Integral Post-Incident Organizational-Recovery Readiness Diagnostic

Last updated: May 2026

A 4-6 week productized diagnostic assessing your organization's nervous-system state after a sentinel event, cyber incident, or workplace-violence episode — mapping the autonomic, relational, and meaning-source dimensions the technical and legal response cannot see. Delivered by Thomas G. Goddard, JD, PhD, CCEP, founding member of the Integral Institute of Medicine, with 40+ years across U.S. healthcare regulation, policy, and organizational practice.

What Is the Integral Post-Incident Organizational-Recovery Readiness Diagnostic?

The Integral Post-Incident Organizational-Recovery Readiness Diagnostic is a structured, time-bounded assessment of the human layer of a healthcare organization in the aftermath of a significant incident — a sentinel patient-safety event, a cybersecurity incident, or a workplace-violence episode. It maps where the organization's nervous system currently is, not where leadership hopes it should be by now.

The diagnostic operates from a premise the incident-response industry does not act on: that technical recovery and organizational recovery are separate processes on separate timescales, and that the second process is routinely underfunded, understructured, and mistaken for something that resolves on its own. Months after a major incident, leadership teams are often still operating from threat-state physiology; the second-victim cohort has not been structurally supported; trust between IT, clinical, compliance, and the C-suite has not been repaired; and the meaning and purpose of staff directly involved in the event has been quietly eroded. None of this shows up in a technical post-mortem or a legal after-action review.

The diagnostic measures body, heart, mind, and meaning-and-purpose in one integrated organizational map. It does not diagnose individuals, does not substitute for clinical care, and does not produce findings that could be used against any staff member in a regulatory, employment, or legal proceeding. It is an organizational-consulting deliverable scoped for the leadership team.

What the Diagnostic Surfaces

  • Post-incident autonomic state by team and leadership cohort — where the workforce is still operating from sympathetic activation or dorsal-vagal shutdown, where the incident has left a persistent threat-state signature in the teams that bore the most direct exposure, and where the leadership team itself is still making decisions from compromised physiological regulation.
  • Second-victim cohort identification and support assessment — who in the affected workforce is carrying secondary traumatic stress, whether the organization's formal support structures (EAP, peer-support, Schwartz Rounds, formal second-victim programs) are actually reaching them, and what structural gaps exist in the current support architecture.
  • Leadership-team trust voltage and psychological safety — whether the leadership team has the relational coherence to lead through the recovery period, where the incident has created ruptures between functions (IT and clinical, compliance and operations, executive and clinical leadership), and whether the conditions for post-incident learning are currently present.
  • Meaning-and-purpose and moral injury indicators — where staff involved in the incident are experiencing moral injury (the damage done when one acts against one's moral code, or witnesses others doing so, or feels betrayed by authorities in the aftermath), where vocation has been eroded, and what the organization's current response is doing to address or compound that erosion.
  • Structural recovery conditions — what governance, workflow, communication, and leadership-behavior conditions currently support recovery versus block it, and what the most consequential intervention sequence is across all four quadrants.

What the Diagnostic Does Not Claim to Do

The diagnostic is not a clinical intervention. It does not treat secondary traumatic stress, moral injury, or post-traumatic stress in any individual. It does not substitute for a clinical critical-incident stress debriefing in the acute phase of an incident, nor for the Employee Assistance Program, peer-support program, or clinical referral pathways the organization should already have in place. It does not produce root-cause findings, technical remediation recommendations, or legal risk assessments. It is an organizational-level instrument that maps the human layer so that leadership can govern the recovery intelligently rather than hope it has happened.

The Science Behind It

The diagnostic integrates four research lineages, each with a substantial peer-reviewed evidence base. The integration is the contribution; none of the underlying science is novel.

The body layer rests on Stephen Porges's polyvagal theory of autonomic regulation (Porges, Psychophysiology, 1995; The Polyvagal Theory, 2011), which provides the framework for understanding why leadership teams and clinical staff continue to operate from threat-state physiology long after the acute incident has resolved — and what that physiological state does to decision-making, judgment under uncertainty, and interpersonal trust. Bessel van der Kolk's work on organizational trauma (The Body Keeps the Score, 2014) provides the framing for how traumatic experience becomes encoded at the organizational as well as the individual level; his somatic frame is the standard reference in this literature and is cited on that basis. Bruce McEwen's allostatic load framework (McEwen, Annals of the New York Academy of Sciences, 1998) explains the cumulative physiological cost when the return to baseline is delayed or structurally blocked.

