Examples
1. Insurance policy renewal — 90 days before expiration
severity: warning channel: email + sms jurisdiction: US-NYDescription
A commercial auto insurance carrier issues a renewal alert 90 days before policy expiration. The recipient is the named insured at a small motor carrier (ACME Trucking LLC). Two channels are configured: business email for the operations contact and SMS for the owner. A single escalation step fires seven days before the deadline, elevating severity to urgent and re-sending on both channels.
DASF payload
{
"dasf_version": "1.0",
"alert_event": {
"id": "evt_01HZX9N7Q4M2K8VYP3FA5GTRBC",
"severity": "warning",
"issued_at": "2026-04-29T15:00:00Z",
"deadline_at": "2026-07-28T05:00:00Z",
"idempotency_key": "renewal:POL-99381-A:2026-07-28",
"locale": "en-US",
"tags": ["insurance:auto", "renewal"],
"subject": {
"type": "InsurancePolicy",
"identifier": "POL-99381-A",
"jurisdiction": "US-NY",
"obligation": "renewal",
"human_label": "Commercial Auto Policy — ACME Trucking LLC",
"references": [
{ "uri": "https://carrier.example/policies/POL-99381-A", "rel": "source" }
]
},
"channels": [
{ "type": "email", "address": "ops@acmetrucking.example", "locale": "en-US" },
{ "type": "sms", "address": "+13158710833",
"quiet_hours": "22:00-07:00 America/New_York" }
],
"escalation": [
{ "after": "P83D", "action": "elevate_severity", "severity": "urgent",
"condition": "not_acknowledged" }
],
"retry_policy": {
"max_attempts": 3,
"backoff": "exponential_jitter",
"initial_delay": "PT1M",
"max_delay": "PT30M"
}
}
}Design choices
- Severity = warning. 90 days is well above any contractual or regulatory cliff. Reserving
urgentfor <30 days andcriticalfor <7 days preserves recipient attention. - Idempotency key.
renewal:POL-99381-A:2026-07-28is deterministic given the policy identifier and deadline; if the producer re-emits across restarts, the consumer deduplicates safely. - Quiet hours on SMS only. Email has no quiet-hours field because email delivery does not interrupt the recipient.
- Single escalation step. A 90-day-out warning that escalates once at T-7 is the minimal useful cascade. More aggressive cascades (T-30, T-14, T-7) are common and shown in example 3.
2. SR-22 filing deadline — 30 days
severity: urgent channel: email + voice jurisdiction: US-CADescription
A California court order requires the insurer to file an SR-22 certificate of financial responsibility on behalf of a high-risk driver within 30 days of policy bind. Failure to file results in driver license suspension. The producer is the insurer's compliance system; the recipient is the assigned underwriter. The alert is urgent at issuance because the consequences of the deadline are material and the window is short.
DASF payload
{
"dasf_version": "1.0",
"alert_event": {
"id": "evt_01HZXA0G92RH6JKW0YT5Z3MVQK",
"severity": "urgent",
"issued_at": "2026-04-29T17:30:00Z",
"deadline_at": "2026-05-29T07:00:00Z",
"idempotency_key": "sr22:filing:CA:DL-X1438829:2026-05-29",
"locale": "en-US",
"tags": ["sr22", "insurance:auto", "court-ordered"],
"subject": {
"type": "SR22Filing",
"identifier": "DL-X1438829",
"jurisdiction": "US-CA",
"obligation": "filing",
"human_label": "SR-22 filing required — CA driver DL-X1438829",
"references": [
{ "uri": "https://www.dmv.ca.gov/portal/driver-education-and-safety/special-interest-driver-guides/financial-responsibility-sr-22-sr-1p/",
"rel": "regulation" }
]
},
"channels": [
{ "type": "email", "address": "underwriting@carrier.example" },
{ "type": "voice", "address": "+14155550182",
"options": { "script_uri": "https://carrier.example/scripts/sr22-reminder.txt" } }
],
"escalation": [
{ "after": "P15D", "action": "resend", "severity": "urgent",
"condition": "not_acknowledged" },
{ "after": "P23D", "action": "elevate_severity", "severity": "critical",
"condition": "not_acknowledged" },
{ "after": "P25D", "action": "escalate", "to": "compliance-lead@carrier.example",
"channel_type": "email" }
]
}
}Design choices
- Issued at urgent. The 30-day window is too short to start at
warning; the cliff is regulatory. - Voice channel. SR-22 cancellations and missed filings carry license-suspension consequences; a voice channel ensures the recipient cannot silently miss it. The
script_urioption points to a hosted text-to-speech script. - Three-step cascade. Re-send at T-15, elevate to
criticalat T-7, escalate to compliance lead at T-5. The escalation reroutes to a human supervisor rather than only re-pinging the original recipient. - No quiet hours. The escalation explicitly bypasses quiet hours via the
criticalelevation; per spec §7.3, critical alerts override quiet windows.
