DeepSensi™ — Technical Publications WP-007 · v3.0 · July 2026 · print this page for a PDF copy

GERN: Privacy-Preserving Syndromic Surveillance from Ambient, Verification-Grade Clinical Documentation

Tomasz Jan Gomoła DeepSensi PBC, 8 The Green STE A, Dover, DE 19901, USA ORCID: 0009-0001-5222-6154 · [email protected]

Document: WP-007 · Version 3.0 · July 2026 Keywords: digital epidemiology, syndromic surveillance, k-anonymity, differential privacy, outbreak detection, collaborative surveillance, International Health Regulations


Abstract

Public-health surveillance has a latency problem and a signal problem. The systems that detect outbreaks earliest tend to rely on the noisiest inputs — search queries, social posts, over-the-counter sales — while the systems that rely on the cleanest inputs, laboratory-confirmed notifiable-disease reports, are the slowest. This paper describes GERN (Global Emergency Response Network), a syndromic-surveillance layer that resolves the trade-off from a different direction: it derives its signal from ambient clinical documentation that has already passed a verified diagnostic pipeline. In the DeepSensi Cognitive Medical OS, every encounter is documented by an autonomous scribe and every clinical assertion is checked by a multi-layer anti-hallucination cascade with a formally bounded error rate (WP-001). GERN consumes the de-identified residue of that process — structured syndromic feature vectors, never identities — and applies established spatiotemporal aberration-detection statistics to surface emerging clusters. The result is an outbreak radar with the timeliness of encounter-based signals and a signal quality closer to adjudicated clinical reasoning than to a keyword proxy. We specify the substrate, the privacy architecture (irreversible de-identification, k-anonymity with k ≥ 5, a pre-registered differential-privacy budget, and federation without raw-record movement), the detection methodology, and the governance model aligning GERN with the International Health Regulations (2005) and WHO collaborative-surveillance objectives. Consistent with our disclosure posture, we claim no outbreak-detection performance results in this paper: the evaluation protocol in §7 is prospective and pre-registered, and its metrics are forthcoming. The contribution here is architectural — a demonstration that credible, privacy-preserving early warning can be a by-product of clinicians simply doing their documentation.


1. Introduction

The economic and human cost of an epidemic is dominated by its earliest, most uncertain phase. The WHO 7-1-7 target — detect a suspected outbreak within 7 days, notify within 1, and mount an initial response within 7 — makes the detection interval an explicit, measurable objective of global health security [1]. Yet detection remains the hardest of the three terms to compress, because the surveillance instruments available to public-health authorities force an unhappy choice.

At one pole sit laboratory-confirmed, notifiable-disease systems: authoritative, specific, and slow. A pathogen must be suspected, sampled, cultured or sequenced, confirmed, and reported up a chain before it appears in the numbers. The signal is clean but arrives late. At the other pole sit proxy signals — search queries, social-media chatter, pharmacy sales, absenteeism. These are fast but treacherous. The canonical cautionary tale is Google Flu Trends, which was celebrated for tracking influenza from search behavior [2] and then, famously, drifted and overshot until it was retired — a failure now taught as the paradigm of "big-data hubris," in which a proxy that correlates with disease in one season decouples from it in the next [3].

Traditional clinical syndromic surveillance (for example EARS-family systems deployed after 2001, and emergency-department chief-complaint monitoring) sits between these poles [4]. It is faster than laboratory confirmation and more grounded than web proxies, but it inherits the coarseness of its inputs: free-text chief complaints and administrative billing codes are entered under time pressure, are inconsistent across sites, and describe a presenting symptom rather than a reasoned clinical picture. The signal is real, but it is thin.

