Health, Education & Government Government & Public Sector Public Health & Human Services

Public Health Surveillance

Multi-agency, multi-stakeholder programs where procurement, compliance, and mission alignment determine success.

Palantir Oracle Health Tyler Technologies Conduent
Inside this journey
  1. Customer Discovery

    Align on surveillance objectives, current data flows, alert pain points, stakeholders, and measurable success signals.

    Discovery Questions

    Where We Start: Your Surveillance Snapshot

    • Briefly describe your current surveillance stack and the primary data sources feeding it (EHR, LIS, ED, vital records, syndromic feeds, other).
    • Which data sources are actively ingested into your analytics pipeline today? Options: Electronic Health Records (EHR), Laboratory Information Systems (LIS), Emergency Department (ED) visits, Syndromic surveillance feeds, Vital records / death registry, Immunization registry, Not currently ingesting data, Other
    • How frequently do those feeds update in your environment? Options: Streaming / real-time, Near real-time (<1 hour), Hourly, Daily, Irregular / batch
    • What’s the typical end-to-end latency from event (e.g., specimen collection or ED visit) to availability in your analytics environment? Options: <15 minutes, 15–60 minutes, 1–6 hours, 6–24 hours, >24 hours, Unknown
    • Who owns ingestion, data mapping, and pipeline health inside your agency (role or team)? Options: State epidemiology team, Surveillance branch / program, Public health IT / IS, Informatics team, Vendor-managed, Shared responsibility, Other
    • Tell us about one recent incident where data availability or structure directly changed a surveillance decision or slowed action.

    Are You Comfortable Missing Signals?

    • When was the last time your team missed a signal that later mattered — and what was the real-world consequence?
    • How often do you feel true-positive signals are buried in noise or dismissed by your triage process? Options: Almost always, Often, Sometimes, Rarely, Never, Not sure
    • Estimate the proportion of alerts that are false positives or non-actionable today. Options: >90%, 50–90%, 20–50%, 5–20%, <5%, Unknown
    • Which types of alerts tend to cause the most fatigue or distrust (select all that apply)? Options: Syndrome-based spikes, Single-hospital anomalies, Laboratory testing anomalies, Seasonal noise (flu/RSV), Automated rule churn after code changes, Other
    • Share a specific example where alert fatigue led to delayed or missed action — what happened and how did it feel for the team?

    What's the Human Cost?

    • Who on your team carries the emotional weight when surveillance fails, and how does that show up in day-to-day work?
    • How many full-time equivalents (FTEs) routinely triage alerts and investigate anomalies? Options: 0, 1–2, 3–5, 6–10, >10, Varies seasonally
    • How long does a typical alert investigation take from initial flag to resolution or closure? Options: <15 minutes, 15–60 minutes, 1–4 hours, 4–24 hours, >24 hours
    • Which institutional skills are most vulnerable to turnover (select up to three)? Options: Case definition expertise, Data mapping and ETL knowledge, Query and analytics skills, Vendor and system management, Stakeholder communication, Lab engagement
    • When teams are overwhelmed, which downstream activities degrade first (e.g., reporting to CDC, contact tracing, situational reports) — give an example. Options: Reporting to CDC, Local health alerts, Contact tracing, Internal situational awareness, Public communications, Other

    Where Data Breaks Down

    • Which data source would you least trust in a high‑stakes investigation — and why?
    • Which feeds are most frequently incomplete, late, or inconsistent (select all that apply)? Options: Hospital EHR extracts, Lab results (LIS), ED syndromic feeds, Vital records, Immunization registry, School absenteeism / sentinel data, Other
    • How often do you receive records with missing critical fields (patient age, location, specimen date, test LOINC)? Options: Almost always, Often, Sometimes, Rarely, Never
    • Do you have standardized mappings in place (LOINC, SNOMED, HL7 conformance) across providers? Options: Yes — most sources standardized, Partial — some mappings in place, No — mappings vary widely, We are working on standardization
    • Describe how inconsistent case definitions or variable lab test naming has created confusion or extra work for your team.

    If You Could Snap Your Fingers

    • If a single change could cut your time‑to‑detect in half, what would that change be?
    • Which measurable signals would convince you detection improved (select all that apply)? Options: Median time-to-detection, False positive rate, Time-to-report-to-CDC, Number of missed clusters, Alert triage time per FTE, User satisfaction / confidence
    • How would reduced alert noise and faster detection change where your team spends its time day-to-day?
    • What reporting outputs, dashboards, or export formats would make leadership and federal partners confident in your surveillance? Options: Automated CDC-ready reports, Interactive geospatial cluster maps, Drillable case timelines, Custom PDF situational reports, Alert audit trails, API exports to state systems
    • Who must sign off internally for a solution to be considered 'perfect' — who are the approvers? Options: State Epidemiologist / Director, Surveillance Branch Chief, IT/Infrastructure Director, Legal/Compliance, Finance/Procurement, Other
    • What is a realistic pilot timeline to evaluate a solution and decide on scaling (pick one)? Options: 1 month, 1–3 months, 3–6 months, 6–12 months, >12 months

    What Would Launch Look Like?