The heart layer — emotional toll and second-victim phenomenon draws on Wu (2000), who introduced the second-victim concept in the BMJ; Scott et al. (2009), who developed the empirical framework at Johns Hopkins; and Seys et al. (2013) on organizational support-structure adequacy. Beth Stamm's Professional Quality of Life instrument (ProQOL-5) provides the validated measurement tool for secondary traumatic stress and compassion satisfaction. The Figley secondary traumatic stress literature (1995) anchors the responder-cohort dimension specific to cyber-incident response teams. Bryan Sexton's work on psychological safety in clinical teams and the Schwartz Center Rounds peer-reviewed evidence base (Lown & Manning, Academic Medicine, 2010) anchor the relational-coherence dimension.

The heart layer — moral injury draws on Litz et al.'s foundational paper on moral injury (Clinical Psychology Review, 2009) and on its translation to healthcare settings by Talbot and Dean (The Lancet, 2018) and by Hamric and Epstein. The term "moral injury" is used in its technical sense: the damage done when a person acts against their core moral convictions, witnesses others doing so, or feels betrayed by trusted authority figures in the aftermath of an event. This is distinct from burnout and from post-traumatic stress, and the diagnostic treats it as a distinct dimension.

The meaning-and-purpose layer addresses what the incident does to the vocational narrative of affected staff — the sense that the work they do matters and that the organization they work for is worthy of that commitment. For clinical staff involved in a sentinel event, for security and IT staff who bore direct responsibility during a ransomware attack, and for staff who witnessed or were injured in a workplace-violence episode, this dimension is often the last addressed and the most durably damaged when unaddressed. The integral framework treats this as an organizational-level dimension — recoverable through structural and leadership interventions, not only through personal therapeutic work.

The mind and structure layer draws on Amy Edmondson's research on psychological safety and learning in clinical teams (Edmondson, Administrative Science Quarterly, 1999; Journal of Management Studies, 2003), which establishes that the organizational conditions for post-incident learning require a baseline of psychological safety that is itself disrupted by significant incidents. The structural-document review component draws on the I/O psychology literature on organizational governance and on IHS's direct experience with post-incident regulatory response for URAC, CMS, Joint Commission, and OCR-covered entities.

Who Needs This Diagnostic

The diagnostic is commissioned by leadership teams that recognize their organization is not recovering at the pace or depth that the technical and legal response alone would predict. The primary buyer is typically the CEO, COO, or CISO (in the cyber case) or the Chief Medical Officer (in the sentinel-event case). General Counsel often initiates the conversation after a regulatory response has been filed and a compliance burden has been layered onto an already-destabilized workforce.

The post-incident environment is empirical. The Change Healthcare 2024 ransomware attack compromised 193 million individuals' data, demanded a $22 million ransom, and disrupted the 15 billion transactions Change processes annually (ITIF, March 2026). Healthcare worker exposure to workplace violence runs at 61.9% any-form and 24.4% physical violence in the past year (NCBI WMA review). Verdicts above $10M have more than doubled since 2015, with the average award in those cases now at $40M (Insurance Journal, May 2026). The second-victim cohort following a sentinel event, ransomware incident, or workplace-violence episode is among the highest-risk and least-supported cohorts in U.S. healthcare. The diagnostic maps that cohort and the structural recovery conditions that determine whether the organization recovers or compounds the damage.

After a Sentinel Patient-Safety Event

Hospital systems, health systems, behavioral health programs, hospice and home health agencies, and specialty care organizations where a serious adverse event — a preventable death, a serious safety event, a Joint Commission-reportable sentinel event — has activated the organization's formal incident response but left the affected clinical teams, the second-victim cohort, and the clinical leadership tier in a persistent state of distress, distrust, or moral injury. CMS Conditions of Participation quality-assurance and performance-improvement requirements, Joint Commission sentinel event follow-up, and state health department investigative responses all create a compliance burden that runs simultaneously with the organizational recovery need — and that the technical-response track alone cannot address.

After a Cybersecurity Incident

Health plans, pharmacy benefit managers, specialty pharmacies, managed care organizations, and integrated delivery systems where a ransomware attack, data breach, or third-party supply-chain disruption — of the Change Healthcare 2024 lineage or its successors — has activated the technical and legal response track while leaving the organizational human layer unaddressed. The CISO and IT teams who bore direct responsibility during the acute phase are among the highest-risk second-victim cohorts in U.S. healthcare and among the least likely to have formal organizational support structures in place. The trust rupture between IT, compliance, clinical operations, and the executive suite during and after a major cyber incident is measurable and consequential for governance. OCR breach notification, HIPAA enforcement response, CMS and state regulatory notification requirements, and payer contract default provisions all create a sustained compliance burden that deploys exactly when the workforce is least able to absorb it.