3. UCR registration renewal — 60/30/14/7/1 day cascade
severity: warning channel: email + sms + push jurisdiction: USDescription
The FMCSA Unified Carrier Registration program requires interstate motor carriers to register and pay annual fees by December 31 of each year. Enforcement begins shortly after the deadline; carriers caught operating without active UCR face roadside out-of-service orders. A compliance back-office issues a five-step cascade starting 60 days out.
DASF payload
{
"dasf_version": "1.0",
"alert_event": {
"id": "evt_01HZXAB1F4ESC2XVNT9B0GQR3M",
"severity": "warning",
"issued_at": "2026-11-01T13:00:00Z",
"deadline_at": "2026-12-31T05:00:00Z",
"idempotency_key": "ucr:renewal:USDOT-3849201:2026",
"locale": "en-US",
"tags": ["fmcsa:ucr", "renewal", "compliance:transportation"],
"subject": {
"type": "UCRRegistration",
"identifier": "USDOT-3849201",
"jurisdiction": "US",
"obligation": "renewal",
"human_label": "UCR 2027 registration — USDOT 3849201",
"references": [
{ "uri": "https://www.ucr.gov/", "rel": "source" },
{ "uri": "https://www.fmcsa.dot.gov/registration/unified-carrier-registration", "rel": "regulation" }
]
},
"channels": [
{ "type": "email", "address": "compliance@carrier.example" },
{ "type": "sms", "address": "+13158710833",
"quiet_hours": "22:00-07:00 America/New_York" },
{ "type": "push", "address": "fcm:ePf9k...truncated...A8x2",
"options": { "platform": "android" } }
],
"escalation": [
{ "after": "P30D", "action": "resend", "severity": "warning",
"condition": "not_acknowledged" },
{ "after": "P46D", "action": "elevate_severity", "severity": "urgent",
"condition": "not_acknowledged" },
{ "after": "P53D", "action": "resend", "severity": "urgent",
"condition": "not_acknowledged" },
{ "after": "P59D", "action": "elevate_severity", "severity": "critical",
"condition": "not_acknowledged" },
{ "after": "P61D", "action": "escalate", "to": "owner@carrier.example",
"channel_type": "voice", "condition": "not_completed" }
],
"retry_policy": {
"max_attempts": 5,
"backoff": "exponential_jitter",
"initial_delay": "PT30S",
"max_delay": "PT1H"
}
}
}Design choices
- Five-step cascade mapped from issued_at. Issued 60 days out (Nov 1) for a Dec 31 deadline. Steps fire at T-30 (Dec 1), T-14 (Dec 17), T-7 (Dec 24), T-1 (Dec 30), and T+1 (Jan 1) escalating to a voice call to the owner.
- Three channels. Email and SMS for the compliance contact; push for in-app reminders. The owner-escalation uses voice because owner inboxes are noisy and a call interrupt is justified by the consequence.
- Last step uses
not_completedcondition. Earlier steps fire onnot_acknowledged; the final escalation only fires if the renewal itself was not completed (signaled via an inbound AcknowledgementReceipt withx_ack_status = "completed"). - Tag namespacing.
fmcsa:ucrandcompliance:transportationlet downstream analytics and AI agents bucket alerts without parsing the subject type.
4. HIPAA breach notification — 60 days post-discovery
severity: critical channel: webhook (signed) jurisdiction: USDescription
Under the HIPAA Breach Notification Rule (45 CFR §§164.400–414), a covered entity that discovers an unsecured PHI breach must notify affected individuals without unreasonable delay and no later than 60 calendar days from discovery. A privacy operations system issues a critical alert at discovery; the deadline is 60 days out; escalation steps drive the legal team to confirm notification draft, mailing, and substitute notice (where applicable).
