Public Health Surveillance
Multi-agency, multi-stakeholder programs where procurement, compliance, and mission alignment determine success.
Inside this journey
-
Customer Discovery
Align on surveillance objectives, current data flows, alert pain points, stakeholders, and measurable success signals.
Discovery Questions
Where We Start: Your Surveillance Snapshot
- Briefly describe your current surveillance stack and the primary data sources feeding it (EHR, LIS, ED, vital records, syndromic feeds, other).
- Which data sources are actively ingested into your analytics pipeline today?
- How frequently do those feeds update in your environment?
- What’s the typical end-to-end latency from event (e.g., specimen collection or ED visit) to availability in your analytics environment?
- Who owns ingestion, data mapping, and pipeline health inside your agency (role or team)?
- Tell us about one recent incident where data availability or structure directly changed a surveillance decision or slowed action.
Are You Comfortable Missing Signals?
- When was the last time your team missed a signal that later mattered — and what was the real-world consequence?
- How often do you feel true-positive signals are buried in noise or dismissed by your triage process?
- Estimate the proportion of alerts that are false positives or non-actionable today.
- Which types of alerts tend to cause the most fatigue or distrust (select all that apply)?
- Share a specific example where alert fatigue led to delayed or missed action — what happened and how did it feel for the team?
What's the Human Cost?
- Who on your team carries the emotional weight when surveillance fails, and how does that show up in day-to-day work?
- How many full-time equivalents (FTEs) routinely triage alerts and investigate anomalies?
- How long does a typical alert investigation take from initial flag to resolution or closure?
- Which institutional skills are most vulnerable to turnover (select up to three)?
- When teams are overwhelmed, which downstream activities degrade first (e.g., reporting to CDC, contact tracing, situational reports) — give an example.
Where Data Breaks Down
- Which data source would you least trust in a high‑stakes investigation — and why?
- Which feeds are most frequently incomplete, late, or inconsistent (select all that apply)?
- How often do you receive records with missing critical fields (patient age, location, specimen date, test LOINC)?
- Do you have standardized mappings in place (LOINC, SNOMED, HL7 conformance) across providers?
- Describe how inconsistent case definitions or variable lab test naming has created confusion or extra work for your team.
If You Could Snap Your Fingers
- If a single change could cut your time‑to‑detect in half, what would that change be?
- Which measurable signals would convince you detection improved (select all that apply)?
- How would reduced alert noise and faster detection change where your team spends its time day-to-day?
- What reporting outputs, dashboards, or export formats would make leadership and federal partners confident in your surveillance?
- Who must sign off internally for a solution to be considered 'perfect' — who are the approvers?
- What is a realistic pilot timeline to evaluate a solution and decide on scaling (pick one)?
What Would Launch Look Like?
- What single bureaucracy, contract, or technical dependency is most likely to stop a deployment cold?
- Which integrations are required for a go‑live versus nice‑to‑have (select required items)?
- Which data-sharing agreements or legal approvals must be in place before ingestion (select all that apply)?
- Which compliance frameworks and certifications matter most for your agency (select all that apply)?
- What SLA, uptime, and incident response expectations would leadership require before sign-off?
- What internal resources (staff time and roles) can you commit to a deployment in the first 90 days?
Who's Driving This Bus?
- If we built exactly what you asked for, who would be responsible for day‑to‑day ownership and staying accountable?
- Who are the executive sponsors and day‑to‑day champions for surveillance improvements (select all that apply)?
- Are there external stakeholders who must be engaged (hospitals, labs, regional partners, federal liaisons)? Please list and describe their role.
- Which groups are most likely to resist change and what are their primary concerns?
- How are decisions typically made (consensus, director sign-off, procurement-driven, advisory board), and how long does that process usually take?
- What training and onboarding approach tends to work best for your users?
What Would Keep This Working Long-Term?
- Six months after launch, what would make you worry the system is already failing?
- How often do you expect analytics tuning, threshold recalibration, or algorithm retraining to be required?
- What support model do you need for ongoing operations (select all that apply)?
