created to identify which issues apply to a site.
The issue specific modules 528-1 through 528-N are tagged by any known means, such as by using extensible markup language ("XML"), wireless markup language ("WML"), or the like, or by assigning each issue specific module to a data field in a standard commercially available database program, such as those available from Oracle, Microsoft, or Filemaker.
It should be understood that there are some portions of the topic specific generic plan 528 which may be generic to all plans regardless of any site specific issues, such as the plan title or an introduction. These portions are tagged as issue specific modules applicable to all site specific "plans . Alternatively, these portions may be part of a generic site specific form to which applicable issue specific modules are added during site specific plan generation.
In further embodiments of the invention the topic" specific generic plan includes links to purchase products related to the compIUiance program through an e-commerce site.
It should also be understood that the above example relating to a topic specific generic plan 528 is representative of and equally applicable to the structure and tagging of a topic specific generic training course 526 ■ including its corresponding course materials and test questions, or any other topic specific generic program element. Expert System
Referring again to Fig. 5, the expert system 514 is used to generate topic specific, site specific programs from the topic specific generic program 530. The expert system 514 is a program that emulates the interaction a user might have with a human expert to solve a problem. The expert system 514 used in the present invention emulates the interaction a company would
have with a regulatory or compliance expert in developing a site specific compliance program including compliance plans and/or training programs. The expert system 514 is comprised of (1) a knowledge base 516 having questions 518 and responses 520, and (2) logic 522 linking the questions 518 and responses 520 to issue specific modules 526-1 through 526-N and 528-1 through 528-N. The expert system 514 may be developed using any known conventional programming languages -such as Fortran and C, or expert system development tools or languages such as Exsys or CLIPS.
Fig. 7 is an exemplary illustration of a portion of the expert system 514. Each of the nodes 700-748 corresponds to a question 518 from the knowledge base 516. The branches to .the lower nodes represent decisions based on a user's response to the question 518. The logic 522 makes the decision as to which branch to follow based on the user's response.
As an example, assume node 700 is the question "Is painting done at this site?" . If the user responds "yes" the logic 522 will instruct the system to proceed to node 702 and ask the question "Do your employees use respirators?". Each of these questions and responses or a series of questions and responses identifies an issue specific module 526-1 through 526- N and/or 528-1 through 528-N from the topic specific generic program 530 that is applicable to the site. The expert system
514 is developed so that at the conclusion of the expert system interview, the system has used its knowledge base 516 and logic 522 to identify only the issue specific modules 526-1 through 526-N and/or 528-1 through 528-N from the topic specific generic program 530 that are applicable to the site for which the interview was conducted.
In addition to identifying the applicable issue specific modules, in further embodiments, the experts system 514 also prompts the user for site specific information 750 and "760 required for an applicable issue specific module. For example, if reaching node' 702 means that the site is engaged in painting, a request for site specific information 750 may ask ■ the user to identify storage locations of the paint and/or respirator locations. As will be discussed in detail below, this information will later be dynamically incorporated into the site specific plan or training course.
In alternate embodiments of the invention, the site specific information may be collected apart from the expert system after the interview process is complete. Component Solution Development Process
Referring to Fig. 8, step 805, a topic specific generic program 530 is created for each component solution 500, including at least one of a topic specific generic training course 526 or plan 528. In step 810, the topic specific generic
program is tagged, using XML or the like as described above, to identify issue specific modules 526-1 through 526-N and/or 528-1 through 528-N. In step 815, the expert system 514 is generated using any of the known methods as describe above. The expert system 514 links the questions 518 and responses 520 to tagged issue specific modules 526-1 through 526-N and/or 528-1 through 528-N in the topic specific generic program 530. In step 820, a topic specific component solution record is created and the component solution 500 is stored in the component solution database 300 of the compliance application server 110.