    • What single bureaucracy, contract, or technical dependency is most likely to stop a deployment cold?
    • Which integrations are required for a go‑live versus nice‑to‑have (select required items)? Options: EHR integration (hospital systems), LIS / lab interfaces, Syndromic surveillance feed, Vital records / death registry, State NBS / reporting system, Other
    • Which data-sharing agreements or legal approvals must be in place before ingestion (select all that apply)? Options: Business Associate Agreement (BAA), Data Use Agreement (DUA), Memorandum of Understanding (MOU), Legal / AG review, IRB approval, None / limited
    • Which compliance frameworks and certifications matter most for your agency (select all that apply)? Options: HIPAA, FedRAMP, State privacy regs, 21st Century Cures Act / TEFCA considerations, Other
    • What SLA, uptime, and incident response expectations would leadership require before sign-off? Options: 99.9% availability, 99.5% availability, 99% availability, Depends on feed / criticality, Other
    • What internal resources (staff time and roles) can you commit to a deployment in the first 90 days?

    Who's Driving This Bus?

    • If we built exactly what you asked for, who would be responsible for day‑to‑day ownership and staying accountable?
    • Who are the executive sponsors and day‑to‑day champions for surveillance improvements (select all that apply)? Options: State Epidemiologist, Surveillance Branch Chief, Public Health IT Director, Preparedness Director, Laboratory Director, Other
    • Are there external stakeholders who must be engaged (hospitals, labs, regional partners, federal liaisons)? Please list and describe their role.
    • Which groups are most likely to resist change and what are their primary concerns?
    • How are decisions typically made (consensus, director sign-off, procurement-driven, advisory board), and how long does that process usually take? Options: Consensus, Director / executive sign-off, Procurement-driven, Advisory / steering committee, Other
    • What training and onboarding approach tends to work best for your users? Options: Instructor-led workshops, Self-paced online modules, Onsite hands-on sessions, Train-the-trainer, Combination

    What Would Keep This Working Long-Term?

    • Six months after launch, what would make you worry the system is already failing?
    • How often do you expect analytics tuning, threshold recalibration, or algorithm retraining to be required? Options: Weekly, Monthly, Quarterly, As-needed based on events, Rarely / annually
    • What support model do you need for ongoing operations (select all that apply)? Options: 24/7 vendor support, Business-hours vendor support, Dedicated account manager, On-demand professional services, Shared support via state IT, Other
    • How should long-term success be governed—regular reviews, a steering committee, shared dashboards, or something else? Options: Quarterly steering committee, Monthly operational reviews, Shared realtime dashboards, Ad-hoc reviews on triggers, Other
    • What is your likely budget horizon for ongoing licensing, support, and enhancements? Options: Annual appropriation, Multi-year contract, Grant-dependent, No dedicated budget yet, Unsure
    • Which metrics would you want included in a quarterly health check report to show the platform is delivering value (select up to five)? Options: Median time-to-detect, False positive rate, Feed uptime / latency, Case reporting completeness, Number of escalations handled, User activity and adoption, Backlog of tuning requests
  2. Solution Experience

    Validate how the platform will detect anomalies, reduce alert fatigue, and improve reporting timeliness using the customer’s actual data sources and scenarios.

    Experience Meetings

    • Solution Experience Preparation
    • Live Data Ingestion & Integrity Test
    • Anomaly Detection Run & Calibration Workshop
    • Alert Triage Simulation & Reporting Timeliness
    • Solution Experience Validation & Acceptance

    Issues & Enhancements

    • Vendor to produce a time-stamped runbook of simulated cases showing detection-to-report timelines.
    • Agree an actionable calibration plan, promotion path, and monitoring metrics.
    • Obtain SME validation on a representative sample of alerts to force confirmation of tuning decisions.
    • Vendor to apply agreed threshold changes in staging and produce before/after metric report (precision, recall, alert count).
    • Customer epidemiologist to provide feedback on 20 prioritized alerts labeled as FP/FN within 3 days.
    • Vendor to implement automated alert deduplication and suppression rules identified during tuning.
    • Schedule a re-run session to validate the tuning impact on a new data window.
    • Workflow & Role Review
    • Validate that alerts route correctly to the designated analysts and stakeholders.
    • Prove measurable reductions in time-to-notify and time-to-report against the baseline.
    • Confirm report formats meet state and federal requirements and are reproducible by the platform.
    • Document any UX or workflow adjustments required before production rollout.
    • Introductions & Meeting Objectives
    • Customer to confirm final recipient lists, distribution cadence, and any regulatory report fields.
    • Vendor to implement agreed notification channel changes and update templates.
    • Assign owners for ongoing triage SLAs and monitoring dashboards.
    • One-sentence Recap: Current, Consequence, Future
    • Obtain explicit validation of each acceptance criterion tied to the Future State.
    • Document a prioritized remediation plan for any remaining gaps with owners and timelines.
    • Secure agreement on the next-stage kickoff date and responsibilities for deployment readiness.
    • Ensure all validation artifacts (data runs, reports, screenshots, and KPI dashboards) are archived and shared.
    • Customer to provide formal sign-off or acceptance-with-conditions on the Solution Experience acceptance criteria.
    • Vendor to deliver a Validation Package containing run logs, before/after metric reports, tuned rule set, and remediation plan.
    • Schedule Pre-Deployment Readiness kickoff and assign owners for each readiness checklist item.
    • If acceptance-with-conditions, vendor to implement agreed fixes and provide verification within the defined timeline.
    • Produce a single-sentence Current State description that all attendees agree is accurate.
    • Document a quantified Consequence statement that creates urgency for change.
    • Agree a single-sentence Future State in operational terms to be proved in the experience.
    • Confirm the exact datasets, access details, and prework owners required for live runs.
    • Set clear, measurable KPIs and acceptance criteria for the Solution Experience.
    • Customer to provide sample data extracts, schema documentation, and 3 labeled historical examples (TP/FP/FN) within 5 business days.
    • Customer to nominate 2 SMEs (epidemiologist and IT lead) and provide access credentials or data connection details.
    • Vendor to provision a staging environment, prepare a runbook, and map incoming fields to internal schema before the live ingestion meeting.
    • Vendor to draft initial KPI dashboard templates aligned to agreed acceptance criteria.
    • Recap Objectives and Prework Status
    • Verify each feed is ingesting into staging and mapped correctly to analytic fields.
    • Identify and document data quality issues that would impact detection accuracy or timing.
    • Establish measured ingestion latency and agree whether it meets the Future State timeliness target.
    • Agree owners and timelines for fixing critical data issues before anomaly runs.
    • Vendor to deliver a data mapping report listing required field fixes and transformation rules.
    • Customer IT to remediate top 3 data quality issues or approve vendor-side workarounds.
    • Vendor to enable ingestion monitoring dashboards and alerting for feed failures.
    • Schedule follow-up verification once fixes are applied (target within 3 business days).
    • Recap Acceptance KPIs and Baseline Expectations
    • Demonstrate detection outputs tied directly to the documented Current State problems and Consequence statement.
    • Reduce noisy alerts to an agreed target without materially decreasing true positive detection.
    • Simulated Case Runs (live)
    • Before vs After Metrics Review
    • Baseline Detection Results Presentation
    • Establish Data Connections (hands-on)
    • Current State (one-sentence)
    • Measure Time-to-Notify and Report Generation
    • Gap Analysis and Risk Register
    • Schema Mapping & Field Validation
    • Operational Impact Mapping
    • Consequence Statement (one-paragraph)
    • User Experience Feedback & Adjustments
    • Future State (one-sentence outcomes)
    • Iterative Threshold Tuning (hands-on)
    • Force Validation: Acceptance Criteria Walkthrough
  3. Solution Scope