- How should long-term success be governed—regular reviews, a steering committee, shared dashboards, or something else?
- What is your likely budget horizon for ongoing licensing, support, and enhancements?
- Which metrics would you want included in a quarterly health check report to show the platform is delivering value (select up to five)?
-
Solution Experience
Validate how the platform will detect anomalies, reduce alert fatigue, and improve reporting timeliness using the customer’s actual data sources and scenarios.
Experience Meetings
- Solution Experience Preparation
- Live Data Ingestion & Integrity Test
- Anomaly Detection Run & Calibration Workshop
- Alert Triage Simulation & Reporting Timeliness
- Solution Experience Validation & Acceptance
Issues & Enhancements
- Vendor to produce a time-stamped runbook of simulated cases showing detection-to-report timelines.
- Agree an actionable calibration plan, promotion path, and monitoring metrics.
- Obtain SME validation on a representative sample of alerts to force confirmation of tuning decisions.
- Vendor to apply agreed threshold changes in staging and produce before/after metric report (precision, recall, alert count).
- Customer epidemiologist to provide feedback on 20 prioritized alerts labeled as FP/FN within 3 days.
- Vendor to implement automated alert deduplication and suppression rules identified during tuning.
- Schedule a re-run session to validate the tuning impact on a new data window.
- Workflow & Role Review
- Validate that alerts route correctly to the designated analysts and stakeholders.
- Prove measurable reductions in time-to-notify and time-to-report against the baseline.
- Confirm report formats meet state and federal requirements and are reproducible by the platform.
- Document any UX or workflow adjustments required before production rollout.
- Introductions & Meeting Objectives
- Customer to confirm final recipient lists, distribution cadence, and any regulatory report fields.
- Vendor to implement agreed notification channel changes and update templates.
- Assign owners for ongoing triage SLAs and monitoring dashboards.
- One-sentence Recap: Current, Consequence, Future
- Obtain explicit validation of each acceptance criterion tied to the Future State.
- Document a prioritized remediation plan for any remaining gaps with owners and timelines.
- Secure agreement on the next-stage kickoff date and responsibilities for deployment readiness.
- Ensure all validation artifacts (data runs, reports, screenshots, and KPI dashboards) are archived and shared.
- Customer to provide formal sign-off or acceptance-with-conditions on the Solution Experience acceptance criteria.
- Vendor to deliver a Validation Package containing run logs, before/after metric reports, tuned rule set, and remediation plan.
- Schedule Pre-Deployment Readiness kickoff and assign owners for each readiness checklist item.
- If acceptance-with-conditions, vendor to implement agreed fixes and provide verification within the defined timeline.
- Produce a single-sentence Current State description that all attendees agree is accurate.
- Document a quantified Consequence statement that creates urgency for change.
- Agree a single-sentence Future State in operational terms to be proved in the experience.
- Confirm the exact datasets, access details, and prework owners required for live runs.
- Set clear, measurable KPIs and acceptance criteria for the Solution Experience.
- Customer to provide sample data extracts, schema documentation, and 3 labeled historical examples (TP/FP/FN) within 5 business days.
- Customer to nominate 2 SMEs (epidemiologist and IT lead) and provide access credentials or data connection details.
- Vendor to provision a staging environment, prepare a runbook, and map incoming fields to internal schema before the live ingestion meeting.
- Vendor to draft initial KPI dashboard templates aligned to agreed acceptance criteria.
- Recap Objectives and Prework Status
- Verify each feed is ingesting into staging and mapped correctly to analytic fields.
- Identify and document data quality issues that would impact detection accuracy or timing.
- Establish measured ingestion latency and agree whether it meets the Future State timeliness target.
- Agree owners and timelines for fixing critical data issues before anomaly runs.
- Vendor to deliver a data mapping report listing required field fixes and transformation rules.
- Customer IT to remediate top 3 data quality issues or approve vendor-side workarounds.
- Vendor to enable ingestion monitoring dashboards and alerting for feed failures.
- Schedule follow-up verification once fixes are applied (target within 3 business days).