6. Topic specific, Site Specific Program Generation Process
Fig. 9, step 900 depicts the site specific program generation process. In step 905, a user enters the compliance application server home page via the user interface device 103. In step 910, the user chooses to enter the site specific program generation page. The compliance application server 110 then determines whether the user is authorized to generate site specific programs in step 915. In the illustrated embodiment of the invention, only a company administrator 108 or server administrator 102 is authorized to generate site specific programs. However, it should be understood that in alternate embodiments the company administrator 108 or server administrator 102 may also authorize other users to generate
site specific programs. For example, a company administrator 108 may authorize the head of each department or site to generate the site specific programs for their locations, departments and/or employees' jobs.
If the user is not an authorized user, an authorization denied message is displayed to the user in step 920. The user is then returned to the compliance application server home page .
In step 925, the user enters the components solution page and the available component solutions are displayed. As previously discussed, there may be a plurality of component solutions available, one for each topic of a rule, regulation, or policy. In one embodiment of the invention, only those component solutions that have been prepurchased are available to the user. In other embodiments of the invention, all component solutions may be available, and the company may be charged for each site specific plan generated from a component solution.
In step 930, the user selects from among the available components solutions to begin creating a site specific program 530. The selection may include the option to create a site specific training plan 528 or training course 526 or both. In step 935, the compliance application server 110 (1) prompts the user to identify the site, department or location for which the plan will be developed, (2) receives the user's response, and
(3) the expert system interviews the user by asking a series of questions 518 and receiving site specific responses. As discussed above, in one embodiment of the invention during the interview, the expert system also gathers site specific information, such as emergency contact person, first aid kit location, etc., to be incorporated into the site specific program. In other embodiments of the invention the site specific information may all be gathered at the beginning or conclusion of the expert system interview.
In step 940, the expert system identifies the applicable issue specific modules by providing a list of pointers pointing to each issue specific module's location in the component solution database 300. The process concludes in with step 945, wherein the compliance application server 110 creates and stores a site specific program in the site specific program database 400, including storing the site specific information in field 420, and the identified pointers in the pointers to applicable plan modules field 416 and pointers to applicable training modules field 418.
Generation of the site specific program, including a plan or training course is done dynamically as a plan or training course is requested by a user. The site specific plan or training course is dynamically generated by extracting and compiling the applicable issue specific modules from the topic
specific generic program 530. The details of generating site specific programs will be discussed in detail below with reference to the user handling process.
7. Site Map
In the illustrated embodiments of the invention, the compliance application server is a network based system wherein users access the compliance application server 110 via a browser base computer interface device 103. The compliance application server 110 provides a hierarchical arrangement of site pages for user navigation. The hierarchical site map is illustrated in Fig. 10.
As discussed above in conjunction with Fig. 9, the user begins at the compliance application server home page 1000. The compliant application server homepage 1000 has links to policies, procedures, plans and documents 1004, account management 1008, research and news 1012, products and supplies 1016, training 1020 and shopping cart 1024.
The policies, procedures, plans and documents page is accessible to the server administrator 102, the company administrator 108 and employees 107. This page contains user access to the previously generated site specific plans discussed above .
The account management page 1008 is accessible to the server administrator 102 and the company administrator 108. The account management page contains links to the knowledge management page 1028, reporting page 1032, organization management page 1036 and requirements management page 1040.
The knowledge management page 1028 contains links to the component solutions page 1060, plans page 1064, courses page 1068, news, FAQ's, documents, and research page 1072. The knowledge management page 1028 and its associated links permit the company administrator 108 or server administrator 102 to develop content for employees 107 and students 104. The component solution link 1060 permits the server administrator 102 or company administrator 108 to develop site specific plans and training courses as discussed above. The plans page 1064 permits the server administrator 102 or company administrator 108 to upload company plans prepared apart from the compliance application server. The courses page 1068 includes a list of courses generated by the company administrator 108 or server administrator 102 and available to the company employees 107. The news, FAQ's, document, research, page 1072 permits the company administrator 108 or server administrator 102" to create, modify, view, delete and organize documents and information in each of these categories for access by users.
