Search tips
Search criteria 


Logo of pubhealthrepPublic Health Reports
Public Health Rep. 2009; 124(Suppl 2): 98–102.
PMCID: PMC2775406

Use of a Business Approach to Improve Disease Surveillance Data Management Systems and Information Technology Process in Florida's Bureau of STD Prevention and Control

Stacy A. Shiver, BA,a Karla Schmitt, PhD, MPH, ARNP,a and Adrian Cooksey, MPHa


The business of sexually transmitted disease (STD) prevention and control demands technology that is capable of supporting a wide array of program activities—from the processing of laboratory test results to the complex and confidential process involved in contact investigation. The need for a tool that enables public health officials to successfully manage the complex operations encountered in an STD prevention and control program, and the need to operate in an increasingly poor resource environment, led the Florida Bureau of STD to develop the Patient Reporting Investigation Surveillance Manager. Its unique approach, technical architecture, and sociotechnical philosophy have made this business application successful in real-time monitoring of disease burden for local communities, identification of emerging outbreaks, monitoring and assurance of appropriate treatments, improving access to laboratory data, and improving the quality of data for epidemiologic analysis. Additionally, the effort attempted to create and release a product that promoted the Centers for Disease Control and Prevention's ideas for integration of programs and processes.

Historically, information technology (IT) projects such as application development efforts have suffered uncomfortable failure rates and cost overruns. In its 1995 Chaos Report,1 the Standish Group showed that 31% of projects were canceled before they ever were completed. Additionally, the report indicated that 53% of IT projects had costs that exceeded 189% of their original estimates. Twelve years later, in 2007, the Gartner Group (one of the world's leading IT research and advisory companies) estimated that nine out of 10 organizations2 would fail in their first year unless they approached information management in a coordinated, enterprise manner. The “enterprise” perspective is one that views the interrelationship between systems and functions across the entirety of the organization. For sexually transmitted disease (STD) programs, the continued rescissions in federal funding sources coupled with reductions in revenue from state and local governments have impacted investments in critical technology infrastructure needed to support operations.


STD program business processes are complex, and STD prevention and control programs are responsible for addressing a wide array of public health goals, such as reducing the impact of STDs, identifying and responding to reproductive health problems, managing core business processes, improving availability and access to services, and increasing adoption of responsible sexual behavior (Figure). Employees of the program are required to have a working knowledge of the epidemiology of disease, training in the intervention techniques that address both the original client and the client's sexual contacts, complex analytical skills, and the ability to process large volumes of information associated with disease investigation. These requirements demand IT that promotes achievement of business goals, improves accessibility to valuable resources, supports decisions in a timely manner, provides fast and accurate information processing, and enables planners to align the program's activities with its business goals and objectives.

Mapping of STD program business goals and processes, Florida Bureau of STD Prevention and Control

Investment in technology to fully support STD-specific business activities involves some risk because of the influence of both the complexity of those activities and the resource constraints that are often faced by STD programs, which are heavily invested in service delivery.

However, because the operations of a modern STD prevention and control program rely heavily on the effective integration of technology to support business processes, the development of a computer-based system that is able to manage these activities is necessary for efficient execution of public health activities.

Previous attempts to provide technology support for the business needs of an STD program have produced mixed results. The Centers for Disease Control and Prevention's (CDC's) National Electronic Disease Surveillance System (NEDSS),3 Program Area Modules (PAMs),4 Public Health Information Network (PHIN),5 STD Management Information Systems (STD*MIS),6 Human immunodeficiency virus (HIV)/Acquired immunodeficiency syndrome (AIDS) Reporting System (HARS),7 and electronic HIV/AIDS Reporting System (eHARS);8 the Virginia Department of Health's Program Evaluation Monitoring System (PEMS);9 and myriad other smaller initiatives have complicated individual program efforts to enable technology to provide comprehensive support. Examples such as HARS, PAMs, PEMS, and STD*MIS are reflective of application development for specific diseases. Many of the current efforts continue this silo approach to application development. These efforts are not interoperable with one another, their structure and language make interfaces expensive and time-consuming, and they are often disease-focused rather than patient-focused solutions. The introduction of private vendors and costly commercial-off-the-shelf (COTS) applications have added to the mixed bag of technical solutions considered. In many cases, it is difficult to navigate the balance between costs and technology that best suits the existing need.


Faced with the challenge of providing technology support for the business needs of its STD prevention and control program, the Florida Bureau of STD in 2002 embarked on an effort that was intended to meet its existing needs, support future growth, and introduce a different potential paradigm for governmental IT efforts. Tapping a grant from the CDC-funded Outcome Assessment through Systems of Integrated Surveillance (OASIS) workgroup, the Florida Bureau of STD divided its technology development effort into two very distinct but related phases.