- Recap Acceptance KPIs and Baseline Expectations
- Demonstrate detection outputs tied directly to the documented Current State problems and Consequence statement.
- Reduce noisy alerts to an agreed target without materially decreasing true positive detection.
- Simulated Case Runs (live)
- Before vs After Metrics Review
- Baseline Detection Results Presentation
- Establish Data Connections (hands-on)
- Current State (one-sentence)
- Measure Time-to-Notify and Report Generation
- Gap Analysis and Risk Register
- Schema Mapping & Field Validation
- Operational Impact Mapping
- Consequence Statement (one-paragraph)
- User Experience Feedback & Adjustments
- Future State (one-sentence outcomes)
- Iterative Threshold Tuning (hands-on)
- Force Validation: Acceptance Criteria Walkthrough
-
Solution Scope
Define integrations, analytics modules, alert calibration, reporting outputs, responsibilities, and acceptance criteria.
Scope Configuration
- Deploy real-time data ingestion pipeline
- Integrate EHR feeds (HL7/FHIR) into platform
- Integrate laboratory information system feeds
- Connect emergency department syndromic feeds
- Onboard vital statistics and mortality records
- Configure disease detection algorithms
- Calibrate alert thresholds with epidemiologists
- Deploy geographic cluster and heatmap analysis
- Enable automated case notification workflows
- Activate trend forecasting and projection models
- Generate CDC-format automated reports and exports
- Deploy role-based access and permission sets
- Deliver user training and administrator onboarding
Scope Questions
Deploy real-time data ingestion pipeline
- Which data sources do you want included in the real-time ingestion pipeline initially?
- What is your required maximum end-to-end latency for ingested records (from source generation to platform availability)?
- Estimate average and peak record throughput to ingest (records/day or messages/minute). Include typical and peak periods.
- Which transport/security protocols must ingestion support?
- Are there existing ETL/connectors in your environment we should reuse or replace?
- Who will own operational monitoring and first-line troubleshooting for ingestion (customer team, vendor, shared)?
Integrate EHR feeds (HL7/FHIR) into platform
- Which EHR vendors and versions are sending feeds (e.g., Epic, Cerner, Allscripts)? List all.
- Which message types and standards are required (HL7 v2 ADT/ORU, FHIR resources, CCD/CDA)?
- Do you require mapping of local codes to standard terminologies (LOINC/SNOMED/ICD)?
- Are there constraints on how patient-identifiable information (PII) is handled during ingestion and processing?
- Will we connect directly to hospital endpoints or through a state health exchange/intermediary?
- What is the expected timeline to complete one representative EHR integration (weeks)?
Integrate laboratory information system feeds
- Which laboratory systems/vendors will feed the platform (e.g., Sunquest, Cerner Millennium LIS)?
- What lab message types/timeliness are required (result messages, order messages, batch uploads)?
- Do lab results require LOINC/LOINC mapping, culture organism normalization, or complex result parsing?
- Are there reporting obligations tied to specific lab tests (e.g., reportable conditions) that require immediate routing to public health?
- Will lab feeds include patient identifiers required for case matching, or are they de-identified?
- Who is responsible for resolving data quality issues from lab feeds (submitter lab, agency, vendor)?
Connect emergency department syndromic feeds
- Which syndromic feed protocol and systems are in use (BioSense/ESSENCE, HL7 v2, CEDRS, other)?
- What syndrome definitions and chief complaint parsing rules should be applied initially?
- What geographic granularity is required for ED data (facility, ZIP, county, census tract)?
- What are acceptable latency and allowable data gaps for syndromic inputs?
- Are there triage or chief-complaint fields that require custom NLP or mapping?
- Do you need automated case flagging from ED feeds for certain conditions (e.g., opioid overdoses, respiratory clusters)?
Onboard vital statistics and mortality records
- Which vital records systems/formats are used (electronic death registration system, flat files, HL7)?
- What is the expected reporting lag for mortality records and do you require provisional vs final data separation?
- Are death certificate fields standardized or do they require mapping (cause of death free text, ICD mapping)?
- Do you require lineage and linkage to other datasets (e.g., match to hospital admission or lab result)?
