✓ Recently Completed
Delivered in February–March 2026 as part of the production readiness initiative.
Production Database Optimization
20+ indexes added across all major tables, eliminating full table scans on frequently queried columns. Connection pool tuned for 20 concurrent connections with idle timeout and connect timeout configuration.
Operational Resilience
Graceful shutdown handlers (SIGTERM/SIGINT) mark in-progress jobs as interrupted instead of losing them. Startup recovery auto-detects and fixes orphaned records on every boot. 776 orphaned records cleaned during initial audit.
Modular Architecture
5,604-line route monolith split into 10 focused modules (28-line orchestrator). 168 API routes organized by domain. Paginated APIs prevent unbounded data loading.
Security Hardening
7 vulnerabilities remediated: unprotected internal routes, ACIP fail-closed policy, rate limiting (login 10/15min, registration 5/hr), Helmet headers, password complexity, safe error handling, sensitive data log exclusion.
Frontend Performance
React Query global caching (30s staleTime, 5min gcTime) with per-query overrides: real-time (5s), static data (60s), analytics (120s). Reduces redundant API calls by 80%+.
Hybrid Specialist Architecture
Domain-expert sub-agents (Legal, Compensation, L&D live; Recruiting, Benefits on roadmap) with keyword-based classification, parallel data enrichment (BLS salary data, legal knowledge base, L&D program design), and seamless injection into Lisa's responses.
PII Redaction Layer
Automated pre-processing pipeline that detects and redacts 11 PII types (SSNs, phone numbers, emails, credit cards, bank accounts, DOB, passports, driver’s licenses, medical records, addresses, IPs) across all LLM providers. Three sensitivity levels (minimal/standard/strict), admin-configurable via Settings > Privacy & PII tab. Audit logging captures detection metadata without storing actual PII values. Integrated at the chatCompletion choke point with 60s settings cache for performance.
Legal Specialist Knowledge Base
Jurisdiction-aware legal guidance via cached employment law knowledge base covering 7 topic areas (termination, discrimination, leave, wage & hour, harassment, employee relations, workplace safety) with US federal baseline and supplements for 20 key states (~78% of US workforce; full 50-state + international expansion on roadmap). Automatic specialist consultation triggered by keyword detection. Live web search for time-sensitive queries (new laws, regulatory updates). Integrated into both web chat and Slack with 30-day staleness detection and admin-triggered refresh.
Slack Integration — Full Parity
Dual-mode Slack bot (DM + @mention in channels) with complete feature parity to web chat: specialist consultations, grounding constraints, risk detection, model routing, conversation memory, PII scanning, rate limiting (20/min per user), and input sanitization. Bot-to-bot messaging supported with self-loop prevention.
Lisa Learning & Memory System
Three-tier memory enhancement: expanded context window (3,000 tokens, 7 summaries), situation continuity scoring for ongoing employee cases, recall query detection for explicit memory searches, and cross-conversation document reference catalog with auto-classification.
Manager-Specific Coaching Models
Per-user learning profiles that track communication style, topic frequency, and commonly discussed employees. Lisa adapts her tone and approach based on accumulated interaction history. Context injected into the system prompt as a Manager Context block.
Proactive Reminders & Follow-ups
Action items are automatically extracted from conversation summaries with inferred due dates. Lisa proactively follows up on pending and overdue items. Managers can view, complete, or dismiss action items via a sidebar panel in Lisa Chat. Persistent document references enable Lisa to recall uploaded documents across conversations.
Deployment Models
Lisa supports two deployment paths, each designed for different customer needs. The roadmap below is organized around these models.
Standard Deployment Available Now
Lisa as a standalone HR coaching tool. Managers access via web chat or Slack. Uses general US employment law (federal baseline + 20 state supplements, ~78% of US workforce; 50-state + international on roadmap), specialist consultations (Legal, Compensation, Recruiting, L&D, Benefits), and best-practice HR guidance. No company system integrations required. Ideal for teams that want immediate access to expert HR coaching without an IT rollout.
Enterprise Deployment Roadmap
Lisa embedded within a company’s operations. Integrated with HRIS systems, SSO authentication, company policies, org structure, and cultural norms. Lisa’s persona and knowledge are customized per organization. Handles employee data with stricter security controls (SOC 2, data residency, encryption at rest, org-chart-based access isolation). Designed for companies that want Lisa as an extension of their HR team.
Near-Term Enhancements — Both Models
Features that improve Lisa for all users, regardless of deployment model.
User Jurisdiction Preferences Medium Priority
Add a jurisdiction/location field to user profiles so Lisa automatically applies location-specific legal guidance without managers needing to mention their state in every message. Eliminates the current dependency on keyword detection for jurisdiction awareness.