GERN is built on an observation about where clean, timely clinical signal already exists but is thrown away. When a verified clinical-intelligence system documents an encounter, it does not merely record a chief complaint; it produces a structured, adjudicated clinical representation — the output of a multi-specialist deliberation whose every assertion has been checked against verified evidence and sealed in an audit trail (WP-001, WP-003). That representation is discarded, from a surveillance standpoint, the moment the visit ends. GERN's thesis is that its de-identified syndromic residue is the most valuable surveillance substrate available anywhere in the health system — and that harvesting it need impose no new burden on clinicians, no new reporting forms, and no compromise of patient privacy.

2. Background and related work

Notifiable-disease and indicator-based surveillance. The reference standard for confirmed public-health intelligence, governed nationally and coordinated internationally under the IHR (2005) [5]. High specificity, high latency.

Syndromic and event-based surveillance. Aberration-detection over pre-diagnostic indicators — emergency-department visits, chief complaints, telehealth triage. Statistical foundations include the Early Aberration Reporting System [4], the Farrington algorithm for automated outbreak detection in routine surveillance data [6], and the spatial scan statistic for cluster localization [7].

Digital and participatory epidemiology. The use of non-traditional, digitally mediated data for disease detection [8, 9]. This field produced both the promise (early influenza nowcasting) and the warning (Google Flu Trends' failure [2, 3]), and it established the methodological consensus that a proxy signal must be continuously re-grounded against clinical or laboratory truth to remain trustworthy.

Open-source epidemic intelligence. WHO's EIOS initiative and networks such as ProMED and HealthMap demonstrate the value of aggregating weak signals at global scale [8]; they also illustrate the noise burden of open sources and the human-analyst effort required to separate signal from rumor.

GERN is positioned deliberately against this literature. It is not a new proxy and not a new open-source scraper. It is a method for extracting a clinically adjudicated syndromic signal — the kind of signal digital epidemiology has always wanted and rarely had — while satisfying privacy constraints that clinical data ordinarily make prohibitive.

3. The GERN substrate: verification-grade documentation

The distinguishing property of GERN is not its detection mathematics, which are drawn from the established literature above, but the quality and provenance of the data those mathematics operate on.

Every encounter processed by the DeepSensi platform passes through the diagnostic architecture described in WP-001 and WP-003: a multi-specialist deliberation, an anti-hallucination verification cascade, and — where evidence is insufficient — a structured declaration of uncertainty rather than a fabricated conclusion. The documentation that emerges is therefore not a hurried chief complaint but a checked clinical representation, from which a compact, non-identifying syndromic feature vector can be derived: an anatomical/physiological pattern of presentation, its severity gradient, its temporal profile, and a coarsened spatial tag — and nothing that identifies a person.

Three consequences follow.

Property Web/search proxy Chief-complaint syndromic GERN (verification-grade)
Signal origin Population behavior Presenting symptom, free text Adjudicated clinical representation
Susceptibility to drift High (behavior decouples) Moderate (coding variance) Low (grounded per-encounter in verified evidence)
Latency vs laboratory confirmation Days earlier Days earlier Days earlier, at encounter time
Specificity of syndrome Low Moderate High (structured, deliberated)
Privacy exposure of raw input Low (public) High (PHI) Neutralized by architecture (§4)

The middle claim — that the signal resists drift — deserves care. GERN does not eliminate the fundamental problem digital epidemiology identified; no surveillance signal is drift-proof. What GERN changes is the re-grounding cost. Because each contributing encounter is individually anchored in verified clinical evidence at the moment it is created, the aggregate signal is re-grounded continuously and by construction, rather than periodically re-fitted against an external truth series. This is a structural advantage, not a guarantee, and §7 treats it as a hypothesis to be tested prospectively, not a result.

4. Privacy architecture

GERN is subject to a non-negotiable constraint: it must produce population-level early warning without ever exporting, storing, or reconstructing patient identity. It inherits the de-identification engine specified for the platform's compassionate-access system (WP-006) and adds surveillance-specific controls.

