4:00 - 4:05 p.m. - Announcements (5 minutes)

Congratulations to Varunram Ganesh on the successful completion of a Master of Management Studies; Varunram will be working in finance at a hedge fund.

4:05 - 4:20 p.m. - TechExpo 2021 Update, Quincy Garbutt, Lisa Smith, Sharon Kaiser (10 minute presentation, 5 minute discussion)

What it is: TechExpo is an annual, day-long conference to recognize the contributions of Duke University and Duke Health IT service professionals. Established in 2007, TechExpo is sponsored and jointly coordinated by the Duke University Office of Information Technology (OIT) and Duke Health Technology Solutions (DHTS).

Why it's relevant: TechExpo is a one-day conference of Duke IT people, by Duke IT people and for Duke IT people.  It's the best opportunity to learn about the amazing contributions in IT at Duke, to enhance your IT skills, and connect with friends and colleagues across the university and health system.

Quincy Garbutt introduces his co-chair Lisa Smith and future chair, Sharon Kaiser.

TechExpo 2021 entitled "The Show Must Go On" was held virtually on March 19, 2021, from 9 a.m. to 2 p.m.  TechExpo 2021 consisted of pre-recorded sessions as well as live Zoom sessions. A marquee and TechZoom backgrounds were developed and approved for the event. Cvent was used for registration. TechExpo 2021 included a scavenger hunt game, matching games, DiversifyIT, and a social hour.

Statistics for TechExpo 2021 are:

There were 570 registrants, 538 attendees; usually, about 600 staff attend.

137 played and won prizes.

There were 16 Sessions and 16 Vendors.


There was much positive feedback for TechExpo 2021. 70% made good contacts for work. 90% liked the virtual venue. Comments included: 

The virtual venue was easy logistically.

Attendees liked being emailed the schedule.

Attendees like how the site was laid out.

Attendees like being able to go back and see the session they missed or sessions that took place during another session.

Quincy thanks Dan Bruno and Jen Vizas.

Q. Tracy Futhey – Thank you, Quincy, and the whole team. What were the actual things that we did differently in the pandemic that we want to continue with?

A. Quincy – We may look at a hybrid going forward with TechExpo because of some of the strengths. For example, having prerecorded sessions or maybe streaming sessions across campus and then, having these sessions available is something we would like to continue. The biggest draw for TechExpo is the in-person collaboration but sometimes this is not possible due to health considerations or due to jobs like the Service Desk where it is difficult to step away for an extended period of time.

4:20 - 4:45 p.m. - New Online Master's Degree Programs at Duke: Financial Technology (FinTech) and Cybersecurity, Jimmie Lenz (15 minute presentation, 10 minute discussion)

What it is: In fall 2020, Duke launched a new Master of Engineering in Financial Technology (FinTech) program. The FinTech curriculum consists of courses in programming and software engineering, financial institution products and services, business fundamentals, and risk and asset management. Starting in fall 2021, Duke launches a new Master of Engineering in Cybersecurity. The cybersecurity curriculum consists of courses in risk modeling and management, law, policy, ethics and privacy considerations, and cybersecurity. The FinTech and cybersecurity master's programs are two new areas of master's study offered online and on-campus at Duke.

Why it's relevant: At the heart of every seamless financial transaction is financial technology, or "FinTech." The new FinTech master's degree will fuel innovation in the finance industry by teaching in-demand computing and programming skills along with industry-specific business fundamentals. Among the first programs of its kind based in an engineering school, Duke's FinTech degree is designed to prepare graduates to meet the growing need for technical expertise in the traditional and emerging finance sectors.


Computing technology has created efficiencies, lowered costs, and expanded access to communication and information — but not without risks. The new master's program in Cybersecurity is a strategic response to growing demand from businesses, educational institutions, and governments for cyber-savvy engineering professionals. The program is designed to develop professionals with the skillset that organizations need to protect their vital networks and systems.