    Define integrations, analytics modules, alert calibration, reporting outputs, responsibilities, and acceptance criteria.

    Scope Configuration

    • Deploy real-time data ingestion pipeline
    • Integrate EHR feeds (HL7/FHIR) into platform
    • Integrate laboratory information system feeds
    • Connect emergency department syndromic feeds
    • Onboard vital statistics and mortality records
    • Configure disease detection algorithms
    • Calibrate alert thresholds with epidemiologists
    • Deploy geographic cluster and heatmap analysis
    • Enable automated case notification workflows
    • Activate trend forecasting and projection models
    • Generate CDC-format automated reports and exports
    • Deploy role-based access and permission sets
    • Deliver user training and administrator onboarding

    Scope Questions

    Deploy real-time data ingestion pipeline

    • Which data sources do you want included in the real-time ingestion pipeline initially? Options: EHR/HL7, FHIR APIs, LIS/lab HL7, Syndromic ED feeds, Vital records, Other
    • What is your required maximum end-to-end latency for ingested records (from source generation to platform availability)? Options: Near real-time (seconds-minutes), Sub-hourly (minutes-hours), Daily batch, Flexible / Not sure
    • Estimate average and peak record throughput to ingest (records/day or messages/minute). Include typical and peak periods.
    • Which transport/security protocols must ingestion support? Options: SFTP, HTTPS/REST, MLLP/HL7, VPN, Direct API with OAuth2, PHINMS, Other
    • Are there existing ETL/connectors in your environment we should reuse or replace? Options: Reuse existing connectors, Replace with new connectors, Hybrid (reuse some), No existing connectors
    • Who will own operational monitoring and first-line troubleshooting for ingestion (customer team, vendor, shared)? Options: Customer owns, Vendor owns, Shared/Joint

    Integrate EHR feeds (HL7/FHIR) into platform

    • Which EHR vendors and versions are sending feeds (e.g., Epic, Cerner, Allscripts)? List all.
    • Which message types and standards are required (HL7 v2 ADT/ORU, FHIR resources, CCD/CDA)? Options: HL7 v2 ADT, HL7 v2 ORU, FHIR (Patient/Encounter/Observation), CDA/CCD, Other
    • Do you require mapping of local codes to standard terminologies (LOINC/SNOMED/ICD)? Options: Yes - full mapping, Yes - partial mapping, No, Not sure
    • Are there constraints on how patient-identifiable information (PII) is handled during ingestion and processing? Options: PII allowed with controls, Only de-identified data, PII not permitted, Need guidance
    • Will we connect directly to hospital endpoints or through a state health exchange/intermediary? Options: Direct to hospitals, Via state HIE/intermediary, Mixed
    • What is the expected timeline to complete one representative EHR integration (weeks)? Options: <4 weeks, 4-8 weeks, 8-12 weeks, 12+ weeks