The reporting page 1032 reports a company's activity with the system including, generation of site specific plans, registered users and assignments of activities to registered users, and users' compliance with assigned activity. The organization management page 1036 permits the server administrator 102 or company administrator 108 to assign security and access rights to users and to organize the company's structure including users-, departments and company site information.
The requirements management page 1040 permits the server administrator 102 or company administrator 108 to assign activities to users, jobs and user groups, assign jobs to users and user groups, and assign users to user groups. These assignments, will be discussed in greater detail with reference to the knowledge maintenance process discussed below.
The research and news page 1012 contains general news and research information relating to the compliance field and is accessible to all users including the server administrator 102, company administrator 108, company employee 107 and students 104. The products and supplies page 1016 permits the ordering of products and supplies related to compliance activities. Access to this page is also permitted by all users.
The training page 1020 permits access to the training courses, the training catalog 1044 containing a list of all
training courses, requirements 1048 listing the compliance requirements for the user, training history 1052 containing the user's past training history and the ability to register for a course 1056.
The ability to register for a course 1056 further includes the ability to take a course on-line when available. The on-line course may include a site specific course generated by the company administrator 108 or- server administrator 102 and assigned to the student 104 or employee 107.
8. User handling Process
Fig. 11, step 1100, depicts the compliance application server's user handling process with respect to the administration of a site specific plan or training course through the policies, procedures, plans and documents page 1004 and training page 1020.
In step 1105 the user enters the compliance application server home page 1000. In step 1110, the user navigates to the policies procedures, plans and documents page 1004 or the training page 1020 and selects to view a plan or take a training course. In step 1120, the system determines whether the user is a registered student 104 or employee 107. If not, the process proceeds to 1115, notifies the user that
access is denied, and then returns to the compliance application server homepage 1000 at step 1120.
In the illustrated embodiment, only registered students or employees may enter the plan or training course offering page. In other embodiments, the system may permit non- registered students, employees or visitors to enter the plan or training course offering page to try a demonstration. In yet other embodiments the system may register the student, employee or visitor.
If the student 104 or employee is a registered user, the process proceeds to step 1125. In step 1125, the plan page 1004 or training page 1020 offers available courses or plans to the user. Alternatively, the compliance application server may only offer the plan or training course activities that have been assigned to the user, as part of a compliance requirement.
In step 1130 the user selects a plan or training course from among the plans and training courses offered. In step 1135, the compliance application server 110 (1) dynamically extracts and compiles the applicable issue specific modules using the list of stored pointers for the chosen plan or training course, and (2) incorporates the stored site specific information, to create the site specific plan or training course for presentation to the user.
In step 1140 the compliance application server 110 transmits and administers the site specific plan or training course to the user. Administration of plans and training courses includes conducting online training and recording result, monitoring viewing time periods for study materials and plans, and the like. The details of the compliance application servers administration and monitoring of users compliance with assigned activities will be discussed below in conjunction with the knowledge maintenance process.
In step 1145, the user completes review of the plan or study materials, or completes the taking of a test. Subsequently, in step 1150 the compliance application server 110 records the user activity and returns the user to either the training page 1020 or policies page 1004 in step 1125. Site Specific Program Generation
The dynamic generation of a site specific plan or training course, is illustrated with reference to the exemplary site specific plan generation diagram of Figure 12a. Referring to Figure 12a, a topic specific generic plan 528 is shown having issue specific modules 528-1 through 528-N. Expert system 514-1 extracts and complies the applicable modules 1206 using the list of pointers 1202 previously identified and stored by the expert system 514 during the site specific program generation process. The expert system 514-2 adds site specific information 1208 to
the applicable modules 1206 to produce the site specific training course or plan 1212. The compiled site specific training course or plan is then transmitted to the user for display or printing through the interface device 103. Each time a user requests to view the training course or plan the site specific training course or plan is dynamically generated.