- Are there legal or consent constraints for mortality datasets we should be aware of?
- Who will verify completeness and accuracy of onboarded vital records (agency analyst, vendor, third party)?
Configure disease detection algorithms
- Which conditions or syndromes should be prioritized for detection in this phase?
- Do you have formal case definitions or surveillance definitions that algorithms must use?
- What sensitivity vs specificity balance is desired (favor earlier detection with more alerts vs fewer high-confidence alerts)?
- Are there historical datasets available to train or validate algorithms? If so, please indicate size and period.
- Do detection algorithms need to be explainable/auditable for public reporting or legal review?
- Who will approve algorithm updates and how frequently can thresholds/models be adjusted?
Calibrate alert thresholds with epidemiologists
- Which agency epidemiologists or SME groups should be involved in calibration workshops?
- What historical baseline period should be used for threshold calibration (e.g., 3 years, pandemic years excluded)?
- What target alert load is acceptable (alerts/day or alerts/week) to avoid alert fatigue?
- Should calibration produce tiered alert levels (e.g., advisory, watch, action) and what escalation paths map to each?
- Will calibration sessions be sandboxed on historical data or require live tuning with production feeds?
- What acceptance criteria define a successfully calibrated threshold (false positive rate, detection lead time, analyst sign-off)?
Deploy geographic cluster and heatmap analysis
- What spatial resolution is required for clustering/heatmaps (facility, ZIP, census tract, block)?
- Do you have existing shapefiles or GIS boundaries to upload, or do we source them?
- Are there privacy constraints limiting display of small counts in maps (e.g., suppress counts <5)?
- Should cluster detection use spatial-only methods, spatiotemporal methods, or both?
- What interactive features are required (drill-down, timeframe slider, exportable maps)?
- Who will maintain GIS layers and boundaries after deployment (agency GIS team, vendor, shared)?
Enable automated case notification workflows
- What trigger events should initiate automated notifications (new case, threshold crossed, cluster detected)?
- Who are the intended notification recipients and preferred delivery methods (email, SMS, EHR alert, webhook)?
- What content and data fields must be included in notifications, and are there PII restrictions?
- Should notifications include links to case details in the platform, or only summary information?
- Do notifications require audit logging and acknowledgement tracking (who received and who acted)?
- Are there SLA or timeliness requirements for notification delivery (e.g., within X minutes)?
Activate trend forecasting and projection models
- What forecasting horizons are needed (1-2 weeks, 4 weeks, seasonal forecasts, scenario projections)?
- Which outputs do you need from models (case counts, hospitalizations, ICU demand, percent positivity)?
- Do models need to incorporate external covariates (mobility, weather, vaccination rates)?
- What level of model explainability or uncertainty quantification is required for decision-making?
- How often should forecasts be refreshed and redistributed?
- Will forecasts be used for public reporting or internal planning only?
-
Mutual Commit
Finalize commercial, data-sharing, compliance, SLA terms, and governance responsibilities required for launch.
Agreement Modules
- Non-Disclosure Agreement (NDA)
- Master Services Agreement (MSA)
- Statement of Work (SOW)
- Data Use & Sharing Agreement (DUA/DPA)
- Business Associate Agreement (BAA)
- Service Level Agreement (SLA)
- Security & Compliance Attestation
- Acceptance Criteria & Go-Live Signoff
- Governance & Roles Agreement
- Integration & Third-Party Connector Addendum
- Payment & Funding Schedule
- Change Order & Scope Management
- Reporting & Federal Submission Addendum
- Termination & Transition Plan
-
Deployment
Operationalize rollout with readiness checks, enablement, and outcome validation.
-
Pre-Deployment Readiness
Confirm data access, feed reliability, environments, owners, and risk controls are in place before execution.
Readiness Questions
Quick Intro — Tell Us About Your Surveillance Program
- What is your role and main responsibility for surveillance in your jurisdiction?
- How many people are actively involved in day-to-day surveillance work on your team?
- Which systems do you currently rely on as primary data feeds (select all that apply)?