    Integrate laboratory information system feeds

    • Which laboratory systems/vendors will feed the platform (e.g., Sunquest, Cerner Millennium LIS)?
    • What lab message types/timeliness are required (result messages, order messages, batch uploads)? Options: Real-time ORU results, Batch/result file uploads, Order messages (ORM), Other
    • Do lab results require LOINC/LOINC mapping, culture organism normalization, or complex result parsing? Options: LOINC mapping, Organism normalization, Complex parsing required, None of the above
    • Are there reporting obligations tied to specific lab tests (e.g., reportable conditions) that require immediate routing to public health? Options: Yes - immediate routing, Yes - scheduled routing, No
    • Will lab feeds include patient identifiers required for case matching, or are they de-identified? Options: Identifiers included, De-identified, Mixed
    • Who is responsible for resolving data quality issues from lab feeds (submitter lab, agency, vendor)? Options: Submitting lab, Agency data team, Vendor support, Shared

    Connect emergency department syndromic feeds

    • Which syndromic feed protocol and systems are in use (BioSense/ESSENCE, HL7 v2, CEDRS, other)? Options: BioSense/ESSENCE, HL7 v2 syndromic, State-specific system, Other
    • What syndrome definitions and chief complaint parsing rules should be applied initially?
    • What geographic granularity is required for ED data (facility, ZIP, county, census tract)? Options: Facility-level, ZIP, County, Census tract, Other
    • What are acceptable latency and allowable data gaps for syndromic inputs? Options: Near real-time, Daily, Weekly, Flexible
    • Are there triage or chief-complaint fields that require custom NLP or mapping? Options: Yes - NLP required, Yes - simple mapping, No
    • Do you need automated case flagging from ED feeds for certain conditions (e.g., opioid overdoses, respiratory clusters)? Options: Yes - immediate flags, Yes - monitoring only, No

    Onboard vital statistics and mortality records

    • Which vital records systems/formats are used (electronic death registration system, flat files, HL7)? Options: Electronic Death Registration System (EDRS), Flat file CSV, HL7, Other
    • What is the expected reporting lag for mortality records and do you require provisional vs final data separation? Options: Real-time/provisional, Weekly provisional, Monthly, Final only
    • Are death certificate fields standardized or do they require mapping (cause of death free text, ICD mapping)? Options: Standardized, Requires mapping/ICD coding, Free-text requires NLP
    • Do you require lineage and linkage to other datasets (e.g., match to hospital admission or lab result)? Options: Yes - deterministic match, Yes - probabilistic match, No
    • Are there legal or consent constraints for mortality datasets we should be aware of? Options: Yes - restricted access, No, Need to confirm
    • Who will verify completeness and accuracy of onboarded vital records (agency analyst, vendor, third party)? Options: Agency analyst, Vendor, Third party, Shared

    Configure disease detection algorithms

    • Which conditions or syndromes should be prioritized for detection in this phase?
    • Do you have formal case definitions or surveillance definitions that algorithms must use? Options: Yes - standard definitions provided, Yes - custom definitions needed, No
    • What sensitivity vs specificity balance is desired (favor earlier detection with more alerts vs fewer high-confidence alerts)? Options: High sensitivity (more alerts), Balanced, High specificity (fewer alerts)
    • Are there historical datasets available to train or validate algorithms? If so, please indicate size and period.
    • Do detection algorithms need to be explainable/auditable for public reporting or legal review? Options: Yes - full explainability, Partial explainability, No
    • Who will approve algorithm updates and how frequently can thresholds/models be adjusted? Options: Customer approves, Vendor approves, Joint governance

    Calibrate alert thresholds with epidemiologists

    • Which agency epidemiologists or SME groups should be involved in calibration workshops?
    • What historical baseline period should be used for threshold calibration (e.g., 3 years, pandemic years excluded)? Options: 1 year, 3 years, 5+ years, Custom/Discuss
    • What target alert load is acceptable (alerts/day or alerts/week) to avoid alert fatigue?
    • Should calibration produce tiered alert levels (e.g., advisory, watch, action) and what escalation paths map to each? Options: Yes - tiered levels, No - single level, Unsure
    • Will calibration sessions be sandboxed on historical data or require live tuning with production feeds? Options: Sandbox/historical only, Live tuning, Mix of both
    • What acceptance criteria define a successfully calibrated threshold (false positive rate, detection lead time, analyst sign-off)?

    Deploy geographic cluster and heatmap analysis

    • What spatial resolution is required for clustering/heatmaps (facility, ZIP, census tract, block)? Options: Facility, ZIP, County, Census tract, Other
    • Do you have existing shapefiles or GIS boundaries to upload, or do we source them? Options: Customer will provide, Vendor to source, Hybrid
    • Are there privacy constraints limiting display of small counts in maps (e.g., suppress counts <5)? Options: Yes - suppress small counts, No suppression needed, Custom rules
    • Should cluster detection use spatial-only methods, spatiotemporal methods, or both? Options: Spatial-only, Spatiotemporal, Both
    • What interactive features are required (drill-down, timeframe slider, exportable maps)? Options: Drill-down, Time slider, Export PNG/CSV, None
    • Who will maintain GIS layers and boundaries after deployment (agency GIS team, vendor, shared)? Options: Agency GIS team, Vendor, Shared

    Enable automated case notification workflows

    • What trigger events should initiate automated notifications (new case, threshold crossed, cluster detected)? Options: New case, Threshold crossed, Cluster detected, Manual trigger, Other
    • Who are the intended notification recipients and preferred delivery methods (email, SMS, EHR alert, webhook)? Options: Email, SMS, Webhook/API, EHR alert, Other
    • What content and data fields must be included in notifications, and are there PII restrictions?
    • Should notifications include links to case details in the platform, or only summary information? Options: Include links to case, Summary only, Configurable per recipient
    • Do notifications require audit logging and acknowledgement tracking (who received and who acted)? Options: Yes - audit and ack, No, Optional
    • Are there SLA or timeliness requirements for notification delivery (e.g., within X minutes)? Options: <5 minutes, <30 minutes, <24 hours, Flexible