Jimmie Lenz introduces the two new Masters' programs being offered at Duke's Pratt School of Engineering, a Masters in Financial Technology (FinTech) and a Masters in Cybersecurity. The FinTech program has already started. The Master of Engineering in Security will start this fall. Pratt has always had the intent to implement programs on campus and online and due to the pandemic, this has been opened up earlier than expected. These types of programs are designed for working professionals and for locations all around the United States and for maybe even the world. Also, online capabilities add to the diversity of the class. One goal is to integrate professionals with 8, 10, 15 years of experience because this adds dimension to the class and this is possible if someone can participate virtually from San Francisco, for example.

These two programs have been in development for a few years. The FinTech program came out last year and an enrollment of 30. Due to the online nature of the program, the program was no affected by the pandemic. This year applications are up by 200% and 80 students are expected to enroll.

Jimmie Lenz worked in finance on algorithmic trading programs and then, taught at a business school. But Jimmie Lenz thinks FinTech belongs in the engineering school. Jimmie Lenz wanted to do something applied and so every class is hands-on. On-campus and online opportunities are the same. Instead of an internship, working professionals have the opportunity to use a project at work. There is one other FinTech engineering program being offered at Berkeley. 

FinTech Masters requirements are:

2 core business courses

4 core financial technology courses

1 industry internship

1 fintech capstone

3 electives

The FinTech program features professors with extensive academic and industry experience, partnerships with traditional and fintech companies, hands-on teaching of topics such as blockchain and machine learning.

The Master of Engineering in Cybersecurity is launching in Fall 2021 and will be both on-campus and online. This will be the 11th Master of Engineering degree offered at Pratt. There are 2 tracks: technology and technology management. This is a multidisciplinary degree including:

A focus on the human and social element taught by Missy Cummings.

An understanding of legal and regulatory aspects lead by Kim Cotler.

Collaboration with both the Law school and Sanford School of Public Policy.

The Master of Engineering in Cybersecurity also includes an internship or project.

Q. John Board – What was your approach to delivering the technology for these programs;? For example, in FinTech, one can imagine students wanting to play with synthetic or real blockchain. In Cyber Security, they might be playing white hat, black hat with Kali Linux; can you talk about your approach to providing these opportunities to students?

A. Jimmy Lenz – OIT has been great to work with on these things. Blockchain is a great example because we run full nodes. We run Ripple XRP and Ethereum. Students build virtual wallets, construct some simple smart contracts, build their own tokens.

With cybersecurity, two CSOs, Randy and Richard, are teaching. Some students hope they can intern with OIT this summer. Cybersecurity students are passionate about cybersecurity; this is their calling and facilitation by OIT has been crucial.

Q. Tracy Futhey – Are both programs in parallel online and on-premise?

A. Jimmy Lenz – Yes, the classes are taught in a hybrid fashion. Some students are on campus and most students are hybrid. All classes are recorded as well for asynchronous teaching. We employed both Zoom and Panopto and heard no bad things.

Q. Tracy Futhey - How many students are expected in the Cyber Security program this Fall?

A. Jimmy Lenz - Probably 25 in the inaugural Cyber Security class.

Q. David MacAlpine – What are the demographics of these programs?

A. Jimmy Lenz – Most students are undergrad math majors with a dual major. 2nd largest group is econ. 3rd largest is engineering and CompSci. It is a very quantitative group.

Most are international. For the incoming class, 12% are domestic students. There are students from South America, Canada, Europe. Most went to school in the US or Canada. Most of the students are from China but went to school in the US. In the application pool, there are almost 100 schools.

The gender split is 50/50. Students' average work experience is about 5 years. The Cyber Security program looks like will be about the same.


4:45 - 5:00 p.m. - Duke Health Content Filtering Updates, Randy Arvay (5 minutepresentation, 10 minute discussion)

What it is: Duke Health is evaluating network security measures to implement a solution to permit access to personal email and social media accounts on managed devices connected to secure networks. In late September 2020, U.S. healthcare organizations were attacked by ransomware after warnings were issued by the Department of Homeland Security and the FBI. Several reports indicated that healthcare systems across the country were impacted. Effective November 1, 2020, Duke Health enacted additional network security measures to mitigate this threat and protect our patients, staff, and infrastructure. All devices connected to the Duke Health secure network were prevented from accessing personal email and social media accounts.