- How frequently do you need near-real-time visibility for priority signals?
- What single outcome would make your surveillance team feel the program is succeeding?
- Tell us briefly about your most recent surveillance success or near-miss (what happened and why it mattered).
Are You Settling for Noisy Signals?
- If you had to estimate: how many alerts does your team receive on an average day that require human review?
- Which types of alerts generate the most noise or false positives for you?
- Walk us through a recent false-positive alert—what triggered it, who investigated, and how long did it take to close?
- Who on your team currently owns triage and how sustainable does that feel?
- How does alert fatigue affect staff morale or their ability to respond to high-priority events?
- What would you accept as a reasonable trade-off between sensitivity (catching everything) and specificity (fewer false alarms)?
What’s Really Keeping You Up at Night?
- What single surveillance failure—real or hypothetical—would have the most severe consequences for your jurisdiction?
- How worried are you about missing emergent signals because of data gaps or delayed reporting?
- Describe a time when reporting requirements (state or federal) created undue strain on your team—what was most painful?
- How do funding and staffing cycles influence your ability to sustain surveillance improvements?
- Who or what is your single biggest internal obstacle to faster detection and reporting (technology, policy, people, vendor contracts, other)?
Where Does the Data Break Down?
- Which feeds are most unreliable today and how does that unreliability show up (latency, missing fields, format changes)?
- How do you currently receive data from partners—API, SFTP, HL7, manual uploads, or other?
- Who holds the keys to data access and can grant new integrations quickly?
- When data quality issues arise, what’s your typical troubleshooting path and how long does it take to resolve a serious problem?
- Which data elements do you consider non-negotiable for case detection (e.g., specimen date, unique patient ID, facility identifier)?
- How long have you been tolerating the most persistent data quality issue, and what attempts have been made to fix it?
If You Could Snap Your Fingers, What Would Change Tomorrow?
- Imagine perfect detection and reporting—what is the first thing your leadership would notice differently?
- Which performance metric would make you feel confident we had improved detection (time-to-detection, false-positive rate, percent completeness, other)?
- How much faster would you need to detect an outbreak for it to change actions on the ground (minutes, hours, days)?
- If analytics could automatically reduce triage time by 50%, what would your team reallocate that time toward?
- What political or organizational wins would you gain from delivering those improvements?
What Stops a Pilot from Becoming Everyday Practice?
- When pilots have stalled in the past, what was the single most common cause?
- Who needs to sign off for a new integration or change in workflow (list specific roles or committees)?
- What timeline constraints are non-negotiable for you (e.g., legislative sessions, grant deadlines, federal reporting cycles)?
- Which governance or data-sharing agreements would we need before work can begin?
- What has helped a prior pilot transition successfully to production—concrete steps, not abstract ideas?
How Will We Know This Is Working?
- Which 3 KPIs would you require in a launch acceptance checklist?
- What are your minimum acceptable SLA targets for data latency and uptime?
- Who signs the formal acceptance and what evidence do they expect to see (runbooks, end-to-end tests, sample reports)?
- Describe one end-to-end test scenario you would want executed before go-live (include data source, expected signal, and reporting output).
- How often should we plan to review and recalibrate alert thresholds after launch?
People, Training, and Who’s Responsible
- Who will be the day-to-day product owner from your side and who is the executive sponsor?
- How comfortable is your team with advanced analytics and parameterizing thresholds themselves?
- What training format works best for your staff—live workshops, hands-on sessions, train-the-trainer, or self-paced modules?
- How do you handle staff turnover and knowledge transfer for critical surveillance roles today?
- Who should be on the on-call rotation for triage once we launch, and how quickly must someone respond?
- What would make your users feel confident adopting a new platform rather than sticking with spreadsheets and legacy tools?
Data Risk and Compliance — Where Are Your Red Lines?
- Which legal or compliance constraints must we design around from day one (PHI restrictions, state law, CDC stipulations, retention rules)?
- How comfortable are you with vendor-hosted environments versus on-premise or state-hosted solutions?
- What encryption, access control, or auditing capabilities are non-negotiable for your legal team?