An advantage of this system is demonstrated by example with reference to Figs. 12b and 12c-. In Fig. 12a, a current topic specific generic plan 528 is shown being accessed by fine expert system 514 to dynamically generate a site specific plan 1212. Referring to Fig. 12b, the topic specific generic plan 528 represents the current version of the plan, including module 3 528-3, module 4 528-4, module 5 528-5, module 6 528-6 and module 7 528-7. Module 5' 528-5' represents a newly revised module 5 which has yet to be incorporated in the topic specific generic plan. Since the new module 5' is not yet part of the topic specific plan 528 the dynamically generated site specific plan 1212 continues to extract and incorporate module 5 528-5 as the current module.
Turning to Fig. 12c, module 5 528-5 of the topic specific generic plan 528 has been replaced with module 5' 528- 5' . The new module 5' 528-5' is now part of the current topic specific generic plan 528. Upon the next user request to view the site specific plan 1212 the expert system 514 again
dynamically generates the site specific plan 1212. The expert system 514 using the list of pointers 1202, extracts module 1 528-1, module 2 528-2, module 5' 528-5', and module 8 528-8, and combines them with the site specific information 1208 to form the dynamically generated site specific plan 1212. As'"shown the dynamically generated site specific plan 1212 now includes the revised module 5' 528-5' . In the illustrated embodiment the pointers 1202 to the applicable modules 1206 are not changed. In other embodiments the pointers may instead be change to point to the newly revised issue specific module rather than • the old issue specific module.
In one embodiment of the invention, the old topic specific generic plan module 5 528-5 is simply over written with the new module 5' 528-5' . In an alternative embodiment of the invention, module 5 528-5 is exchanged with module 5' 528-5' in the topic specific plan 528 and module 5' is stored in a revision history along with the date of the revision. In further embodiments of the invention the entire topic specific generic plan is copied to a revision history, dated and replaced by a new current topic specific generic plan. In the embodiments retaining a revision history, the current topic specific plan and training course having issue specific modules are stored in a first memory in RAM 113 or mass storage device
120 and the revision history is stored in a second memory in RAM 113 or mass storage device 120.
The benefit of storing the revision history is so that a plan or training course in effect on any prior date can be reconstructed in the future. This may be beneficial in litigation involving issues related to compliance activities wherein the plan or training course used at the time of an incident must be reestablished.
In further embodiments of the invention, the compliance application server 110 notifies all users when an issue specific module has been replace with an updated module. In other embodiments, the compliance application server, only notifies users who are assigned a site specific training course of plan that has had one or more of its issue specific modules updated. Notification is preferably via email but may also be via fax, phone, mail or the like.
9. Knowledge Maintenance Process
Referring to Fig. 13 the knowledge maintenance process permits activities to be assigned to users, and administers and monitors a users adherence to assigned compliance requirement activities. These processes are typically created and managed by a company administrator 108 who assigns activities to employees 107. Alternatively, a student 104, such as a nurse,
dentist, doctor or like practitioner not associated with a company, may assign activities to themselves to maintain compliance with regulatory requirements.
The knowledge maintenance process of assigning activities is illustrated by example in Fig. 13. The illustration is described by example with respect to a company administrator 108 setting activities and monitoring and administering activities for employees 107. In step 1305 the company administrator 108, establishes and creates a database of employees in the registered user database 200. In step 1310 the company administrator 108 assigns activities to each of the employees 107. Once the activities have been assigned to the users, the compliance application server can begin monitoring and administering the compliance activities assigned to each user as illustrated in step 1315.
The assignment of activities to users is illustrated by example with respect to a company administrator 108 and employees 107 in Fig. 14. As shown in Fig. 14 a company administrator 108 can assign compliance activities to its employees 107 in a number of ways.