Health plans and PBMs carry a particular compounded risk profile here. Prior authorization staff, utilization-management teams, and member-services staff were already carrying elevated allostatic load from CMS-0057-F implementation, step-therapy enforcement, and the sustained moral weight of denial-rate scrutiny. A cyber incident layered onto that pre-existing organizational nervous-system state does not produce the same recovery trajectory as a cyber incident into a resting baseline. The diagnostic is calibrated to that compounded profile.

After a Workplace-Violence Episode

Managed behavioral healthcare organizations, inpatient psychiatric programs, emergency departments, community mental health centers, and any clinical setting where a workplace-violence episode — staff-directed violence, a serious threat event, or a mass-casualty incident involving staff — has activated the safety and legal response track while leaving the organizational nervous-system consequences unaddressed. The workforce-supply collapse in behavioral health and the structural pressures driving patient acuity make this population the highest-risk segment for repeated incidents, and the organizational recovery from each incident shapes the recruitment and retention trajectory of the next cycle.

The 4-6 Week Diagnostic Process

The diagnostic runs in three phases. Each phase produces an intermediate artifact; the leadership-team debrief at the end of Phase 3 is the canonical delivery.

Weeks 1-2: Confidential Interviews and Organizational Survey

The principal conducts confidential, structured interviews with representatives across the affected organizational layers: incident-day responders and first-tier exposed staff; the second-victim cohort (where identified and accessible); clinical or operational leadership directly involved in the incident response; the C-suite and, where accessible, board members involved in the governance response. Interview duration is typically 60-90 minutes per participant. The protocol is calibrated to the event type — sentinel event, cyber incident, or workplace-violence episode — and is designed to surface the autonomic, relational, moral-injury, and meaning-and-purpose signal that survey instruments alone do not reach.

In parallel, an organizational survey instrument is administered to the affected workforce cohort. The survey is validated, anonymized, and follows confidentiality protocols documented in the engagement letter. Instruments are drawn from the peer-reviewed literature: the Professional Quality of Life Scale (ProQOL-5, Stamm) for secondary traumatic stress and compassion fatigue; the Edmondson psychological-safety scale for team-level relational assessment; and supplementary items calibrated to the event type and the organization's specific workforce structure.

Weeks 3-4: Structural and Governance Review

The principal reviews the structural and governance documents that determine whether the current organizational conditions support or block recovery: the organization's formal incident-response documentation and post-incident action plan; governance records of the incident response (board or committee minutes, executive-level decisions, communication logs); the current state of formal support structures for affected staff (EAP utilization data, peer-support program records, Schwartz Rounds records if in place); the organization's relationship with applicable regulators in the post-incident period (CMS, Joint Commission, OCR, state health department); and the structural conditions — workflow architecture, leadership communication cadence, cross-functional coordination, and governance protocols — that are either supporting or blocking the return to integrated organizational function.

Weeks 5-6: Integration and Delivery

The principal integrates the interview synthesis, survey data, and structural review into the four deliverables documented below. The leadership-team debrief is conducted as a 90-minute working session — not a slide presentation — and walks the leadership team through the nervous-system map, the recovery-readiness assessment, the intervention prioritization, and the implications for governance and structural response going forward. Where the diagnostic findings support a bespoke recovery engagement, the debrief includes a scoping conversation for that work.

What You Receive

  • Post-Incident Organizational Nervous-System Map — an integrated assessment showing the current autonomic state of affected teams and leadership cohorts, where the incident has left persistent threat-state signatures, and what the post-incident physiological baseline is across the organizational layers in scope. Heat-mapped at the resolution the engagement scope permits without compromising individual confidentiality.
  • Recovery-Readiness Assessment — a structured evaluation of the structural, relational, governance, and meaning-and-purpose conditions that currently support recovery versus block it. Includes second-victim cohort identification, support-structure adequacy assessment, leadership-team trust-voltage assessment, psychological-safety readiness for post-incident learning, and moral injury indicators by cohort. Findings are sequenced across all four quadrants — body, heart, mind, and meaning-and-purpose — so that the leadership team can see where the recovery need concentrates and what the structural levers are.
  • Recovery Intervention Prioritization — a prioritized roadmap of structural, relational, governance, and leadership-behavior interventions sequenced by quadrant, feasibility, time-to-effect, and the leadership team's actual span of control. Each recommendation names the dimension it addresses, the evidence base, the realistic time-to-effect, and the leadership owner.
  • Engagement Scoping for Recovery Work — where the diagnostic findings support a bespoke C3 Post-Incident Organizational Recovery engagement, the principal prepares a scoping document and presents it in the debrief. The diagnostic is not a sales gate; the scoping is included because the recovery roadmap is not complete without it. The leadership team makes the engagement decision independently.
  • Leadership-Team Debrief and Working Session — a 90-minute working session walking the leadership team through the map, the assessment, and the prioritization. Delivered live (in-person or video). Structured to allow the leadership team to interrogate the findings, surface organizational context the diagnostic could not see, and align on next steps.