Irreversible de-identification at source. Before any feature vector enters the surveillance layer, direct and quasi-identifiers are removed by the platform's multi-category detection-and-redaction engine (personal names, contacts, identifiers, and checksum-validated national identifiers, with a curated safe-list that preserves clinically essential eponyms). Identity is stripped at the point of documentation; it is not "protected" downstream, because it is never present downstream.

k-anonymity in space and time. No syndromic observation is ever surfaced, alerted on, or shared below an aggregation threshold of k ≥ 5 contributing encounters within the relevant spatiotemporal cell. Geographic tags are coarsened to a resolution that preserves epidemiological usefulness while precluding re-identification; cells that fail the k-threshold are suppressed or further coarsened rather than reported [10].

Formal differential-privacy budget. Aggregate counts and rates released to any consumer are perturbed under a pre-registered differential-privacy budget [11], so that the presence or absence of any single encounter cannot be inferred from released statistics. The budget is fixed and auditable; this paper does not disclose its numerical parameters, which are an operational matter, but it discloses the guarantee and its pre-registration.

Federation without raw-record movement. Across participating sites and jurisdictions, GERN exchanges only privacy-protected aggregate signals — never raw records. Detection can run at the edge, and data sovereignty is preserved by default: a country's clinical data need never leave the country for that country's outbreaks to be seen. Node contributions are weighted for reliability, and cross-node conflicts are reconciled at the aggregate level.

Audit coverage. Every de-identification, aggregation, and release step is sealed into the same court-grade, independently verifiable audit trail that governs the rest of the platform, including verification against the operator (WP-001, DSS-001).

The design principle is the platform's throughout: privacy is not a policy layered onto the data; it is a property of how the data is constructed.

5. Detection methodology

GERN's detection stack is intentionally built from peer-reviewed, public-domain statistics, so that its alarms are interpretable and defensible to public-health analysts.

Temporal aberration detection. Per-syndrome, per-region counts are monitored with established algorithms — cumulative-sum (CUSUM) control charts, exponentially weighted moving averages, and Farrington-family methods that model expected baselines with seasonality and historical trend and flag statistically significant exceedances [4, 6].

Spatiotemporal cluster detection. Emerging geographic clusters are localized with the spatial (and space-time) scan statistic, which identifies the most likely cluster and its significance without pre-specifying where to look [7].

Multi-agent divergence confirmation. Before any candidate signal is escalated, it is examined by an independent divergence-assessment step — a small panel of independent analytic agents that must concur that the aberration is unlikely to be an artifact of coding shift, care-seeking change, or reporting noise. This adversarial confirmation, inherited from the platform's consilium discipline (WP-003), exists to suppress the false alarms that historically erode authorities' trust in syndromic systems. Only signals surviving this step, and only above the k-threshold, are eligible for human review.

Human-in-the-loop before authority alerting. GERN does not autonomously notify governments. A qualified human reviewer stands between a confirmed statistical signal and any outbound alert to a public-health authority. GERN's role is to compress the time to detection; the decision to declare remains human and institutional.

6. Governance and regulatory alignment

GERN is designed to sit inside, not beside, the existing global health-security architecture.

7. Designated evaluation protocol (prospective, pre-registered)

We report no outbreak-detection performance in this paper. The following is the evaluation we have designated and will pre-register before reporting any results — the same disclosure discipline we apply to our autonomous-research program (WP-005), where capability is described but findings are claimed only when earned.

Objective. Quantify GERN's timeliness and reliability against established gold standards, prospectively.

Comparators. (i) National/regional notifiable-disease confirmations as the timeliness gold standard; (ii) contemporaneous chief-complaint syndromic surveillance where available; (iii) where applicable, retrospective back-testing against historically confirmed outbreak records.

Primary metric — detection lead time. Days between GERN's confirmed signal and the corresponding gold-standard confirmation, reported with uncertainty and stratified by syndrome and setting. The pre-registered hypothesis is a positive median lead time; no magnitude is claimed in advance.

Secondary metrics. Sensitivity and specificity against confirmed events; positive predictive value; false-alarm rate per unit time (the operational currency of analyst trust); and cluster-localization accuracy for the scan statistic.