    Activate trend forecasting and projection models

    • What forecasting horizons are needed (1-2 weeks, 4 weeks, seasonal forecasts, scenario projections)? Options: 1-2 weeks, 4 weeks, Seasonal (months), Scenario projections
    • Which outputs do you need from models (case counts, hospitalizations, ICU demand, percent positivity)?
    • Do models need to incorporate external covariates (mobility, weather, vaccination rates)? Options: Yes - multiple covariates, Yes - limited covariates, No
    • What level of model explainability or uncertainty quantification is required for decision-making? Options: Full uncertainty intervals and explainability, Basic confidence intervals, Minimal
    • How often should forecasts be refreshed and redistributed? Options: Daily, Weekly, Biweekly, Monthly
    • Will forecasts be used for public reporting or internal planning only? Options: Public reporting, Internal planning only, Both
  4. Mutual Commit

    Finalize commercial, data-sharing, compliance, SLA terms, and governance responsibilities required for launch.

    Agreement Modules

    • Non-Disclosure Agreement (NDA)
    • Master Services Agreement (MSA)
    • Statement of Work (SOW)
    • Data Use & Sharing Agreement (DUA/DPA)
    • Business Associate Agreement (BAA)
    • Service Level Agreement (SLA)
    • Security & Compliance Attestation
    • Acceptance Criteria & Go-Live Signoff
    • Governance & Roles Agreement
    • Integration & Third-Party Connector Addendum
    • Payment & Funding Schedule
    • Change Order & Scope Management
    • Reporting & Federal Submission Addendum
    • Termination & Transition Plan
  5. Deployment

    Operationalize rollout with readiness checks, enablement, and outcome validation.

    1. Pre-Deployment Readiness

      Confirm data access, feed reliability, environments, owners, and risk controls are in place before execution.

      Readiness Questions

      Quick Intro — Tell Us About Your Surveillance Program

      • What is your role and main responsibility for surveillance in your jurisdiction? Options: State epidemiologist, Surveillance branch chief/manager, Public health preparedness director, Data analyst/epidemiologist, Other
      • How many people are actively involved in day-to-day surveillance work on your team? Options: 1–3, 4–10, 11–25, 26–50, 50+
      • Which systems do you currently rely on as primary data feeds (select all that apply)? Options: EHR/clinical data, Laboratory information systems, Syndromic surveillance (ED), Vital statistics, Immunization registry, Other state systems, None/forming
      • How frequently do you need near-real-time visibility for priority signals? Options: Continuous/real-time, Hourly, Daily, Weekly, Ad hoc
      • What single outcome would make your surveillance team feel the program is succeeding? Options: Faster outbreak detection, Reduced false alerts, Accurate federal reporting, Improved situational awareness for leadership, Other
      • Tell us briefly about your most recent surveillance success or near-miss (what happened and why it mattered).

      Are You Settling for Noisy Signals?

      • If you had to estimate: how many alerts does your team receive on an average day that require human review? Options: Less than 5, 5–20, 21–100, 100–500, 500+
      • Which types of alerts generate the most noise or false positives for you? Options: Syndromic spikes, Lab result backlogs, Duplicates from multiple sources, Threshold drift during seasonality, Data feed errors, Other
      • Walk us through a recent false-positive alert—what triggered it, who investigated, and how long did it take to close?
      • Who on your team currently owns triage and how sustainable does that feel? Options: Epidemiologist(s), Dedicated analyst(s), On-call roster, Shared across teams, Not defined
      • How does alert fatigue affect staff morale or their ability to respond to high-priority events? Options: Significantly, Moderately, Slightly, Not at all
      • What would you accept as a reasonable trade-off between sensitivity (catching everything) and specificity (fewer false alarms)? Options: Max sensitivity, Balance sensitivity/specificity, Prioritize specificity, Depends by syndrome/event

      What’s Really Keeping You Up at Night?

      • What single surveillance failure—real or hypothetical—would have the most severe consequences for your jurisdiction?
      • How worried are you about missing emergent signals because of data gaps or delayed reporting? Options: Very worried, Somewhat worried, Occasionally worried, Not worried
      • Describe a time when reporting requirements (state or federal) created undue strain on your team—what was most painful?
      • How do funding and staffing cycles influence your ability to sustain surveillance improvements? Options: Severely limit us, Constrain some projects, Manageable with planning, Not a major factor
      • Who or what is your single biggest internal obstacle to faster detection and reporting (technology, policy, people, vendor contracts, other)? Options: Technology/data access, Policy/legal, Staffing/skill gaps, Vendor limitations, Inter-agency coordination, Other

      Where Does the Data Break Down?

      • Which feeds are most unreliable today and how does that unreliability show up (latency, missing fields, format changes)? Options: EHR/clinical, Lab systems, Syndromic ED, Vital records, Other
      • How do you currently receive data from partners—API, SFTP, HL7, manual uploads, or other? Options: API, SFTP/secure file, HL7 feeds, Manual CSV uploads, Direct database access, Other
      • Who holds the keys to data access and can grant new integrations quickly? Options: State IT/central ops, Health department data team, Vendor/third party, Facility partners, Multiple parties
      • When data quality issues arise, what’s your typical troubleshooting path and how long does it take to resolve a serious problem?
      • Which data elements do you consider non-negotiable for case detection (e.g., specimen date, unique patient ID, facility identifier)? Options: Specimen/collection date, Facility/location, Patient demographics, Test result details, ICD/diagnosis codes, Other
      • How long have you been tolerating the most persistent data quality issue, and what attempts have been made to fix it?