Why This Differs from Other Post-Incident Responses

The organizational-recovery readiness diagnostic occupies a gap that the three standard post-incident response tracks — clinical, technical, and legal — do not fill. The differences are structural, not stylistic.

Not a Clinical Critical-Incident Debriefing

A critical-incident stress debriefing (CISD) or psychological first aid (PFA) intervention is an individual or small-group clinical tool for acute trauma processing, delivered in the days immediately following an incident. It is calibrated to the acute phase and to the individual level. The organizational-recovery readiness diagnostic is an organizational-consulting instrument delivered in the weeks-to-months post-acute phase. It maps the current state of teams, cohorts, and governance structures — not the acute processing of individuals. The two tools address different phases and different levels of the organization.

Not a Technical Post-Incident Review

A technical post-incident review — root-cause analysis, forensic cyber investigation, failure-mode analysis — examines what failed in systems and processes. It produces findings about technical failures and recommendations for system remediation. It does not measure the autonomic state of the teams that lived through the incident. It does not identify who is in the second-victim cohort. It does not assess whether the leadership team has the relational coherence to govern the recovery. These are not design failures of the technical review; they are outside its scope.

Not a Legal After-Action Review

A legal post-incident review examines liability exposure, regulatory compliance, privilege protections, and breach notification obligations. It is a risk-management instrument designed to protect the organization in the legal and regulatory environment that follows the incident. It does not produce findings about the current organizational nervous-system state. The organizational-recovery readiness diagnostic produces findings about the human layer; it does not produce findings that create liability or that could be used in regulatory or legal proceedings against the organization or its staff.

Not an Employee Assistance Program

The EAP is an individual-level benefit providing clinical referral pathways for staff in distress. It is a critical component of the post-incident support infrastructure, and the diagnostic assesses whether it is functioning and being utilized effectively. The diagnostic itself is an organizational-level instrument. It maps the structural and governance conditions that determine whether the EAP and other individual-support mechanisms can actually reach the second-victim cohort — and it identifies where those structures are failing.

The Gap None of the Four Fills

The clinical, technical, legal, and EAP tracks each address one layer of the post-incident response. None of them produces an integrated assessment of the current organizational nervous-system state, the structural recovery conditions, and the intervention priorities across all four quadrants. This diagnostic does. That is not a stylistic claim; it is a description of what the diagnostic produces that the other tracks cannot.

Why IHS for This Diagnostic

The Integral Post-Incident Organizational-Recovery Readiness Diagnostic is principal-delivered. Its utility depends on the principal's ability to read an organizational nervous-system state with accuracy, to earn the trust of a second-victim cohort that has reason to be guarded, and to translate complex clinical and regulatory post-incident dynamics into a structural-lever map that a leadership team can act on. That combination of credentials and direct experience is not assembled by any engagement survey vendor, clinical debriefing provider, or post-incident consulting firm operating in U.S. healthcare today.

About the Principal

Thomas G. Goddard, JD, PhD, CCEP — CEO of Integral Healthcare Solutions; Founding Member of the Integral Institute of Medicine.

Forty-plus years across U.S. healthcare regulation, policy, and organizational practice: Special Assistant to a U.S. governor on Medicaid policy; Counsel for Government and Media Relations at the National Association of Insurance Commissioners; VP and General Counsel of NYLCare Health Plans of the Mid-Atlantic (500,000 members); COO and General Counsel of URAC; Senior Consultant at Booz Allen Hamilton; twenty-four years as CEO of Integral Healthcare Solutions. Faculty appointments at George Mason University School of Management and Seton Hall Law School's Healthcare Compliance Certification Program.

PhD in Industrial-Organizational Psychology (George Mason University) — the measurement and validation discipline behind every instrument used in the diagnostic. Juris Doctor (University of Arizona). Certified Core Energetics Practitioner (Institute of Core Energetics) — one of the few CCEP-credentialed consultants in U.S. healthcare. Expert witness in Wit v. United Behavioral Health and seven other federal and state cases. Twenty-five years applying an integral framework to healthcare in peer-reviewed and conference work, including the AQAL: Journal of Integral Theory and Practice, Healthcare Financial Management, the Journal of Alternative and Complementary Medicine, and Explore: The Journal of Science and Healing.