Full 50-State Legal Coverage Medium Priority
Expand the legal knowledge base from 20 key states to all 50. Infrastructure already supports it — the schema, refresh mechanism, and retrieval logic are jurisdiction-agnostic. Requires running population for the remaining 30 states via the existing Gemini-powered web search pipeline.
Dynamic Conversation Starters Medium Priority
Leverage the existing automatic topic detection system (11 HR categories) to analyze recent conversation trends and surface the most relevant topics as suggested prompts. As usage patterns shift — for example, a spike in compensation or retention questions — the suggestions adapt automatically.
Voice Interface Medium Priority
Enable voice-based conversations so managers can talk to Lisa instead of typing. Speech-to-text captures the manager’s question, Lisa processes it through the same coaching pipeline, and text-to-speech delivers her response aloud. Ideal for managers on the go, in the field, or who prefer a more natural conversational style.
Multi-Language Support Medium Priority
Extend Lisa’s system prompt and specialist architecture for global deployment. Initial targets: Spanish, Mandarin, Hebrew, Japanese, Korean. Enables both Standard and Enterprise customers to deploy Lisa across multilingual teams.
Enterprise Integration — Enterprise Model
Features required for embedding Lisa within a company’s operations, policies, and systems. These transform Lisa from a standalone tool into an integrated extension of the HR team.
Company Knowledge Base (RAG) High Priority
Connect Lisa to company-specific policy documents, employee handbooks, benefits guides, and compensation philosophy via retrieval-augmented generation. Client admins upload and manage documents; Lisa indexes them and grounds her answers in actual company policy. When a manager asks about parental leave or PTO, Lisa answers with their company’s specific policy — not generic guidance.
Enterprise Security & Compliance High Priority
SOC 2 readiness, data residency controls, encryption at rest for employee data, org-chart-based data isolation (managers only see their reports), enhanced audit trails with tamper-proof logging, and GDPR/CCPA data subject request handling. Critical for companies entrusting Lisa with sensitive employee information.
SSO/SAML Integration High Priority
Enterprise authentication via SAML 2.0 and OpenID Connect for seamless organizational deployment. Eliminates separate user management, enables automatic provisioning and deprovisioning, and integrates with existing identity providers (Okta, Azure AD, Google Workspace).
Multi-Tenant Architecture High Priority
Isolated data partitioning with separate policy configurations, prompt variants, specialist settings, and knowledge bases per organization. Each company’s data is completely segregated. Enables SaaS deployment model where multiple enterprise customers run on the same infrastructure with zero data leakage.
HRIS & ATS Integrations High Priority
Bidirectional connectors for major HR systems: Workday, BambooHR, ServiceNow, Rippling, Greenhouse, and others. Includes org chart ingestion for reporting-line verification (Lisa only shares info about a manager’s direct and indirect reports), real-time employee data sync, and headcount/compensation data feeds for the Compensation specialist.
Premium Compensation Data Connectors Enterprise
MCP-based connectors for institutional compensation benchmarking providers: Radford, Mercer, Payscale, FactSet, and Salary.com. Enriches Lisa’s existing 4-source compensation intelligence (BLS government data, AI-powered web search, company internal bands, Lisa Network crowdsourced pool) with verified market benchmark data used by enterprise HR teams. Enables pay equity audits against peer companies, salary band recalibration with institutional-grade percentile data, and executive compensation analysis. Competitive parity with Anthropic’s Claude Cowork HR plugin, which requires similar external data subscriptions for premium benchmarking. Connectors follow the same integration pattern as HRIS connectors — API client, data normalization, caching, and org-scoped access controls.
Company Culture & Prompt Customization Medium Priority
Per-company Lisa persona tuning: tone of voice, company values and terminology, escalation policies, benefits specifics, internal process names, and cultural norms. An admin onboarding flow captures the company’s preferences and generates a custom prompt layer that sits on top of Lisa’s base HRBP persona. Ensures Lisa sounds like part of their team, not a generic chatbot.
Real-Time Escalation Notifications Medium Priority
Push notifications to the client’s HR team when hard-stop escalation triggers fire (harassment, discrimination, safety threats, legal risk). Routes alerts to the company’s designated escalation contacts via Slack, email, or webhook. Includes configurable escalation policies per organization.
Automated Routing & Approvals Medium Priority
Enable Lisa to automatically route documents and requests to the correct approvers within the client’s organization — job requisitions, promotion business cases, PIP signoffs, termination approvals. Integrates with the company’s existing approval workflows to reduce the manager’s burden of navigating internal processes.
Calendar & Communication Integration Future
Allow Lisa to access calendars to help schedule meetings (1:1s, PIPs, exit interviews) and draft communications on behalf of the manager. Integrates with Google Calendar, Outlook, and internal messaging tools to streamline the execution of plans built during coaching sessions.
