WH WHPS TransformationBusiness Case
Program investment case

Fund the platforms, migrations, AI controls, and operating change together.

The case is strongest when every dollar maps to a product build, migration wave, service workflow, technical dependency, adoption metric, and operating control. This is the investment model for the real WHPS program.

Review financial model View roadmap
Investment logic Value tied to controls
Value pool Service Higher quality, fewer repeat contacts, better QA evidence.
Cost pool Mainframe Migration Shift run cost by retiring workloads, licenses, and contract dependencies.
Speed pool AI SDLC Increase delivery throughput while preserving secure release controls.
Risk pool Evidence Hub Convert policy into release evidence and runtime monitoring.
Business requirements

Requirements baseline for the WHPS platform modernization program.

These requirements define what the modernized platform must do before individual initiatives are treated as production-ready.

BR-000

Overall platform modernization

WHPS needs a shared platform that supports portal delivery, service workflows, AI-assisted operations, mainframe migration waves, governed release evidence, and measurable operating outcomes.

Business capabilities
  • Provide unified access patterns for brokers, groups, service agents, operations, and engineering teams.
  • Expose modern APIs for eligibility, enrollment, claims, documents, payments, case status, and service history.
  • Support role-scoped operational workflows, workflow status, notifications, document exchange, exception handling, and reporting.
  • Enable Contact Center AI and AI SDLC capabilities without bypassing source-of-record controls.
Operating requirements
  • Every product release must have a product owner, support owner, service-level target, adoption measure, and rollback path.
  • Every migrated workload must include a cutover plan, reconciliation result, consumer signoff, and decommission task list.
  • Every AI-enabled workflow must preserve human approval for customer-impacting actions until policy allows expansion.
  • Every initiative must publish weekly status against scope, risks, blockers, decision needs, and release evidence.
Control and compliance requirements
  • Enforce identity, role access, segregation of duties, audit logging, data classification, and PHI/PII protection.
  • Capture evidence for architecture approval, security testing, QA, business acceptance, deployment, rollback, and monitoring.
  • Maintain traceability from business requirement to epic, system dependency, test case, release gate, and production metric.
  • Retain model, prompt, dataset, RAG source, tool-call, approval, and incident records for AI-enabled workflows.
Technical platform requirements
  • Provide API gateway, event integration, observability, secrets management, environment controls, and automated release pipelines.
  • Support legacy facades, data replication, reconciliation, dual run, reverse log, rollback routing, and decommission ledgering.
  • Implement reusable patterns for portal orchestration, service APIs, CRM integration, RAG retrieval, evidence storage, and telemetry.
  • Operate with SLOs for availability, latency, data freshness, incident response, cost tracking, and error-budget review.
Initiative requirements

Detailed business requirements by workstream.

Each initiative must translate the program strategy into user workflows, source-system dependencies, acceptance criteria, controls, and measurable outcomes.