- Have you previously run a security or privacy review of an external analytics vendor—what took the longest or was most painful?
- What interim risk controls (e.g., limited datasets, role-based views) would make you comfortable proceeding faster?
-
Deployment Enablement
Coordinate tasks, timelines, and teams to execute integrations, threshold calibration, and user onboarding.
-
Validation Checklist
Verify acceptance criteria, run end-to-end case flows, and confirm alert performance and reporting accuracy.
Validation Questions
Getting to Know Your Surveillance World
- Tell us your title, team, and what you own day-to-day in surveillance operations.
- Which data sources are central to your situational awareness right now?
- How often do those feeds typically update and how reliable are they?
- Describe a recent day when surveillance felt like it was working well — what was happening and who benefited?
- Who are the primary internal and external stakeholders you must satisfy with surveillance outputs?
- What’s the single immediate outcome you need from your surveillance system that would make your job measurably easier this quarter?
Are We Missing the Quiet Things That Matter?
- Tell us about the last time something important slipped through the cracks — what did you miss and why?
- How was that gap discovered, and who raised the alarm?
- When such misses occur, which consequences worry you most?
- How quickly do you aim to detect an unusual signal versus how quickly you actually do today?
- What specific data quality or pipeline issues most often contribute to missed signals? Give concrete examples if possible.
Where Alert Noise Is Costing You Sleep
- How often do alerts pull your team away from higher-value public health work?
- Estimate the average time your team spends triaging false or low-value alerts per week.
- Which types of alerts generate the most noise for you?
- Tell us about a recent high-volume alert period — what triggered it, how long did it last, and what was the operational impact?
- When balancing false positives against false negatives, which is your team culturally more willing to tolerate?
- What would meaningfully reduce alert fatigue for you tomorrow (a process change, a technical feature, staffing adjustment)?
Who Holds the Pieces When Things Break?
- If a critical feed goes dark at 2 a.m., who in your network is expected to notice and act?
- Describe your current data-sharing agreements or MOUs and any restrictions that regularly slow integrations.
- Which compliance, legal, or governance checkpoints have historically caused the longest delays?
- How frequently does staff turnover or shifting responsibilities disrupt surveillance continuity and institutional knowledge?
- Who do we need explicit buy-in from internally and externally for a successful integration, and how have you best engaged them in the past?
If You Could Redesign One Thing Overnight
- If you could wave a wand and change one aspect of your surveillance stack overnight, what would it be and why?
- Which analytic capabilities would deliver the quickest operational wins for your team?
- What are your non-negotiable reporting outputs for federal partners and how strict are their formats?
- How important is the ability to configure alert rules yourself versus relying on vendor-supplied algorithms?
- What timeline would feel realistic for delivering an initial meaningful capability (pilot) in your setting — weeks, months, or more? Please explain the constraints.
What’s Stopping Faster Wins?
- What's the single stubborn obstacle that repeatedly keeps projects from moving into production in your jurisdiction?
- Which of these is most often the gating constraint for deployment in your experience?
- Have you tried workarounds before (manual processes, ad hoc scripts, third-party tools)? Which yielded partial success and why did they stall?
- How does the reduction or end of pandemic-era funding affect your appetite for phased / low-cost pilots versus full deployments?
- If we could remove one blocker for you in the next 30 days, which would it be and how would that change outcomes?
What Would Make You Confident to Say Yes to a Pilot?
- What specific evidence would you require to confidently onboard a vendor for a pilot in your jurisdiction?
- What acceptance criteria must be met before you’ll sign off on a pilot or production cutover?
- Which end-to-end test cases should we run together to prove the system’s reliability and value?
- Which performance targets matter most to you (pick up to three)?
- How do you prefer to receive results and feedback during a pilot (formats, cadence, and owner)?
Emotions, Risks and Long-Term Partnership
- How worried are you about reputational, political, or public-facing risk if the system issues inaccurate or noisy alerts?
- When an alert leads to a public message, who typically signs off and what is the approval timeline?
- How would you like a vendor to support communications or mitigate risk if a false alert goes public?
