1. Security Posture
Go Live Command uses a defense-in-depth model adapted from the ConsultantVoice security platform patterns: secure session handling, CSRF protection, restricted security headers, role-based access control, audit logging, encrypted credentials, readiness gates, provider health checks, and incident response runbooks.
The app is built as a real-time implementation command platform. It separates staff intake, command center work, project management, field support, analytics, owner administration, and platform security permissions.
2. Healthcare Boundary
Go Live Command can support hospital go-live operations, ATE support, access/security routing, IT/device dispatch, EVS/EBS facilities support, analyst escalation, training workflows, and executive reporting.
Go Live Command does not provide clinical decision support and must not store PHI. Operational request fields are designed for role, unit, category, symptom, urgency, location or callback point, device/workstation identifier, and non-PHI notes.
Industry Operations Boards (Restaurant, Retail, Mall, Pharmacy, Airline) inherit the same operational-text guards. Pharmacy boards capture queue metadata and workflow training status only — never prescription contents, drug names tied to patients, or patient identifiers. Tests enforce the no-PHI and no-payment-card rules across these boards.
Group Chat inherits the attachment domain allowlist (with a 5MB inline attachment cap) and runs messages through the operational-text validator. Soft-deleted chat messages are preserved in the audit log even though the in-thread view is removed.
3. Identity and Access
Customer deployments should use SSO/OIDC, MFA or passkeys where available, least-privilege roles, per-project activation, offboarding, session revocation, and custom permissions for consulting firm, hospital admin, command center, trainer, analyst, IT, access/security, EVS/EBS, ATE, and partner roles.
Staff entry can remain lightweight through QR, intranet links, kiosk/WOW launchers, hotline capture, ATE-assisted entry, or approved secure chat connectors.
4. Data Protection
Secrets and provider credentials are encrypted before storage. Audit metadata is scrubbed before persistence or monitoring. Production environments require strong session and encryption keys, database TLS, provider credentials, and configured production base URLs.
The Workforce Lifecycle Suite enforces PII redaction by permission: expense reasons and vendors are visible only to users with the manage_schedule capability. Self-approval guards are applied to open-shift claims, timesheet corrections, and recognition awards. Foreign-key constraints on creator and updater audit columns prevent orphaned authorship across workforce records.
The Training Center closed the auto-pass loophole for short-text quiz questions: short_text questions without an answer key require explicit instructor review before a learner can pass the gate.
Location intelligence is derived from approved project context, QR links, assignment, check-in, device/workstation mapping, network zone, MDM/NAC signal, or native presence. Raw tracking history is not required for the core workflow.
5. Notifications and Integrations
Native in-app notifications are available by default. Web/mobile push, email, Teams, Slack, SMS, WhatsApp Business, and other provider sends become live only after the customer-approved provider credentials, recipients, device tokens, and canaries are configured.
Available on request, customer-configured: SMS via Twilio. US SMS requires the customer's organization to complete A2P 10DLC Brand and Campaign registration with The Campaign Registry (typically 3–7 business days) and supply a verified sending number. Recipients must complete TCPA-compliant opt-in capture, which the platform records as a consent event in the audit log. Standard carrier messaging rates apply and may be billed to the customer or platform owner depending on contract.
Available with customer setup: SSO/SCIM (Okta, Microsoft Entra, Ping, OneLogin), Microsoft Forms, Microsoft Excel exports, ticketing handoff, workforce systems, object storage (S3 Object Lock for audit archive), SIEM forwarding, and per-vendor adapters listed in the Integrations console.
Adapter catalog honesty: integrations are represented in the console as Planned, Provider Approval Needed, Webhook intake, or Manual handoff. The current commerce integration is a generic signed commerce webhook bridge — HMAC-verified inbound only, with no unauthenticated webhook surface exposed. Customers are responsible for ensuring their commerce integrators do not push PHI or payment card numbers through that channel.
All provider sends go through an audited outbox and delivery-attempt log with retry, acknowledgement, timeout, and reroute behavior configured by customer policy.
6. Reports and Audit
Client report packs are operational-only: 2 PM update, end-of-shift report, interactions, resolved tickets, SLA, top issues, open risks, staffing productivity, issue themes, training gaps, and daily exports.
Every important action should create an audit event. Audit archive can be configured with write-once object storage and SIEM forwarding for offsite retention.
7. Production Readiness
Before client launch, admins should verify production database migrations, email gateway, SSO/OIDC, rate limiting, object storage, observability, signed staff intake links, provider credentials, role permissions, QR packets, routing queues, training, and report schedules.
The public health endpoint exposes database and production security configuration status without exposing secrets.
8. Incident Response
The compliance working set includes severity classification, containment, evidence preservation, credential rotation, subprocessor notification, customer notification, and breach-analysis procedures.
Regulated customers should keep signed BAAs, vendor security reviews, incident contacts, monitoring thresholds, and data-processing terms current before production rollout.