An activity 1400 is an assignment to' Pe completed, such as taking a training course or reviewing a compliance plan in conjunction with satisfying or meeting requirements set by the compliance plan, rules, regulations, or company policy.
Examples of activities might include "take blood born pathogen training", "read compliance plan", or the like. An activity may have a completion date associated with it wherein the completion date may be a period of time within which to complete the activity, the frequency with which the activity is to be repeated, the date of completion, or the like. The completion date may be recorded in the frequency field 219 or as part of the activity assignment itself.
Activities may be assigned to each user either directly or indirectly. For example, a user is directly assigned and activity by adding the activity to the user requirements 1410 wherein the user requirements comprise a list of activities 1400 to be completed by the user. Activities are indirectly assigned to a user 1460 through jobs 1440 and user i groups 1450, wherein a user 1460 is linked to a job 1440 or user group 1450. Each job 1440 linked to a user 1460 in turn has associated job requirements 1420 comprising a list of activities 1400. Each user group 1450 linked to- a user 1460 in turn has associated user requirements 1430 comprising a list of
) activities 1400. For example, a job 1440 may be created called "fork lift operator" and job requirements 1420 'comprises a list of activities relating to fork lift operation such as "take fork lift maintenance course", "review fork lift operation plan", or the like. Alternatively or in addition, a user may be associated
with a user group such as "manufacturing" . The manufacturing user group may have assigned to it user group requirements 1430 including activities 1400 such as "take assembly lines safety course", "review manufacturing safety plan", or the like. These activities are assigned to the user 1460 indirectly through jobs 1440 or user groups 1450.
The company administrator 108 has authority to create, modify and delete jobs 1440, user groups 1450, job requirements 1420, user group requirements 1430, user requirements 1410, activities 1400 and to establish links and assignments therebetween.
Using these linking and grouping tools a company administrator 108 can easily establish and manage employee compliance requirements. For example, if a compliance requirement changes for forklift operators, the company administrator 108 can simply change the job requirements 1420 for the fork lift operator job rather than changing the user requirements 1410 for every forklift operator. Administration and Monitoring of Site Specific Programs
Once a user has been assigned activities as discussed above, the compliance applications server 110 can monitor and administer the user requirements 1410, job requirements 1420 and/or user group requirements 1430 that have been assigned to each user.
The compliance application server 110 may administer compliance programs and monitor the user's compliance with assigned activities by notifying a user of assigned activities prior to completion dates, administering programs, including plans and training courses, recording the amount of time the user reviewed the course materials, recording whether the user printed out the course materials, recording how many questions of a test were answered correctly, -or the like.
For example, referring to Fig. 15 the compliance application server may administer a site specific training course 1500 to each user assigned to take the course. Administration of the training course 1500 may include presenting study material for review, or giving an online test.
As shown in Fig. 15, a site specific training course 1210 having test question module 3 1500-3, 4 1500-4, 5 1500-5 and 10 1500-10, is administered to the user and the compliance application server 110 tracks which modules the user passes. The first time the course is presented to the user 1502, the compliance application server 110 presents the user with test questions from all applicable issue specific modules. The compliance application server 110 presents the questions, and receives and records the user's responses. The compliance application server 110 maintains a record of the modules the user has completed. The second time the test is administered
1504, the user is administered modules not taken and/or retested on the failed modules, module 3 1500-3 and module 5 1500-10. Upon the user passing all of the modules, the compliance application sever 110 records all modules passed 1506.
The knowledge maintenance system may further "include recording of user incidents or accidents, whereby the compliance application server 110 modifies activities or frequency of activities based on accident or incident rates. For example, if the user has had an inordinate number of accidents or incidents the training or plan review requirements assigned to the user for completion every one year may be increased to every six months . s
It should be understood that various modifications .and variations can be made in the method and system of the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention cover the modifications and variations of this invention provided it will come within the scope of the appended claims and their equivalence. In this context, equivalence means each and every implementation for carrying out the functions recited in the claims, even if not explicitly described herein.