AI & Evaluation Improvements
Advancing Lisa’s intelligence, evaluation capabilities, and strategic value.
Continuous Learning Loop Medium Priority
Feed human review overrides and score corrections back into prompt refinement. Creates a flywheel where every human review improves Lisa’s future responses.
Proactive Talent Notifications Medium Priority
Analyze conversation patterns across an organization to flag potential issues before they escalate — high-performers who may be an attrition risk, teams with workload imbalances, clusters of similar complaints signaling systemic problems. Surfaces early warnings to HR leadership so they can intervene proactively rather than reactively.
International Legal Expansion Future
Populate the legal knowledge base for global jurisdictions: UK, EU, India, Israel, Japan, Korea, and others. The schema already supports international data via country_code and jurisdiction_level fields. Pairs with Multi-Language Support for full global deployment readiness.
Fine-Tuned Evaluation Models Future
Train specialized evaluators on human-reviewed ground truth data to reduce inter-rater variability and improve scoring consistency across the 7-category rubric (v3).
Predictive Workforce Planning Future
Analyze company-wide conversation trends and HR data to provide proactive recommendations for future hiring needs, succession planning, and talent pipeline development. The ultimate strategic feature — helping companies plan their talent strategy months or years in advance.
Meta-Lisa: Organizational Learning Layer Enterprise
Ensemble learning across individual manager profiles. Aggregates per-manager learning signals (topic frequency, advice effectiveness, outcome patterns) into organizational intelligence. Detects systemic HR trends, distills best-practice responses, and surfaces cross-manager insights to HR leadership — all while preserving individual conversation privacy through anonymized signal aggregation.
Key Capabilities:
- Pattern Aggregation — Systemic trend detection across all manager interactions
- Response Quality Distillation — Org-wide advice optimization based on what actually helps
- Organizational Echo/Fizzle — System-wide feedback loop identifying which guidance patterns are effective vs. ignored
- Aggregate HR Reporting — CHRO-level insights derived from coaching interaction patterns
- Privacy-Preserving Design — Anonymized signals only; no individual conversation content is shared across managers
Target: Q4 2026+ (Enterprise tier). Prerequisites: Per-manager echo/fizzle system and adaptive memory.
Platform Scaling
Infrastructure for broader adoption and third-party extensibility.
RESTful API Access Future
Public API for programmatic integration into existing manager tools and workflows. Enables custom dashboards, mobile apps, and third-party integrations built on top of Lisa’s coaching engine.
Custom Training Development Future
Use aggregate query metadata to identify common manager skill gaps across an organization — recurring questions about difficult conversations, compensation, or legal compliance — and recommend or help develop targeted training modules. Turns conversational data into a curriculum, providing immense value to learning & development functions.
Development Timeline
Quarterly milestone targets for the full roadmap, organized by priority tier. These targets leverage the existing infrastructure, schema patterns, and specialist architecture already in production.
High Priority — Build First
| Feature | Scope | Target |
|---|---|---|
| Company Knowledge Base (RAG) | Document upload UI, vector embedding pipeline, chunking strategy, retrieval logic integrated into Lisa’s prompt, per-company document management. Builds on existing document upload/extraction infrastructure. | Q2 2026 |
| Enterprise Security & Compliance | Encryption at rest config, data subject request endpoints (GDPR/CCPA), org-scoped query middleware, audit log hardening. Layers on existing PII redaction, audit logging, session security, and rate limiting. | Q3 2026 |
| SSO/SAML Integration | SAML 2.0 + OpenID Connect via passport-saml and openid-client. Auto-provisioning/deprovisioning. Wire into existing auth system. | Q2 2026 |
| Multi-Tenant Architecture | Tenant isolation across the data layer — tenant_id on all tables, scoped queries, separate configs per org. Largest structural change; well-organized Drizzle schema makes migrations manageable. | Q2 2026 |
| HRIS & ATS Integrations (first 2) | API client code + data mapping for first two systems (e.g., Workday, BambooHR). Org chart ingestion, employee data sync, webhook handlers. Similar integration pattern to existing Slack and BLS connectors. | Q3 2026 |
| Premium Comp Data Connectors | MCP connectors for Radford, Mercer, Payscale, or FactSet. API client, data normalization, caching layer. Follows HRIS connector pattern. Enterprise tier only. | Q4 2026 |
| High Priority Milestone | Q2–Q3 2026 | |
Medium Priority — Build Second
| Feature | Scope | Target |
|---|---|---|
| User Jurisdiction Preferences | Profile field, settings UI, auto-apply to legal specialist queries. | Q2 2026 |
| Full 50-State Coverage | Run the existing Gemini pipeline for remaining 30 states. Infrastructure exists. | Q2 2026 |