- What would a successful long-term analytics partnership look like to your leadership? Summarize the top 3–5 expectations.
- How often would you want joint reviews and tuning after launch to feel both safe and efficient?
- Is there anything about your team’s readiness, unspoken concerns, or definition of success we haven’t asked that would change how we design the pilot?
-
-
Success
Confirm outcomes, schedule ongoing analytics tuning, and maintain a shared channel for issues and enhancements.
Success Reviews
- Success Outcomes Review
- Analytics Tuning & Calibration Planning
- Operational Escalation & Shared Channel Setup
- Enhancement Prioritization & Roadmap
- Quarterly Performance Review (QPR) / Continuous Improvement Checkpoint
Issues & Enhancements
- Assign clear owners and acceptance criteria for each roadmap item.
- Agree on measurable tuning objectives aligned to operational impact.
- Set a concrete tuning cadence and assign session owners and participants.
- Specify required prework/data and the playbook to ensure data-driven tuning sessions.
- Establish governance for who can approve and deploy calibration changes.
- Publish the tuning playbook and initial 6-month calendar with session owners.
- Prepare and share required datasets and retrospective case sets ahead of the first tuning session.
- Configure change controls and rollback procedures in the deployment pipeline.
- Communication Needs Overview
- Create and approve a shared, auditable communication channel for operational issues and enhancements.
- Agree on incident severity definitions, response SLAs, and escalation paths.
- Ensure access, integrations, and audit requirements are met for compliance.
- Provision the shared channel, add members, and configure integrations to ticketing and monitoring.
- Publish the channel charter and escalation workflow to stakeholders.
- Create the initial on-call roster and handoff calendar entries.
- Backlog Review (validated items only)
- Produce a prioritized, timeboxed roadmap for the next 3–6 months tied to measurable outcomes.
- Opening & Objectives
- Identify quick wins to reduce operational risk or alert fatigue immediately.
- Publish the prioritized roadmap and backlog in the shared tracking tool.
- Schedule pilot work for the top 1–2 prioritized enhancements and assign owners.
- Define measurement plans and required dashboards for each enhancement.
- Executive Summary of KPIs & Trends
- Validate sustained value and surface strategic risks or opportunities.
- Ensure analytics and operational plans remain aligned with policy and reporting requirements.
- Set clear priorities and owners for the next quarter with measurable targets.
- Produce the QPR report and distribute to agency leadership and CDC contacts.
- Update the roadmap to reflect agreed next-quarter priorities and owners.
- Schedule the next QPR and ensure necessary data pulls and analyses are prepared in advance.
- Formally confirm which acceptance criteria are met and which require further work.
- Demonstrate with real cases that the system produces the intended detection and reporting outcomes.
- Obtain stakeholder sign-off or a documented list of remediation items and owners.
- Capture quantified consequences for any unmet criteria (impact on detection, reporting, or resources).
- Produce a short sign-off document listing passed criteria, open gaps, owners, and due dates.
- Log remediation items into shared backlog with severity and planned delivery window.
- Share artifacts (KPI dashboards, case replay exports) used in the validation for audit and compliance.
- Recap of Performance Gaps
- Current State (one-sentence)
- Define Channel Charter & Access
- Define Tuning Objectives & Success Metrics
- Deep-Dive: Notable Anomalies & Root Causes
- Prioritization Criteria & Scoring
- Consequence Summary
- Draft 3–6 Month Roadmap
- Impact Assessment
- Incident Escalation Workflow
- Tuning Cadence & Session Format
- Quick Wins vs Major Platform Changes
- Required Data & Prework
- Enhancement Request Process & SLAs
- Outcomes vs Acceptance Criteria
- Policy/Regulatory Changes & Required Analytics Adjustments
- Measurement & Acceptance for Enhancements
- On-call / Contact Roster & Rotation
- Live Validation: Representative Case Runs
- Resource & Risk Review
- Governance & Decision Authority
- Stakeholder Confirmation & Sign-off
- Tool Integrations & Audit Logging
- Confirm Owners and Communication Plan