DASF payload
{
"dasf_version": "1.0",
"alert_event": {
"id": "evt_01HZXAQM8VR2P5KJTW8N5DBHQF",
"severity": "critical",
"issued_at": "2026-04-29T18:45:00Z",
"deadline_at": "2026-06-28T18:45:00Z",
"idempotency_key": "hipaa:breach:INC-2026-0042:notify",
"locale": "en-US",
"tags": ["hipaa:breach", "phi", "regulatory"],
"subject": {
"type": "HIPAABreachReport",
"identifier": "INC-2026-0042",
"jurisdiction": "US",
"obligation": "notification",
"human_label": "Breach incident INC-2026-0042 — individual notifications due",
"references": [
{ "uri": "https://www.hhs.gov/hipaa/for-professionals/breach-notification/index.html",
"rel": "regulation" },
{ "uri": "https://internal.example/incidents/INC-2026-0042",
"rel": "source" }
]
},
"channels": [
{ "type": "webhook",
"address": "https://privacy-ops.example/hooks/dasf",
"signed": true,
"options": { "alg": "HMAC-SHA256" } },
{ "type": "email", "address": "privacy-officer@covered-entity.example" }
],
"escalation": [
{ "after": "P14D", "action": "resend", "severity": "critical",
"condition": "not_acknowledged" },
{ "after": "P30D", "action": "escalate", "to": "general-counsel@covered-entity.example",
"channel_type": "email" },
{ "after": "P50D", "action": "escalate", "to": "ceo@covered-entity.example",
"channel_type": "email" }
],
"retry_policy": {
"max_attempts": 10,
"backoff": "exponential_jitter",
"initial_delay": "PT15S",
"max_delay": "PT15M"
}
}
}Design choices
- Critical at issuance. The HIPAA 60-day clock starts at discovery; the alert is critical from the first second because the regulatory deadline is fixed and externally enforced.
- Webhook channel with HMAC. Privacy operations systems consume DASF over signed webhooks to write to immutable audit logs. The
signed = trueflag mandates HMAC-SHA256 inX-DASF-Signatureper spec §8.1. - No SMS, no push. Critical regulatory alerts in healthcare contexts MUST avoid channels that incidentally create new PHI exposure. Webhook to an authorized internal system and email to a single named officer minimize disclosure surface.
- Aggressive retry policy. 10 attempts with 15-second initial delay and 15-minute cap reflects the regulatory cost of any silent delivery failure.
- Three-tier escalation. T-46 to General Counsel, T-10 to CEO. The escalation hierarchy mirrors the organization's incident response plan.
DASF carries the alert and routes it; it does not constitute the breach notification itself. The notification to affected individuals is a separate document, generated and delivered through the covered entity's normal channels.
5. Workers compensation audit — 45/30/15 day cascade
severity: warning channel: email + sms jurisdiction: US-FLDescription
A workers compensation insurer schedules an annual premium audit 45 days before the audit window closes. The policyholder must submit payroll records, classification verifications, and subcontractor certificates of insurance. Failure to comply triggers an estimated audit at the carrier's discretion, typically resulting in a higher premium adjustment. The cascade fires at T-45 (issuance), T-15, and T-3.
DASF payload
{
"dasf_version": "1.0",
"alert_event": {
"id": "evt_01HZXAW1NK2QEY6XJTW0V4HDXC",
"severity": "warning",
"issued_at": "2026-04-29T14:00:00Z",
"deadline_at": "2026-06-13T05:00:00Z",
"idempotency_key": "workerscomp:audit:WC-FL-2241187:2026",
"locale": "en-US",
"tags": ["workerscomp", "audit", "insurance"],
"subject": {
"type": "WorkersCompPolicy",
"identifier": "WC-FL-2241187",
"jurisdiction": "US-FL",
"obligation": "upload",
"human_label": "Workers Comp 2025 audit — payroll & class verification",
"references": [
{ "uri": "https://carrier.example/audits/WC-FL-2241187", "rel": "source" }
]
},
"channels": [
{ "type": "email", "address": "hr@policyholder.example", "locale": "en-US" },
{ "type": "sms", "address": "+19045550173",
"quiet_hours": "21:00-08:00 America/New_York" }
],
"escalation": [
{ "after": "P30D", "action": "elevate_severity", "severity": "urgent",
"condition": "not_acknowledged" },
{ "after": "P42D", "action": "elevate_severity", "severity": "critical",
"condition": "not_completed" }
],
"retry_policy": {
"max_attempts": 3,
"backoff": "linear",
"initial_delay": "PT2M"
}
}
}Design choices
- Three-tier severity ladder. Warning at T-45, urgent at T-15, critical at T-3. The progression matches the carrier's typical "estimated audit" trigger window.
