TECHNOLOGY
" Compliance by design has a governance structure that we recommend to achieve this , and that ' s largely about bringing the compliance requirements into the software development process . What that does really well is help the digital teams that are building these products and services , understand that landscape and become empowered to solve it .”
A common problem is leaving compliance till the end , he says . “ We often see that compliance and regulatory requirements mirror quality requirements in traditional software development , meaning they always get left till the end . It becomes a checkbox to say , let ' s build it first and then see if it ' s compliant later , which doesn ' t really make sense . But the compliance team hasn ' t been invited to the table before or been included in software development , so they don ' t understand how the process works at all . Having an intentional structure to bring compliant stakeholders , but also regulatory requirements into software requirements can achieve great things ."
Rangle is leading this innovative approach , and Montgomery says that while nobody would argue with this way of working , it typically hasn ' t been happening . " Everyone will say , of course we ' re trying to include compliance , of course we need to bring compliance requirements into our process and we should be following regulatory guidelines from the beginning of the project , not just at the end . But when we actually start to explore what the current landscape looks like it ' s not always happening ."
" Not to over-simplify the process , but it ' s largely intent-based " he adds . " It ' s about setting up that process , saying who ' s going to sponsor the organisation and are we going to form a steering committee to do this ? Where Rangle provides a lot of value is looking at how tactically that is done . What does a compliance requirement look like and how does that get added ? Software developers and product designers don ' t have a compliance and regulatory background , so Rangle ' s compliance by design process has been very helpful in giving people a framework ."
healthcareglobal . com 95