The post-incident diagnostic draws specifically on IHS's direct experience with regulatory response following healthcare incidents — URAC, CMS, Joint Commission, OCR, and state health department response frameworks — and on the principal's formal training in somatic and integral methods that no peer in the post-incident consulting space holds simultaneously.

Frequently Asked Questions

How is the diagnostic priced?

The diagnostic is scoped per engagement based on workforce cohort size, event complexity, scope of interview cohort, and structural-review depth required. Contact us for a tailored proposal. IHS does not publish a fee schedule because each engagement is principal-delivered at the scope the leadership team commissions — there is no productized rate card to publish. The reference point is the cost of a delayed or insufficient organizational recovery: leadership-team attrition, second-victim cohort departure, and the cascading regulatory exposure of post-incident decisions made from compromised collective physiology. Contact us for a tailored proposal.

When is the right time to commission this diagnostic?

The diagnostic is most useful in the period 4-16 weeks after the acute incident phase — after the technical and legal response has stabilized but before the organization has declared itself recovered. Organizations often commission it when they notice that leadership team dysfunction, staff attrition, or second-victim distress is persisting well beyond the incident timeline, or when a regulatory response has added compliance burden on top of an already-destabilized workforce. If the acute phase is still active — the breach is still being contained, the clinical investigation is still live — the diagnostic is premature.

Does participation in the interviews need to be mandatory?

No. Interview participation is voluntary. Response rates and participation patterns are themselves diagnostic data and are reported back to the leadership team as part of the assessment. A second-victim cohort that declines to participate with organizational representatives is communicating something the diagnostic is designed to surface.

Is this diagnostic subject to attorney-client privilege or work-product protection?

That determination is legal in nature and belongs to the organization's General Counsel based on the specific facts and jurisdiction. IHS does not provide legal advice. Organizations that want to structure the diagnostic engagement under privilege protection should discuss that option with General Counsel before engaging. IHS can work within a privilege structure where it has been established; the engagement letter documents the working arrangement.

What happens to the findings if the diagnostic surfaces individual staff distress?

Findings are reported at the team, cohort, and leadership-tier level — never at the individual-respondent level. If the diagnostic surfaces indicators of individual staff distress requiring clinical response, the principal will communicate to leadership that the existing clinical-support structures need to be activated, without identifying individuals. The diagnostic does not function as a clinical referral pathway; it functions as an organizational map that identifies where clinical support structures need to reach.

How does this relate to the C3 Post-Incident Organizational Recovery engagement?

The diagnostic is the entry point; the C3 Post-Incident Organizational Recovery engagement is the recovery work itself. The diagnostic produces the assessment and the intervention prioritization. If the leadership team elects to pursue the recovery engagement, IHS scopes it from the diagnostic findings. The two are related but separable: the diagnostic stands on its own deliverables and does not require a follow-on engagement to be useful. Many organizations commission the diagnostic, use the intervention prioritization with their own internal resources, and return for the recovery engagement at a later stage.

What is the evidence base for the second-victim concept?

The second-victim concept was introduced by Wu (2000) in the BMJ. Scott et al. (2009) developed the empirical framework at Johns Hopkins Hospital, identifying the stages of the second-victim experience and the conditions that support versus block recovery. Seys et al. (2013) examined the adequacy of organizational support structures across healthcare settings. The diagnostic applies the second-victim framework as an organizational-level assessment tool — identifying cohort membership, assessing support-structure adequacy, and recommending structural interventions — rather than as an individual clinical intervention.

What is the evidence base for moral injury in healthcare?

The moral injury construct was developed by Litz et al. (Clinical Psychology Review, 2009) in a military context and translated to healthcare by Talbot and Dean (The Lancet, 2018) and by Hamric and Epstein. The core definition — damage done when one acts against one's moral convictions, witnesses others doing so, or feels betrayed by trusted authority — is the working definition used in this diagnostic. Moral injury is distinct from burnout (which is a response to chronic occupational stress) and from post-traumatic stress (which follows perceived threat to physical safety); the diagnostic treats it as a separate dimension requiring separate organizational-level attention.

Related Resources

Ready to Get Started?

Schedule a no-obligation consultation with IHS. We will discuss where your organization is in its post-incident recovery and whether the Integral Post-Incident Organizational-Recovery Readiness Diagnostic is the right next step.

Schedule a Free Discovery Session