The first phase was to clearly build and document a business case, using business process reengineering (BPR) techniques under the Rational Unified Process (RUP). RUP is a methodology used to document the business requirements for software development, document the associated workflows involved in the business conducted, and translate those into codes that are part of the application development process. It is during the documentation phase that BPR allows for the review and discussion of existing processes and the introduction of improvements to those processes that would benefit the program. The BPR phase is an opportunity to ensure that any efficiency in workflow can be introduced and supported by the application being developed. The second phase was to build an application founded on the business case, using commonly available technology and adaptable for use in other states.

During the BPR phase, we made extensive efforts to document all business processes involved in an STD program. Those efforts included documentation of activities that were collaborations with other programs (such as HIV, tuberculosis, and hepatitis B programs). Such collaborations are critical to the provision of quality care to all clients. Beyond the documentation, these processes were examined carefully at both a macro and micro level to identify points of potential improvements both in the business processes themselves and in the possible application of automation for improved efficiency and outcome. This process made use of the experience and knowledge of other participants in the OASIS workgroup who had clearly identified the need for integration of disease information to better identify the affected populations and better serve the individuals affected by co-infections with two or more STDs or with an STD and another disease such as HIV or hepatitis B.

The OASIS workgroup provided further input into the documentation of uniform definitions and terminology used by the STD program with the goal to create an STD business glossary. This process provided a more uniform understanding for both the business experts and for the IT staff involved in design and development. These efforts were shared with critical partners such as laboratories, county health department clinics, and partners such as HIV/AIDS programs. Through collaboration in this process, a more uniform set of documentation was developed for processes outside of STD operations that impact the business of STD programs. At the conclusion of the BPR phase, the Bureau of STD had documented a complete organizational-level understanding of its own business processes as well as the interrelationship between the Bureau and outside partners, and produced valuable documentation that provided a more uniform understanding of critical concepts that influence the quality of services and care the program provides.

The second phase, design and development, was built on the solid foundations of the earlier BPR phase. During this phase, the Bureau took an iterative approach to development to promote the ongoing cyclical process of development, test, and validation with the goal to produce the best application possible for the business environment. With an eye toward future demands and the need for sustainability, this phase included design decisions such as the use of SQL 200510 as its database technology, the use of the Microsoft®.NET11 application language, a Web-based application design, a thin client, and centralization of all data for statewide use. With the use of OASIS funding along with other sources, the design and development phase produced the Patient Reporting Investigation Surveillance Manager (PRISM), which was deployed in February 2007 in Florida both on time and within budget.

The application provided alignment of business needs with appropriate automation and the introduction of key features to positively influence the health outcomes of the clients served by the STD program. Some of these features included:

  • Integration of electronic laboratory reporting and automated processing of these records.
  • Validation of addressing by Accumail12 to ensure the highest quality U.S. Postal Service addresses in support of geographic information systems efforts. Accumail is a commercially available address database that is updated quarterly for all addresses in the United States.
  • Introduction of workflow and business intelligence to support tasks performed by users of the application.
  • Introduction of task lists for each user to manage workloads and monitor activities through the established organizational hierarchy.
  • Accessibility through wireless and mobile devices such as the Blackberry™.
  • Incorporation of critical data such as HARS for use by field operations.
  • Organization of related information into distinct areas to improve access.
  • Analysis of data, and generation and dissemination of reports.

Important technical documentation, specifications, and conversion queries used in the migration from the legacy STD application (STD*MIS) to the new PRISM environment added value to the design and development phase.


Florida's PRISM effort is significant both from the perspective of its impact on STD program core business processes and from a technical perspective. The use of automation for STD program core business functions such as investigations, case management, and surveillance introduced efficiencies and operational improvements. For example, surveillance processes within PRISM are in real time, and its centralization of databases enables comprehensive views of clients from across the state. The PRISM application's automated quality assurance review process, ability to report and analyze data in real time, access to data from summary to detailed view, and incorporation of external datasets are all components that strengthen core surveillance.

In several respects, the development of the PRISM application was a success story in the effective use of technology to best serve the business needs of an STD program. Integration of electronic laboratory reporting to improve surveillance and automate data entry, incorporation of the HARS data for expanded holistic perspectives of the individual client, individualized workload assignments and tracking through automated task lists, workflow automation similar to the automatic generation of field records for named partners, and edit checks to support good case definitions and appropriate treatment for the diagnosed diseases are all examples of the use of the technology to support business needs of the STD program.

