Schedule

Tuesday, July 18

-
  • Beginner

    When an organization undergoes a large-scale IT implementation, the project’s technical readiness is usually well-planned and consistently executed.  Project management activities always revolve around scope, deliverables, and concrete timelines.  However, operational readiness, or the well-defined plan to prepare individuals to use new technology, is too frequently overlooked.  These are the change management tactics that address optimal utilization and adoption of new tools, ultimately combatting barriers to sustainability.  IT Departments are often credited for implementing key projects—

  • Beginner

    According to a recent survey conducted by a leading security firm, 76% of respondents experienced phishing attacks.  The threat from phishing attacks is real and causes data breaches, financial loss, and system compromises like ransomware.  This presentation will cover real-life phishing attacks observed at UC and the various motives of the phishers.  Attendees will see first-hand the methods used by attackers to lure potential victims into clicking links or responding with information that ultimately benefits the attackers. —

  • Intermediate

    At a large, geographically widespread academic medical center, meeting researchers where they’re at is a challenge.  Helping clinicians and researchers navigate across which technologies, tools, platforms, internal technology groups, external vendor options and governance and approval boards is a full time job. Actually it’s several people’s full time jobs.

    Join us for a panel discussion of how XXX has created both formal and informal structures to support researchers interested in using technology in healthcare research. Hear from a—

-
  • Intermediate

    There is no recording for this session. The presenters have opted to provide the slides for attendees. These can be downloaded below in the Session Files section - UCTech 2019 Planning Committee

    As the use and availability of Electronic Health Record system have expanded so have opportunities to reuse the information they collect to improve clinical outcomes, reduce costs, improve health system operations and support a variety of research activities.

    Although the opportunities for secondary reuse of EHR are—

  • Securing Information, Assets and Systems
    SSMS - Room 1301/1302

    Beginner

    Do you approach change by hitting your users over the head with the same communications strategy or do you hit the nail on the head with targeted communication and outreach efforts? Let’s face it change is painful and inconvenient, especially when you’re competing with the distractions of a busy community. Beginning spring 2018 IT Security rolled out a set of initiatives to improve data, network, and system protection. We knew from experience that internal change was often—

  • Beginner

    At the request of the presenter, this session was not recorded. - UCTech 2019 Planning Committee

    Extending UC Health’s EHR to the Community Market

    • Define Electronic Health Record (EHR) provisioning to the community market and how that foundation helps evolve the patient care continuum
    • Discuss how UC Health is taking a proactive, integrated approach to advancing their provisioning strategies and capabilities
    • Provide insight to the program development necessary to sustain the business model (e.g., legal, compliance, risk,—

-

-
  • Securing Information, Assets and Systems
    Girvetz Hall - Room 2123

    Intermediate

    At the request of the presenter, this session was not recorded. - UCTech 2019 Planning Committee

    We'll share our experience with a top-right quadrant SIEM, including benefits, pitfalls, operation and support.

    • How to learn to use the SIEM
    • Best use of vendor resources
    • What we expected & what we got
    • Leveraging for a small team
    • Metrics vs Measurements/Actionable Numbers
    • Runbook-style procedures
    • Extending to the cloud
    • Useful dashboards/reports
    • What we would do differently

     

  • Intermediate

    When UCLA HumTech converted a homegrown application to a serverless app, we had to rethink how we approached data security. While UCLA has a number of solutions to protect student data, most of these solutions assume that there's a server to run on. A serverless app requires rethinking how we accessed Shibboleth, queried the student record system, and protected resources.

    This talk will present our experience securing a serverless application. It is for developers, system administrators, and—

  • Intermediate

    This workshop will demonstrate how to use free open-source tools to set up a safe environment to explore a deliberately insecure web application to train yourself or other web-application developers on web-application security.

Wednesday, July 19

-
  • Beginner

    Do you or your team enter into agreements for IT services, software, hardware or professional services? Does your Unit use Cloud solutions to solve your business problems?  If the answer is yes to any of those questions, then this panel session is for you.

    Earlier in this year, a systemwide workgroup rebuilt Appendix DS in order to make it simpler and easier to use, and to be Supplier friendly.

    In this session, our panel will discuss when—

  • Developing and Sustaining Health Technology
    Library - Room 1312

    Intermediate

    Look a technical into how Zoom is changing Healthcare by providing patients a user friendly tool that is secure but also open to innovative development. In this session we will speak to the ways that your department can incorporate Zoom into the patient experience as well as the lessons learned from UCSF's implementation of it. This session will also highlight our plans for Zoom in Healthcare and where we see this platform taking us. 