Initiative Business requirements Acceptance criteria Dependencies and controls
BrokerLink Portal and EDE modernization
  • Support ACA EDE broker enrollment, agency hierarchy, broker setup, book-of-business visibility, enrollment support, document submission, commissions, and service requests.
  • Provide OWNER, ADMIN, AGENT, SUPPORT, and white-label roles with least-privilege access, audit logs, 15-minute timeout, MFA, and 10-year retention support.
  • Implement NPN/NIPR validation, AOR consent, RIDP/Experian where required, CMS Hub integration, privacy/security evidence, and broker service workflows.
  • Reduce manual follow-up by exposing consistent eligibility, enrollment, claim, document, payment, and case status through governed APIs.
  • Broker UAT confirms EDE enrollment workflows, account hierarchy, role access, AOR consent, document flows, and service routing.
  • API contract tests pass for identity, CMS/EDE, eligibility, enrollment, document, CRM, commissions, and case-status services.
  • Certification pack includes PIA, SSPP/MARS-E mapping, vulnerability scan, audit evidence, BRA inputs, access review, and CMS question coverage.
  • Adoption, task completion, defect burn-down, enrollment conversion, support-volume shift, and broker retention are instrumented.
  • Federated SSO, CMS Hub/EDE services, RCL/NPN validation, RIDP provider, CRM/service platform, document service, eligibility, enrollment, claims, commissions, audit log.
  • Controls: broker role model, consent evidence, data minimization, PHI/PII handling, CMS evidence, approval and release records.
GroupLink Portal rebuild
  • Support group administration, eligibility maintenance, account updates, plan workflows, permission management, reporting, and operational messages.
  • Give group users reliable workflow state, exception reasons, required actions, document status, and service handoff visibility.
  • Reduce operational rework through validation rules, source synchronization, data-quality checks, and clear ownership of exceptions.
  • Group administrators can complete priority workflows without manual operations intervention.
  • Data-quality checks, integration tests, role review, and operational acceptance pass before release.
  • Cycle time, exception volume, reporting usage, and support runbook readiness are measured.
  • Identity, group/account master data, eligibility, plan data, reporting store, CRM/service queue.
  • Controls: group role hierarchy, audit trail, data freshness, exception workflow, access review.
Contact Center AI
  • Assist agents during calls with transcript capture, intent detection, source-backed answer drafting, service lookup, and next-best action suggestions.
  • Keep the human agent accountable for customer-facing responses, case notes, CRM writeback, and escalation decisions.
  • Convert call outcomes, agent edits, failed intents, and QA findings into a knowledge and workflow improvement backlog.
  • Service-test replay proves identity validation, source retrieval, response grounding, agent approval, and fail-closed behavior.
  • QA can review transcript, citations, suggested response, edits, confidence, and CRM note for each sampled interaction.
  • Agent handle-time, edit rate, repeat contact, citation coverage, and QA defect trend are instrumented.
  • CCaaS/IVR, agent desktop, CRM, knowledge base/RAG, claims, eligibility, documents, policy engine.
  • Controls: consent, PHI/PII masking, source freshness, confidence threshold, human approval, incident path.
Service testing harness
  • Simulate high-value omnichannel service scenarios before production exposure, including claim status, missing document, payment, enrollment, and unsupported paths.
  • Validate AI behavior, API behavior, CRM writeback, agent approval, QA evidence, and fail-closed routing in a replayable test flow.
  • Provide a repeatable acceptance pattern for new intents, knowledge updates, policy changes, and service workflow changes.
  • Each test case has identity state, source data, expected answer, allowed actions, failure mode, and evidence output.
  • Regression suite runs before release and records pass/fail, source citations, blocked actions, and remediation owner.
  • Release cannot proceed when identity, source freshness, policy, confidence, or CRM writeback controls fail.
  • Sandbox APIs, synthetic call transcripts, CRM staging, RAG test corpus, QA review queue, evidence archive.
  • Controls: test-data management, replay ID, blocked-action log, release gate, rollback criteria.
Mainframe modernization
  • Inventory COBOL, JCL, CICS, IMS, Db2, VSAM, batch jobs, interfaces, reports, security rules, and operational dependencies.
  • Sequence modernization by business domain, dependency risk, data complexity, consumer impact, and decommission value.
  • Support facade, replatform, refactor, replace, retire, and retain decisions with a documented wave plan.
  • Each wave has dependency graph, data mapping, dual-run plan, reconciliation criteria, consumer signoff, rollback path, and support model.
  • Cutover occurs only after parity, performance, security, operations readiness, and incident coverage pass.
  • Decommission ledger proves retired jobs, interfaces, licenses, access, contracts, reports, and archived data.
  • z/OS estate, schedulers, file/MQ feeds, data stores, API gateway, target platform, observability, finance ledger.
  • Controls: reconciliation, dual run, rollback route, access removal, audit archive, decommission approval.
AI SDLC implementation
  • Manage models, prompts, datasets, RAG sources, tools, agents, and AI-enabled releases as versioned software assets.
  • Enable engineering agents and copilots while preserving scoped permissions, tool boundaries, human review, and release accountability.
  • Standardize evaluation, red teaming, security checks, risk tiering, approval records, runtime telemetry, and retirement triggers.
  • AI inventory, AI BOM, prompt/model registry, eval results, scan output, approvals, and rollback plan exist for every release.
  • Prompt injection, privacy leakage, grounding, tool misuse, dependency, and business outcome checks pass before production.
  • Runtime drift, incidents, overrides, cost, latency, and access are monitored with revoke and re-evaluation paths.
  • Repos, CI/CD, eval harness, policy engine, model gateway, evidence store, observability, IAM, secrets, issue tracker.
  • Controls: least privilege, tool allowlist, signed artifacts, eval gate, release approval, kill switch.
Platform foundation
  • Create reusable platform services for identity, APIs, events, data contracts, RAG, CRM integration, document access, observability, and evidence.
  • Standardize environments, deployment automation, support runbooks, monitoring, incident handling, and cost management.
  • Give product teams shared patterns so BrokerLink Portal, GroupLink, Contact Center AI, and migrated domains do not rebuild foundations separately.
  • Reference architecture, service catalog, integration patterns, environment strategy, SLOs, and support ownership are published.
  • Portal, AI, CRM, API, data, and mainframe integration patterns pass security and operational readiness reviews.
  • Telemetry proves availability, latency, error rate, data freshness, incident response, and cost visibility.
  • IAM, API gateway, event bus, data platform, CRM, RAG services, CI/CD, observability, evidence archive.
  • Controls: SLOs, access review, secrets, audit logging, data classification, production change record.
Program value model