Privacy validation. Empirical re-identification testing against the released aggregates and formal verification that the differential-privacy budget holds under the realized release schedule.

Equity dimension. Because GERN's substrate is documentation rather than laboratory infrastructure, it is hypothesized to extend timely detection into settings with sparse laboratory capacity, including low- and middle-income regions and offline-capable deployments. This, too, is a designated question, not a claimed result.

8. Discussion

GERN reframes what a surveillance system is. It is not an instrument that public health must fund, staff, and separately maintain; it is a latent signal already being generated every time a clinician is supported by a verified diagnostic system, waiting only for a privacy architecture careful enough to be trusted with it. The marginal cost of the radar is near zero because the documentation is happening anyway.

The honest limitations are three. First, coverage bias: GERN sees where the platform is deployed, and its map is only as representative as its footprint — an argument for broad, equitable adoption rather than a defect of the method. Second, no surveillance signal is immune to drift; GERN lowers the re-grounding cost but does not abolish the need for validation, which is why §7 is prospective. Third, the strongest privacy guarantees (k-thresholds, differential privacy) deliberately blunt the very smallest signals; GERN trades a measure of sensitivity to the tiniest clusters for a guarantee that no individual can be seen — a trade we consider non-negotiable.

What remains is a proposition we believe is new: that the same architecture built to make one clinician safer at 3 a.m. can, as a privacy-preserving by-product, make a population safer — and that the earliest warning of the next outbreak may already be latent in the ordinary paperwork of medicine, if only it can be read without reading anyone.


References

  1. Frieden TR, et al. Safer countries through global health security. The Lancet 2014; and Resolve to Save Lives / WHO, 7-1-7: a global target for timeliness of outbreak detection, notification, and response, 2023.
  2. Ginsberg J, Mohebbi MH, Patel RS, Brammer L, Smolinski MS, Brilliant L. Detecting influenza epidemics using search engine query data. Nature 2009;457:1012–1014.
  3. Lazer D, Kennedy R, King G, Vespignani A. The parable of Google Flu: traps in big data analysis. Science 2014;343:1203–1205.
  4. Hutwagner L, Thompson W, Seeman GM, Treadwell T. The bioterrorism preparedness and response Early Aberration Reporting System (EARS). Journal of Urban Health 2003;80(2 Suppl 1):i89–i96.
  5. World Health Organization. International Health Regulations (2005), 3rd ed. Geneva: WHO, 2016.
  6. Farrington CP, Andrews NJ, Beale AD, Catchpole MA. A statistical algorithm for the early detection of outbreaks of infectious disease. Journal of the Royal Statistical Society A 1996;159:547–563.
  7. Kulldorff M. A spatial scan statistic. Communications in Statistics — Theory and Methods 1997;26:1481–1496.
  8. Salathé M, Bengtsson L, Bodnar TJ, et al. Digital epidemiology. PLoS Computational Biology 2012;8(7):e1002616; and Brownstein JS, Freifeld CC, Madoff LC. Digital disease detection. New England Journal of Medicine 2009;360:2153–2157.
  9. World Health Organization. Epidemic Intelligence from Open Sources (EIOS) initiative. Geneva: WHO.
  10. Sweeney L. k-anonymity: a model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 2002;10(5):557–570.
  11. Dwork C. Differential privacy. In Proceedings of the 33rd International Colloquium on Automata, Languages and Programming (ICALP) 2006:1–12.
  12. Gomoła TJ. Formal Reliability Analysis of Multi-Layer Deterministic Verification in Clinical AI: A Fault Tree Approach (WP-001). DeepSensi PBC, 2026.
  13. Gomoła TJ. Golden Horizon: AI-Mediated Compassionate Access Through an Autonomous Agent Architecture (WP-006). DeepSensi PBC, 2026.
  14. Gomoła TJ. The DeepSensi Standard: A Quantitative Safety Certification Standard for Clinical AI Systems (DSS-001). DeepSensi PBC, 2026.