| Dynamic Conversation Starters | Topic trend analysis, suggested prompts generation, UI component. | Q2 2026 |
| Voice Interface | Speech-to-text (Whisper API or similar), text-to-speech, audio UI components. | Q3 2026 |
| Multi-Language Support | Prompt translation, specialist prompt variants, UI localization, cross-language testing. | Q3 2026 |
| Company Culture & Prompt Customization | Admin onboarding flow, custom prompt layer system, per-company tone/values config. | Q3 2026 |
| Real-Time Escalation Notifications | Configurable alert routing per org, email/webhook delivery, escalation policy management. | Q3 2026 |
| Automated Routing & Approvals | Approval workflow engine, integration with client systems, document routing rules. | Q3 2026 |
| Continuous Learning Loop | Feedback pipeline from human reviews into prompt refinement, versioning, A/B validation. | Q3 2026 |
| Proactive Talent Notifications | Conversation pattern analysis, anomaly detection for attrition risk and team hotspots, alert dashboard. | Q3 2026 |
| Medium Priority Milestone | Q2–Q3 2026 | |
Future — Build Third
| Feature | Scope | Target |
|---|---|---|
| Calendar & Communication Integration | Google Calendar + Outlook integration, meeting scheduling, draft communications on behalf of manager. | Q4 2026 |
| International Legal Expansion | Populate legal KB for global jurisdictions using existing schema and refresh pipeline. | Q4 2026 |
| Fine-Tuned Evaluation Models | Train specialized evaluators on human-reviewed ground truth data for rubric scoring consistency. | Q4 2026 |
| Predictive Workforce Planning | Company-wide trend analysis, hiring need predictions, succession planning recommendations. | Q4 2026+ |
| RESTful API Access | Public API layer over existing endpoints, API key management, rate limiting, documentation. | Q4 2026 |
| Custom Training Development | Aggregate query analysis for skill gap identification, training module recommendations. | Q4 2026+ |
| Meta-Lisa: Organizational Learning Layer | Ensemble learning across manager profiles, anonymized signal aggregation, org-wide pattern detection, CHRO-level reporting dashboard. Builds on per-manager echo/fizzle and adaptive memory systems. | Q4 2026+ |
| Future Milestone | Q4 2026+ | |
Enterprise Pilot Slice
The minimum viable feature set required to pilot Lisa as an enterprise deployment within a company. This is the fastest path to getting a client live with an integrated, company-specific version of Lisa.
What the Enterprise Slice Includes
Six features that together transform Lisa from a standalone tool into an embedded HR partner within a company:
- Company Knowledge Base (RAG) — Client uploads their policies, handbooks, and benefits guides. Lisa grounds her answers in their actual company policy instead of generic guidance.
- SSO/SAML Integration — Managers authenticate via the company’s existing identity provider (Okta, Azure AD, Google Workspace). No separate accounts to manage.
- Multi-Tenant Architecture — Complete data isolation between pilot companies. Each client’s conversations, documents, and configurations are fully segregated.
- HRIS Integration (one system) — Connect to the client’s HR system for org chart and employee data. Lisa can verify reporting lines and access relevant employee context.
- Enterprise Security Basics — Encryption at rest for employee data, org-scoped access controls, enhanced audit trails, and data subject request handling.
- Company Culture & Prompt Customization — Lisa’s persona tuned to the company’s tone, values, terminology, and escalation policies. She sounds like part of their team.
Dual Pilot Strategy
Running a Standard deployment pilot and an Enterprise deployment pilot concurrently at two different companies. Multi-Tenant Architecture enables both to run safely on the same infrastructure with zero data leakage.
Company A — Standalone Pilot
Lisa as a standalone HR coaching tool. No integrations with the company’s internal systems.
- Managers access via web chat and/or Slack
- General US employment law guidance (federal + 20 state supplements; 50-state + international on roadmap)
- Full specialist consultations (Legal, Compensation, Recruiting, L&D, Benefits)
- Conversation memory, tool generation, risk escalation
- Existing PII redaction and security controls
- No IT integration work required from the client
Company B — Integrated Pilot
Lisa embedded within the company’s operations, policies, and systems. Customized persona and knowledge.
- SSO authentication via the company’s identity provider
- Company policies, handbooks, and benefits uploaded and indexed (RAG)
- HRIS integration for org chart and employee context
- Lisa’s tone, terminology, and escalation policies customized to company culture
- Stricter security: encryption at rest, org-scoped access, enhanced audit trails
- Employee data handling with GDPR/CCPA compliance controls
Parallel Execution
Both pilots run concurrently on the same infrastructure. The Standard pilot can go live almost immediately while the Enterprise pilot is being built out. This gives us real-world usage data and feedback from Company A while we’re integrating with Company B’s systems — and any improvements we make for one benefit the other. Multi-Tenant Architecture ensures complete data isolation between the two.