UX Design for Compliance-Heavy Applications

Ask UXmatters

Get expert answers

A column by Janet M. Six
June 22, 2020

This month in Ask UXmatters, several UX professionals who belong to our panel of experts discuss creating innovative UX designs for compliance-heavy industries.

First, our panelists discuss the impact of regulations on our ability to create innovative designs and how these constraints can actually be helpful. Then, our experts discuss the possible need to adapt your research methods to take compliance into account. Finally, our panel discusses the compliance-versus-innovation paradox. Sometimes, innovation and compliance are not as different as they might seem.

Champion Advertisement
Continue Reading…

In my monthly column Ask UXmatters, our panel of UX experts answers readers’ questions about a broad range of user experience matters. To get answers to your own questions about UX strategy, design, user research, or any other topic of interest to UX professionals in an upcoming edition of Ask UXmatters, please send your questions to: [email protected].

The following experts have contributed answers to this month’s edition of Ask UXmatters:

  • Warren Croce—Principal UX Designer at Staples, Inc.; Principal at Warren Croce Design
  • Steven Hoober—Mobile Interaction Designer and Owner at 4ourth Mobile; author of Designing Mobile Interfaces; UXmatters columnist
  • Gavin Lew—Managing Partner at Bold Insight
  • Baruch Sachs—Vice President, Client Innovation at Pegasystems; UXmatters columnist

Q: How do you create innovative UX designs within a compliance-heavy industry such as banking?—from an Ask UXmatters reader

“I have spent essentially my entire career designing products that must meet regulations,” answers Steven. “In addition to lots of work on telecoms, banking, and healthcare, almost every industry has some regulatory oversight. You really must understand that.

“Most regulation is for good—either the good of individual consumers or society as a whole. It protects their privacy, security, and often their actual physical safety. Regulation is just an extension of the will of the people in an organized society, so is a codified extension of ethical design. Off the top of my head, I can’t think of a time when I sighed and reluctantly worked toward satisfying or getting around some regulation. But I’ve often had to bring up the details from a regulatory body with teams.

“I’m not sure how to answer this question directly because I’ve never felt even a tiny bit more constrained regarding innovation in highly regulated versus less-regulated industries. Regulations are just another input or constraint—and technical systems are full of constraints anyway. We design to constraints all the time—cost, complexity, time, feasibility, secrecy, and a lot more. When teams write up the requirements for regulated products, around 95% of these requirements are from Marketing or Product Development, not on the regulatory or compliance side. We design innovative solutions that embrace or transcend such constraints every day.

“Regulatory requirements are a great example of how understanding broadly and designing early can lead to great work, while leaving design to the end of the development process results in disaster,” continues Steven. “Long ago, there was something called the pretexting scandal. One result was the FCC’s adding new requirements for mobile telecoms to secure user data better. Except that they really had no detailed requirements, just the high-level outcome of improving security. However, by working to realize that outcome, my UX Design team was able to create a design solution that achieved that goal. We then worked with the compliance lawyers at the company to negotiate with the FCC. Thus, we more or less created much of the final regulation. Plus, we were the only telecom to launch a new security system on the deadline date.

“Now, in most cases, you won’t get to do this and must simply meet existing regulations. Your organization’s lawyers will demand that you add something to the Web site or app, but they often fail to understand what a specific regulation means. Don’t just trust them. Do your own research as well. For example, there’s no regulation that says disclaimers have to be in all caps. Read the regulations, talk to your legal and compliance teams—they’re probably different groups—and learn what is actually necessary. Design to actual requirements, and you will end up creating better products, achieve better compliance in the end, and have happier users.”

Differences in Research Methods

“The main difference regarding compliance is the higher levels of scrutiny and care in our research methods,” replies Gavin. “Healthcare is the perfect example of a compliance-heavy industry. The FDA regulates medical devices that are integral to therapies. For example, consider an infusion pump or an injection device that delivers medicine. Such devices are highly regulated, yet innovation still happens.

My team worked on the world’s first digital pill, which included innovative technology that communicated to a mobile app regarding whether the patient had actually consumed the dose. While this technology and the product’s ecosystem were innovative, you’d ultimately apply the same foundation as you would for all medical devices: demonstrate safe and effective use through user research and show its effectiveness—or success or failure rate. However, this kind of research places more emphasis on simulated use. During a usability test, you could simulate a user’s office or desk, but for healthcare, you must simulate the environment with the proper equipment. We even have an incubator to simulate a neonatal ICU, as well as audio that plays sounds from an emergency room (ER). We also include distractor tasks as common elements of a moderator’s guide. The foundation is the same; we just amp up the simulation and rigor.”

Innovation and Compliance

“The question is not: how do you innovate in industry X?” says Warren. “The question is: how do we define innovation? This word comes with a lot of baggage. We have come to equate innovation with big, groundbreaking ideas. But innovations can come in many forms and have different scopes. Solving an interesting customer problem—no matter how small—in a creative manner is a form of innovation. It’s what makes design fun. Don’t create solutions that are looking for a problem to solve, thinking that you’re being innovative. Good design must come from a customer-centric perspective. In his book The Myths of Innovation, Scott Berkun says:

“‘I think innovation is overrated. Customers don’t care about how innovative you are. They just want to be happy and satisfied. And that’s about good design.’

“I highly recommend his book.”

“At the end of the day, every industry requires compliance—sometimes self-imposed and, at other times, through laws and other legalities,” replies Baruch. “We often internalize the idea of compliance as restrictions, so might feel that it suffocates innovation. But the beauty of innovation is that it almost never means something entirely new. Innovation is looking at the status quo and moving things around, not necessarily flipping things around and smashing them. Of course, doing that is exciting for sure.

But there is equal excitement to be had in looking at already established design patterns and tinkering with them. What I have found is that we really must understand what compliance means. True compliance versus what someone tells you compliance means can often be two very different things—in some cases, even vastly different. Find someone to partner with who really knows a domain’s areas of compliance well. You might be surprised to find that a lot is actually possible without running afoul of compliance.” 

Product Manager at Tom Sawyer Software

Dallas/Fort Worth, Texas, USA

Janet M. SixDr. Janet M. Six helps companies design easier-to-use products within their financial, time, and technical constraints. For her research in information visualization, Janet was awarded the University of Texas at Dallas Jonsson School of Engineering Computer Science Dissertation of the Year Award. She was also awarded the prestigious IEEE Dallas Section 2003 Outstanding Young Engineer Award. Her work has appeared in the Journal of Graph Algorithms and Applications and the Kluwer International Series in Engineering and Computer Science. The proceedings of conferences on Graph Drawing, Information Visualization, and Algorithm Engineering and Experiments have also included the results of her research.  Read More

Other Columns by Janet M. Six

Other Articles on UX Design

New on UXmatters