Where the case creates measurable operating value.

Each value pool has a distinct mechanism. That keeps the case credible and prevents a single inflated AI ROI claim from carrying the whole story.

Value pool Mechanism Proof required Primary owner
BrokerLink Portal modernization Modern broker workflows, enrollment support, document handling, service status, and self-service routing. Portal adoption, completion rate, defect trend, support-volume shift, release evidence. Platform product and engineering
GroupLink Portal rebuild Group administration, eligibility, plan/account workflows, permissions, reporting, and service integrations. Group task cycle time, data quality, integration checks, role/access review, user acceptance. Platform product and operations
Contact center productivity Source-backed answer drafting, faster lookup, cleaner case notes, QA automation. Call replay, agent edit rate, QA flags, CRM completeness, repeat-contact analysis. Service operations
Mainframe cost transition Migration waves, decommission ledger, contract exit, license reduction, modern ops. Retired jobs, closed interfaces, archived data, removed access, savings ledger. Infrastructure and finance
Engineering velocity Agentic planning, code generation support, automated tests, release evidence. Lead time, deployment quality, eval pass rates, review cycle, incident trend. Engineering leadership
Risk reduction AI inventory, risk tiering, secure release gate, runtime monitoring, incident response. Controls mapped to artifacts, blocked release reasons, audit samples, access reviews. Security, compliance, product
Execution decisions

What the program must lock down before scale.

The plan depends on explicit decisions for sequencing, platform ownership, source-system boundaries, release authority, and decommission accountability.

Decision 01 Fund the control plane

Build shared AI inventory, eval, observability, evidence, identity, and release-gate infrastructure.

Decision 02 Sequence by value and risk

Start with service testing, contact-center assist, AI SDLC controls, BrokerLink Portal foundations, GroupLink workflow definition, and the mainframe assessment graph.

Decision 03 Protect source-of-record systems

Use facades, data contracts, dual run, and rollback gates before portal or domain ownership transfers.

Decision 04 Mandate release evidence

No AI-enabled production release without evals, security checks, approvals, and monitoring.

Decision 05 Measure adoption and outcomes

Track portal adoption, service quality, software delivery, cost transition, and risk posture.

Decision 06 Retire what is replaced

Force decommission gates so modernization savings become real operating change.

Value bridge

Transformation economics tied to system retirement.

The business case only works when modernization produces measurable operating change: decommissioned mainframe workload, lower Ensono dependency, AI-assisted service productivity, and a right-sized cloud and AI run cost.

WHPS AI transformation value bridge Strategic business case numbers translated into retirement gates, platform investment, and operating outcomes. $55.0M current annual run rate $1.28 PMPM baseline -$18.5M mainframe decommission jobs, MIPS, data, licenses -$8.0M Ensono exit path contract and support removal -$14.0M AI and ops efficiency service, QA, engineering flow +$12.0M cloud and AI run cost DGX, platform, data, security $26.5M target run rate $0.60 PMPM target Investment and payback: $11.5M total investment, $4.5M phase-one foundation ask, $28.5M annual savings by FY30, and 14-month payback target.

Source material: WHPS AI Transformation Strategic Business Case Jan. 5 and Jan. 12, 2026 decks.