- Obligation = upload. The recipient action is to upload documentation, not to make a payment or sign anything. DASF's recommended
obligationvalues let downstream UIs render an appropriate call-to-action. - Linear backoff on retries. Most carriers' upload portals are stable; exponential backoff would unnecessarily delay second attempts. Linear with a 2-minute base is appropriate for transient failures.
6. CDL renewal with grace period
severity: warning channel: email + sms + push jurisdiction: US-NJDescription
A New Jersey commercial driver license expires on a fixed birthday-anchored date. NJ MVC permits renewal up to one year in advance and offers a 60-day grace period after expiration during which the license may be renewed without retest, but the holder MAY NOT operate a commercial vehicle during the grace window. A driver-services app issues a 90-day warning and includes post-deadline grace-period reminders.
DASF payload
{
"dasf_version": "1.0",
"alert_event": {
"id": "evt_01HZXB35GTCZHDV82YJWN0AXFE",
"severity": "warning",
"issued_at": "2026-04-29T16:00:00Z",
"deadline_at": "2026-07-28T05:00:00Z",
"idempotency_key": "cdl:renewal:NJ-D2940-22481:2026-07-28",
"locale": "en-US",
"tags": ["cdl", "license:renewal", "transportation"],
"subject": {
"type": "DriverLicense",
"identifier": "NJ-D2940-22481",
"jurisdiction": "US-NJ",
"obligation": "renewal",
"human_label": "Class A CDL renewal — expires 2026-07-28",
"references": [
{ "uri": "https://www.state.nj.us/mvc/license/renewcdl.htm", "rel": "regulation" }
]
},
"channels": [
{ "type": "email", "address": "driver@example.com" },
{ "type": "sms", "address": "+19735550199",
"quiet_hours": "22:00-07:00 America/New_York" },
{ "type": "push", "address": "apns:9af1...truncated...c83b",
"options": { "platform": "ios" } }
],
"escalation": [
{ "after": "P60D", "action": "elevate_severity", "severity": "urgent",
"condition": "not_acknowledged" },
{ "after": "P83D", "action": "elevate_severity", "severity": "critical",
"condition": "not_completed" },
{ "after": "P90D", "action": "resend", "severity": "critical",
"condition": "not_completed" },
{ "after": "P120D", "action": "resend", "severity": "critical",
"condition": "not_completed" },
{ "after": "P150D", "action": "cancel", "condition": "not_completed" }
],
"x_grace_period": "P60D",
"x_grace_note": "NJ MVC: license may be renewed without retest within 60 days post-expiration; commercial operation prohibited during grace."
}
}Design choices
- Escalation continues past
deadline_at. Steps at P+0, P+30, and P+60 days (relative to issuance, mapping to T+0, T+30, T+60 from deadline) cover the NJ MVC grace period. The final stepcancels the alert chain after the grace period closes. - Extension fields for grace.
x_grace_periodandx_grace_notecarry jurisdiction-specific information that DASF v1.0 does not normalize. A future revision may promote grace handling to a normative field. - Three-channel composition. Email (asynchronous, durable), SMS (interruptive, time-bounded by quiet hours), push (in-app, no quiet hours, low cost). The producer relies on the consumer's UI to dedupe across channels for the same recipient.
- Critical past expiration. Once
deadline_athas passed, severity is critical because the holder cannot legally drive commercially. The grace period addresses paperwork, not operation.
All payloads above validate against the published DASF v1.0 JSON Schema. Producers and consumers may copy these as starting templates. Identifiers, addresses, and policy numbers in these examples are illustrative and do not refer to real persons, vehicles, or organizations.