-
  • Beginner

    In the Fall of 2018, the XXXXX released a custom Referrals Automation application that integrated with seven plus different systems across the enterprise and beyond including NIH, commercial vendors and other 3rd party systems.

    While the application was a success, XXX wanted to scale their platform quickly and proactively. With dependencies on external APIs, XXXX needed to be able to monitor and detect changes automatically to ensure stability.

    A DevOps culture seemed necessary.  Since, the XXXXXXXX has had—

-

-
  • Developing and Sustaining Health Technology
    Library - Room 1312

    Intermediate

    The Data Provisioning Core (DPC) exists to support the majority of health data analysis needs though the provisioning of well-characterized raw health-related data and derived conceptual information to data requestors. Fundamental to the mission of the DPC is 1) the development of best practices in clinical informatics to guide the acquisition, transmission, aggregation, sematic curation, characterization, protection, and delivery of health data, and 2) a paradigm shift in the relationship between core users of data and members—

  • Beginner

    In this digital age, more and more of medicine is turning to clinical imaging: photo capture, digital retinography, arthroscopy videos, point-of-care ultrasound and more.  While radiology has been perfecting imaging workflows for decades, standardized workflows do not exist for imaging in many other specialties. By leveraging the strength of the UC Health system, we had hoped to create a multidisciplinary team to tackle these workflows. This session is a walk through the lessons learned from our collaboration—

  • Securing Information, Assets and Systems
    UCEN - Flying A Studios

    Beginner

    Concealing database credentials and rotating passwords is usually an exhaustive activity - for system administrators, database administrators, application developers, and security auditors.  Discover how your organization can save time by using AWS Secrets Manager.

    See how the AJS developers at UCOP created an AWS CloudFormation template to add a secret to the AWS Secrets Manager to both encrypt the credentials as well as rotating the password as often as required.  Watch and learn how we modified our Java—

  • Beginner

    Do you or your team members feel like IS-3 is too complex? Don’t know where to start? Does it seem hard to figure out the first step? Do you hesitate to develop a plan? Do you wish other options were allowed? These questions can limit compliance and hinder implementation – ultimately leading to increased cyber risk.

    In this session, we will discuss these questions and pain points in the implementation process and help learn how to overcome—

-
  • Beginner

    This session will review how our health organization helps to engage our high profile patients by providing a mobile application to give these members a quick way to communicate with our Care Connect team.  This application allows these patients to:

    + Activate a call to a dedicated line

    + Mobile chat a team member during a specified time window

    + Request an appointment

    + Connect to the MyChart patient portal

    + Receive exclusive insights, announcements, and private—

  • Beginner

    Like many universities, in 2017 UC <redacted>'s Internet border was largely open. The end-of-life intrusion prevention system (IPS), our only protection beyond a few router access control lists, was removed when it failed. There was very little to distinguish our campus network from the Internet. We had limited ability to implement east-west controls between campus departments, mostly through router ACLs and distributed firewalls.

    This presentation will trace the path that we took from this beginning to functional—

  • Intermediate

    Title

    Securing International Student & Scholar Success

     

    Summary

    The team at UC-Irvine has created different applications for UCI International Center. These applications have not only created a user-friendly experience for international students and eased their transitions into UCI but also made the International center processes related to SEVIS compliance paperless, efficient and cost effective. In addition, UCI has gone a step beyond and successfully implemented multiple measures such as 2-factor authentication and transparent encryption to better—

  • Intermediate

    Healthcare data exchange and Interoperability are hot button topics when it comes to patient information, the cost of healthcare and barriers encountered by patients who receive care at multiple institutions.  This session will give an overview of the current methodologies for health data exchange and what has been successful to date as well as places where they have failed.  After the current state overview, the session will transition into future state exchange and discuss the FHIR (Fast—

-
  • Intermediate

    DevOps for accuracy, repeatability, and productivity at UC Davis Schools of Health.   

     

    DevOps means different things to different groups, at UC Davis we have utilized Docker, Jenkins, ELK, and Ansible for automated deploys and will be rolling out continuous integration and continuous deploy (CI/CD).  We have learned so far that the “how” of DevOps is far more important than the “what”. 

     

    UC Davis Schools of Health develops and supports software in-house that results in over 120 different—