      If You Could Snap Your Fingers, What Would Change Tomorrow?

      • Imagine perfect detection and reporting—what is the first thing your leadership would notice differently? Options: Faster alerts, Cleaner reports to CDC, Fewer false positives, Clearer dashboards, Reduced manual work
      • Which performance metric would make you feel confident we had improved detection (time-to-detection, false-positive rate, percent completeness, other)? Options: Time-to-detection, False-positive rate, Data completeness, Timeliness of reporting, User satisfaction, Other
      • How much faster would you need to detect an outbreak for it to change actions on the ground (minutes, hours, days)? Options: Minutes, Hours, Within a day, 1–3 days, Longer
      • If analytics could automatically reduce triage time by 50%, what would your team reallocate that time toward? Options: Investigation/response, Improving data partnerships, Reporting/enhancements, Training, Other
      • What political or organizational wins would you gain from delivering those improvements?

      What Stops a Pilot from Becoming Everyday Practice?

      • When pilots have stalled in the past, what was the single most common cause? Options: Data-sharing barriers, Lack of ongoing funding, No operational owner, Technical integration failures, User adoption issues, Other
      • Who needs to sign off for a new integration or change in workflow (list specific roles or committees)?
      • What timeline constraints are non-negotiable for you (e.g., legislative sessions, grant deadlines, federal reporting cycles)?
      • Which governance or data-sharing agreements would we need before work can begin? Options: Data use agreement (DUA), Business associate agreement (BAA), Memorandum of understanding (MOU), Interagency SLA, Other
      • What has helped a prior pilot transition successfully to production—concrete steps, not abstract ideas?

      How Will We Know This Is Working?

      • Which 3 KPIs would you require in a launch acceptance checklist? Options: Time-to-detection, False-positive rate, Data completeness, Report delivery timeliness, User adoption/usage, Other
      • What are your minimum acceptable SLA targets for data latency and uptime? Options: Near-real-time (<5 min), Hourly, Same-day, 24–48 hours, Other
      • Who signs the formal acceptance and what evidence do they expect to see (runbooks, end-to-end tests, sample reports)?
      • Describe one end-to-end test scenario you would want executed before go-live (include data source, expected signal, and reporting output).
      • How often should we plan to review and recalibrate alert thresholds after launch? Options: Weekly for first month, Monthly, Quarterly, Ad hoc based on events

      People, Training, and Who’s Responsible

      • Who will be the day-to-day product owner from your side and who is the executive sponsor?
      • How comfortable is your team with advanced analytics and parameterizing thresholds themselves? Options: Very comfortable, Somewhat comfortable, Prefer vendor support, Not comfortable
      • What training format works best for your staff—live workshops, hands-on sessions, train-the-trainer, or self-paced modules? Options: Live workshops, Hands-on sessions, Train-the-trainer, Self-paced modules, Blended
      • How do you handle staff turnover and knowledge transfer for critical surveillance roles today?
      • Who should be on the on-call rotation for triage once we launch, and how quickly must someone respond? Options: Epidemiology lead, Analyst team, Combined roster, Other
      • What would make your users feel confident adopting a new platform rather than sticking with spreadsheets and legacy tools?

      Data Risk and Compliance — Where Are Your Red Lines?

      • Which legal or compliance constraints must we design around from day one (PHI restrictions, state law, CDC stipulations, retention rules)? Options: PHI restrictions/HIPAA, State privacy laws, CDC/federal reporting rules, Data retention limits, Other
      • How comfortable are you with vendor-hosted environments versus on-premise or state-hosted solutions? Options: Vendor-hosted/cloud comfortable, Prefer state-hosted, Require on-premise, Undecided
      • What encryption, access control, or auditing capabilities are non-negotiable for your legal team?
      • Have you previously run a security or privacy review of an external analytics vendor—what took the longest or was most painful?
      • What interim risk controls (e.g., limited datasets, role-based views) would make you comfortable proceeding faster? Options: De-identified/limited data, Role-based access, Audit trails/logging, Staged access, Other
    2. Deployment Enablement

      Coordinate tasks, timelines, and teams to execute integrations, threshold calibration, and user onboarding.

    3. Validation Checklist

      Verify acceptance criteria, run end-to-end case flows, and confirm alert performance and reporting accuracy.

      Validation Questions

      Getting to Know Your Surveillance World

      • Tell us your title, team, and what you own day-to-day in surveillance operations. Options: State Epidemiologist, Surveillance Branch Chief, Program Manager, Data Analyst/Scientist, IT/Integrations Lead, Other
      • Which data sources are central to your situational awareness right now? Options: Electronic health records (EHR), Laboratory information systems (LIS), Emergency department syndromic feeds, Vital records/death certificates, School absenteeism or sentinel systems, EMS/911, Poison control, Other
      • How often do those feeds typically update and how reliable are they? Options: Near real-time (minutes), Hourly, Daily, Weekly, Irregular / unpredictable
      • Describe a recent day when surveillance felt like it was working well — what was happening and who benefited?
      • Who are the primary internal and external stakeholders you must satisfy with surveillance outputs? Options: Public health leadership, Local health departments, CDC / federal partners, Hospital partners / clinicians, Emergency management, Communications / media, Other
      • What’s the single immediate outcome you need from your surveillance system that would make your job measurably easier this quarter?

