BACKGROUND: The National Syndromic Surveillance Program (NSSP) initiated the ESSENCE/SAS pilot to examine selected BioSense 2.0 data processing rules and test specific tools that would be made available on the BioSense Platform. The pilot sought to: 1) conduct security testing of SAS and ESSENCE in order to identify vulnerabilities; 2) test and improve a limited set of processes that occur before data are transformed; and 3) conduct testing of ESSENCE’s functions to ensure the tool worked as intended, and that it will meet user needs.
METHODS: CDC engaged eight jurisdictions and two federal agencies via weekly calls and project activities from December 3, 2014- May 15, 2015. Jurisdictions provided feedback and recommendations on outputs generated by CDC including process to clean-up the master facility tables, analyzing data elements, assessing the current data landscape and flow, and collapsing of records into visits. Simultaneously, installation, vulnerability, and remediation scanning of SAS and ESSENCE took place. The jurisdictions then assessed ESSENCE’s functions, data sharing and permissions, usability, and user satisfaction. Data views and data sharing permissions were preset by CDC. Users were provided with a use case to test different system features. Users recorded their answers on an online survey and follow-up in-depth interviews were conducted to gain greater understanding of users’ overall experience.
RESULTS: ESSENCE successfully completed vulnerability scanning, and users had a good experience using the tool. It provided flexibility to streamline data workflows, customize data views, share analyses with others, and generally meet the functional needs of users. Data processing flow and rules that send data to different tables, views and transport mechanisms were identified. The users also identified process changes helpful towards populating key data fields, and specific fields that should be included in the master facility list. Some weaknesses were also identified. SAS had three occurrences of high vulnerability that needed remediation. ESSENCE has no data sharing control for local administrators, data sharing and data source identification were not intuitive, and there was a learning curve for new and intermediate users.
CONCLUSIONS: The pilot proved successful in providing suggestions for specific actions. These include data clean-up, developing a new data staging environment, developing a local administration tool for data access control for ESSENCE, alpha and beta testing of ESSENCE and SAS, and technical assistance and training for transitioning jurisdictions.