Beyond its service to the STD program, PRISM represents a break from traditional efforts and introduces an opportunity to build on a shift in governmental IT efforts in the U.S. The familiar paradigm of application development is normally limited to the requirements specific to a single business unit or program. In addition, most efforts are unable to share beyond their own borders or organizations. PRISM is different. PRISM represents a shift into a more open-source approach to governmental IT. Open source is a commonly recognized approach that removes the proprietary ownership of applications and introduces a more collaborative or shared ownership. The Florida Bureau of STD offers all PRISM application code, all documentation, tools useful to convert data to a PRISM-friendly format, and databases to any public health program or governmental organization that wishes to use it. PRISM was licensed under the General Public License.13 The Florida Bureau of STD copyrighted PRISM to protect any effort on the part of private industry to take the PRISM application and repackage it for sale to other public health programs. A miniature repository was created on an FTP site to host all this information for easy access by any interested party.

Through the use of commonly available architecture and software development tools, the PRISM effort removed the proprietary nature of COTS efforts. It empowers interested parties to utilize their own IT resources or commonly available consultants with these skills to adopt, modify, and implement PRISM to best fit their needs. Other states adopting the application see PRISM as an opportunity to include other diseases and expand its role in their infectious disease programs.

The architecture is also compatible with many infrastructures through the use of integration services and is interoperable with similar architecture for expanded operability of the application in enterprise environments. The Bureau plans to evaluate the cost efficiencies, performance improvements, and changes to health indicators that may have resulted from use of the PRISM application.


With the introduction of PRISM and its associated open-source approach, the Florida Bureau of STD sought to introduce the possibility of more collaborative development efforts that serve the business needs of STD and other public health programs, and introduce cost savings associated with those efforts. For example, as enhancements are made to the application either by the Florida Bureau of STD or another program that adopts PRISM for its own use, these new enhancements and modifications are documented and the associated code and architecture are made available for others to use. In this way, STD programs can save development costs by being able to pick and choose the applicable parts of the PRISM system that they wish to use to support their business. This collaborative approach can reduce the cost associated with independent development.

As with any new application, deployment and use of the program stimulate ideas for improvements over time. The Bureau will increase the focus on usability improvements that are based on user requests as part of the natural evolution of the application. We will place a renewed focus on increasing the application's epidemiologic analysis capacity. Implementation of an interface that provides selective users the ability to customize reports or generate data tables for more in-depth analysis is an example of one improvement in the near future. Utilization of the benefits of collaboration and a commitment to meet the needs of an ever-changing environment are guideposts to the future.


PRISM represents a new opportunity in governmental IT. Collaborative efforts can build better systems, reduce costs associated with development, and enable our public health IT efforts to fulfill their objectives to improve quality of care and reduce operational costs through adaptive automation. One can envision a growing community of IT resources that share their efforts, lessons learned, and expertise to improve health-care IT. Collaboration can enhance existing efforts to build functional standards and empower the use of IT resources within the communities most familiar with the business needs. Opportunities for innovation and a better understanding of the business of STD prevention and control are excellent examples of the outcomes of projects such as OASIS.


1. The Standish Group. The Standish Group report: chaos report. 1995. [cited 2008 Oct 3]. Available from: URL:
2. Nine out of 10 failure rate due to poor information management. 2007. Oct 30, [cited 2008 Oct 3]. Available from: URL:
3. Centers for Disease Control and Prevention (US) National electronic disease surveillance system. [cited 2008 Oct 3]. Available from: URL: BusinessDiscoveryStatement1_2.pdf.
4. CDC (US) Business discovery statement: NEDSS base system and program area modules. 2002. Mar 9, [cited 2008 Oct 3]. Available from: URL:
5. CDC (US) Public Health Information Network (PHIN) [cited 2008 Oct 7]. Available from: URL:
6. CDC (US) Sexually transmitted diseases: STD*MIS. [cited 2008 Oct 7]. Available from: URL:
7. CDC (US) HIV/AIDS statistics and surveillance. [cited 2008 Oct 7]. Available from: URL:
8. National Alliance of State and Territorial AIDS Directors. NASTAD statement on HIV/AIDS surveillance, May 22, 2002. [cited 2008 Oct 7]. Available from: URL:
9. Virginia Department of Health, Office of Epidemiology, Division of Disease Prevention. Program Evaluation and Monitoring System (PEMS) [cited 2008 Oct 3]. Available from: URL:
10. Microsoft Corp. SQL 2005: Version 9.0. Redmond (WA): Microsoft Corp; 2005.
11. Microsoft Corp. Microsoft® .NET Framework: Version 3.0. Redmond (WA): Microsoft Corp; 2006.
12. Datatech SmartSoft Inc. Accumail Gold. Agoura Hills (CA): Datatech Smartsoft Inc.; 2007.
13. Open Source Initiative. GNU general public license versions. [cited 2009 Jun 22]. Available from: URL:

Articles from Public Health Reports are provided here courtesy of SAGE Publications