      Are We Missing the Quiet Things That Matter?

      • Tell us about the last time something important slipped through the cracks — what did you miss and why?
      • How was that gap discovered, and who raised the alarm? Options: Internal analyst, Hospital partner, CDC / federal partner, Public complaint or media, Field epidemiologist, Other
      • When such misses occur, which consequences worry you most? Options: Delayed containment / response, Missed cases or clusters, Incorrect resource allocation, Harm to vulnerable populations, Federal reporting errors or penalties, Loss of public trust, Other
      • How quickly do you aim to detect an unusual signal versus how quickly you actually do today? Options: Within hours, Same day, 48–72 hours, About a week, Longer than a week
      • What specific data quality or pipeline issues most often contribute to missed signals? Give concrete examples if possible.

      Where Alert Noise Is Costing You Sleep

      • How often do alerts pull your team away from higher-value public health work? Options: Constantly, Often, Sometimes, Rarely, Never
      • Estimate the average time your team spends triaging false or low-value alerts per week. Options: > 20 hours, 10–20 hours, 5–10 hours, < 5 hours, Not tracked
      • Which types of alerts generate the most noise for you? Options: Syndromic spikes (seasonal/expected), Lab value anomalies / duplicates, Low-quality or incomplete reports, Threshold-based seasonal alerts, Geo-cluster flags, Other
      • Tell us about a recent high-volume alert period — what triggered it, how long did it last, and what was the operational impact?
      • When balancing false positives against false negatives, which is your team culturally more willing to tolerate? Options: Favor sensitivity (catch more false leads), Favor specificity (fewer false alarms), Aim for balance, Depends by condition
      • What would meaningfully reduce alert fatigue for you tomorrow (a process change, a technical feature, staffing adjustment)?

      Who Holds the Pieces When Things Break?

      • If a critical feed goes dark at 2 a.m., who in your network is expected to notice and act? Options: In-house IT/operations, Data vendor / integrator, Hospital partner IT, Regional health information hub, No clear owner / falls through gaps, Other
      • Describe your current data-sharing agreements or MOUs and any restrictions that regularly slow integrations.
      • Which compliance, legal, or governance checkpoints have historically caused the longest delays? Options: Data use agreements (DUAs), Privacy / HIPAA review, Security assessments (SSAs), Legal sign-off, Procurement / contracting, IRB or ethics review, Other
      • How frequently does staff turnover or shifting responsibilities disrupt surveillance continuity and institutional knowledge? Options: Very frequently, Occasionally, Rarely, Hardly ever
      • Who do we need explicit buy-in from internally and externally for a successful integration, and how have you best engaged them in the past?

      If You Could Redesign One Thing Overnight

      • If you could wave a wand and change one aspect of your surveillance stack overnight, what would it be and why?
      • Which analytic capabilities would deliver the quickest operational wins for your team? Options: Automated anomaly detection tuned by epidemiologists, Geographic cluster analysis, Case deduplication and record linkage, Trend forecasting and nowcasts, Automated report generation (CDC/state formats), Configurable dashboards for stakeholders, Other
      • What are your non-negotiable reporting outputs for federal partners and how strict are their formats? Options: Rigid HL7/CSV templates, FHIR/APIs, Weekly standardized CSV/PDF, Ad-hoc exports to CDC portals, Combination of the above
      • How important is the ability to configure alert rules yourself versus relying on vendor-supplied algorithms? Options: Highly important to configure locally, Some configurability with vendor defaults, Prefer vendor-managed out-of-the-box, Undecided
      • What timeline would feel realistic for delivering an initial meaningful capability (pilot) in your setting — weeks, months, or more? Please explain the constraints.

      What’s Stopping Faster Wins?

      • What's the single stubborn obstacle that repeatedly keeps projects from moving into production in your jurisdiction?
      • Which of these is most often the gating constraint for deployment in your experience? Options: Funding or budget cycles, Procurement and contracting, Data quality and completeness, State IT capacity / change control, Legal / compliance approvals, Stakeholder alignment / politics, Other
      • Have you tried workarounds before (manual processes, ad hoc scripts, third-party tools)? Which yielded partial success and why did they stall?
      • How does the reduction or end of pandemic-era funding affect your appetite for phased / low-cost pilots versus full deployments? Options: Need low-cost pilots first, Can fund phased full deployments, Require external grant support, Unsure
      • If we could remove one blocker for you in the next 30 days, which would it be and how would that change outcomes?

      What Would Make You Confident to Say Yes to a Pilot?

      • What specific evidence would you require to confidently onboard a vendor for a pilot in your jurisdiction? Options: Real-world case studies in similar states, Sensitivity / specificity benchmarks, Data security certifications (e.g., SOC2), References from equivalent programs, CDC or federal endorsements, Other
      • What acceptance criteria must be met before you’ll sign off on a pilot or production cutover?
      • Which end-to-end test cases should we run together to prove the system’s reliability and value? Options: Ingest latency and throughput test, Replay of a known outbreak (gold standard), False-positive stress test, Reporting pipeline validation to CDC formats, User acceptance testing with epidemiologists, Other
      • Which performance targets matter most to you (pick up to three)? Options: Data latency, Alert precision (PPV), Alert recall / sensitivity, Report generation time, System uptime / reliability, Scalability across data volumes, Other
      • How do you prefer to receive results and feedback during a pilot (formats, cadence, and owner)?

