Gate 3 — DUA ↔ IRB Alignment

Deterministic compliance check for clinical trial documents.

---

Gate 3 Architecture

---

Gate 3 — FULL FAILURE + NEXT-ACTION DESIGN

Flow

1. Upload Documents

   • User uploads Protocol, DUA, and IRB Consent.

2. Ingestion

   • Files are read and converted to raw text (DOCX/PDF → text).

3. Extraction

   • Structured fields are extracted from text:
     • PHI level
     • Genetic data authorization
     • Retention period
   • No compliance decisions are made here.

4. Schema Normalization

   • Extracted values are mapped into a canonical ComplianceRecord.
   • Removes wording differences between documents.

5. Gate 3 Rules

   • Deterministic checks are applied:
     • PHI alignment
     • Genetic authorization
     • Retention alignment

6. Decision

   • PASS if all rules succeed.
   • FAIL if any rule fails.

7. Explainability

   • On FAIL, shows the exact rule and clause causing rejection.

8. Audit

   • Records document hashes, rule results, decision, and timestamp.

Input

• Protocol (DOCX/PDF)
• Data Use Agreement (DUA)
• IRB Consent Form

---

Output

• PASS
• FAIL

---

Rules

• PHI level must match between Protocol and DUA
• Genetic data in Consent must be authorized by DUA
• Consent retention period must be ≥ DUA retention period

---

How It Works

Documents → Extract → Normalize → Rules → Decision

---

Run

pip install -r requirements.txt
streamlit run app/main.py