      Emotions, Risks and Long-Term Partnership

      • How worried are you about reputational, political, or public-facing risk if the system issues inaccurate or noisy alerts? Options: Extremely worried, Moderately worried, Somewhat worried, Not worried
      • When an alert leads to a public message, who typically signs off and what is the approval timeline? Options: Director-level sign-off, Communications office + director, Legal review required, Rapid approval protocol exists, No formal process / ad-hoc
      • How would you like a vendor to support communications or mitigate risk if a false alert goes public? Options: Rapid root-cause analysis and fix, Draft public communications, Hotline/war room support, Technical rollback capability, Joint post-mortem and action plan, Other
      • What would a successful long-term analytics partnership look like to your leadership? Summarize the top 3–5 expectations.
      • How often would you want joint reviews and tuning after launch to feel both safe and efficient? Options: Weekly for the first month, Biweekly for first 3 months, Monthly ongoing, Quarterly, On-demand
      • Is there anything about your team’s readiness, unspoken concerns, or definition of success we haven’t asked that would change how we design the pilot?
  6. Success

    Confirm outcomes, schedule ongoing analytics tuning, and maintain a shared channel for issues and enhancements.

    Success Reviews

    • Success Outcomes Review
    • Analytics Tuning & Calibration Planning
    • Operational Escalation & Shared Channel Setup
    • Enhancement Prioritization & Roadmap
    • Quarterly Performance Review (QPR) / Continuous Improvement Checkpoint

    Issues & Enhancements

    • Assign clear owners and acceptance criteria for each roadmap item.
    • Agree on measurable tuning objectives aligned to operational impact.
    • Set a concrete tuning cadence and assign session owners and participants.
    • Specify required prework/data and the playbook to ensure data-driven tuning sessions.
    • Establish governance for who can approve and deploy calibration changes.
    • Publish the tuning playbook and initial 6-month calendar with session owners.
    • Prepare and share required datasets and retrospective case sets ahead of the first tuning session.
    • Configure change controls and rollback procedures in the deployment pipeline.
    • Communication Needs Overview
    • Create and approve a shared, auditable communication channel for operational issues and enhancements.
    • Agree on incident severity definitions, response SLAs, and escalation paths.
    • Ensure access, integrations, and audit requirements are met for compliance.
    • Provision the shared channel, add members, and configure integrations to ticketing and monitoring.
    • Publish the channel charter and escalation workflow to stakeholders.
    • Create the initial on-call roster and handoff calendar entries.
    • Backlog Review (validated items only)
    • Produce a prioritized, timeboxed roadmap for the next 3–6 months tied to measurable outcomes.
    • Opening & Objectives
    • Identify quick wins to reduce operational risk or alert fatigue immediately.
    • Publish the prioritized roadmap and backlog in the shared tracking tool.
    • Schedule pilot work for the top 1–2 prioritized enhancements and assign owners.
    • Define measurement plans and required dashboards for each enhancement.
    • Executive Summary of KPIs & Trends
    • Validate sustained value and surface strategic risks or opportunities.
    • Ensure analytics and operational plans remain aligned with policy and reporting requirements.
    • Set clear priorities and owners for the next quarter with measurable targets.
    • Produce the QPR report and distribute to agency leadership and CDC contacts.
    • Update the roadmap to reflect agreed next-quarter priorities and owners.
    • Schedule the next QPR and ensure necessary data pulls and analyses are prepared in advance.
    • Formally confirm which acceptance criteria are met and which require further work.
    • Demonstrate with real cases that the system produces the intended detection and reporting outcomes.
    • Obtain stakeholder sign-off or a documented list of remediation items and owners.
    • Capture quantified consequences for any unmet criteria (impact on detection, reporting, or resources).
    • Produce a short sign-off document listing passed criteria, open gaps, owners, and due dates.
    • Log remediation items into shared backlog with severity and planned delivery window.
    • Share artifacts (KPI dashboards, case replay exports) used in the validation for audit and compliance.
    • Recap of Performance Gaps
    • Current State (one-sentence)
    • Define Channel Charter & Access
    • Define Tuning Objectives & Success Metrics
    • Deep-Dive: Notable Anomalies & Root Causes
    • Prioritization Criteria & Scoring
    • Consequence Summary
    • Draft 3–6 Month Roadmap
    • Impact Assessment
    • Incident Escalation Workflow
    • Tuning Cadence & Session Format
    • Quick Wins vs Major Platform Changes
    • Required Data & Prework
    • Enhancement Request Process & SLAs
    • Outcomes vs Acceptance Criteria
    • Policy/Regulatory Changes & Required Analytics Adjustments
    • Measurement & Acceptance for Enhancements
    • On-call / Contact Roster & Rotation
    • Live Validation: Representative Case Runs
    • Resource & Risk Review
    • Governance & Decision Authority
    • Stakeholder Confirmation & Sign-off
    • Tool Integrations & Audit Logging
    • Confirm Owners and Communication Plan
First-Party AI

1-2 minutes please — Your AI agent is working

First-Party AI™ can make mistakes. Always check important information.