Why it's relevant: While the threat of ransomware is still present in U.S. healthcare organizations, Duke Health will update us on plans to restore access to personal email and social media accounts on managed devices connected to the Duke Health secure network.

Randy Arvay explains that back in November, some blocks were put in place due to ransomware attacks focusing on Healthcare providers. The University of Vermont was one of the biggest that was hit having six hospitals affected for almost 45 days. This caused Duke Health to place blocks on some aspects of the network. These blocks have impacted Gmail, Twitter, Facebook, LinkedIn.

In any given month, 100M emails come across both entities – Duke Health and Duke University. Proofpoint filters these emails down to 39M.

There are also things like Yahoo and Gmail that are accessed over the network so it's important to have a secure web gateway but this has not permitted access to things such as Yahoo and Gmail. Right now, we have been blocking at the firewall level which is like using a sledgehammer to put in a picture nail. However, there is new technology being rolled out that actively checks the URL and content as you touch the site and will actively block malware from getting to the machine. This block will happen before Crowdstrike.

Phase one of this new technology is planned for all managed machines. At the end of June, the plan is to roll this out to all on the Health side.

Q. David MacAlpine – I run a basic science lab on the Health side. Wireless speeds are not always great. That being said, we want to plug into the wired network for Zscaler and we are concerned about the SSL and TLS deep inspection.

A. Randy Arvay – The admins will not be looking at the content; the admins will not touch nor see the data.

A. John Board – Duke has other tools that could be used to intrusively spy on people, but we don't.

A. Randy Arvay – It's the level of threat that is forcing our hand in some ways; we try to make our measures palatable for users while providing protection.

Q. Jimmy Dorff – Does it require non-standard certs to allow the man in the middle probe?

A. Randy Arvay – It requires a client installed on the machine; if it's a Blue Coat device, it's routed through Blue Coat. When you have the agent itself installed, I'm not aware of any other additional certificates being required.

Q. David MacAlpine – How deep are the hooks or is this just HTTP and HTTPS?

A. Randy Arvay – Just HTTP and HTTPS spaces; it has a CASB that we are looking to leverage. We want to have a history of who touched what when.

5:00 - 5:30 p.m. - Telehealth at Duke, Matt Roman (20 minute presentation, 10 minute discussion)

What it is: In the last few years, telehealth has been transforming at Duke. It has especially emerged as a critical technology during the COVID-19 pandemic. Matt will give an overview of the telehealth program at Duke Health, the technology and data behind it, and what the future holds for telehealth.

Why it's relevant: As telehealth volumes remain strong and are growing, Duke Health must continue to adapt and prepare for the future to deliver care as high quality or better as traditional in-clinic delivery models.

Matt Roman of Duke Health's Digital Strategy Office speaks to the state of telehealth at Duke.

Statistics Include:


Created 4-5 years ago;

Virtual visit charges: $88.3M

Patient satisfaction ~90%

Miles saved 39.9M

Visits completed 263,078

Providers: 3,500+

15-1800 visits per day

Telehealth includes digital health and MyChart


Enrolled patients: 897,382

Self-scheduled appointments: 334,302

Logins: 13.7M

eCheck-in: 728,727

paperless statements: 631,490

TELEHEALTH Program Volume FY21 YTD -through March

Video Visits 241,176

Telephone Visits: 130,704

Duke Health Anywhere: 3,391

e-Communications: 4,792

Video Clinic Visits: 511

Virtual Rounding: 131

Internal Virtual Consults: 25

Tele-ID: 108

Remote Interpretation: 177

e-Visits: 18

Telestroke: 1410

Total Telehealth Volume: 382,443

Future Considerations include:

Video Visits

Remote patient monitoring replicating the in-person experience.

Inpatient care involving staff augmentation, access to expertise, and hospital@home.

Transfer management

Matt Roman concludes by asking these questions:

What have you not heard that you anticipated?

What other industries do you believe can inform the future of telehealth?

Thoughts about privacy specifically in relation to RPM/Geolocation?

Q. John Board – On the university side, we were forced into teleteaching; what is your strategy for managing varying internet quality?

A. Matthew Roman – We are phenotyping patients. Patients with a lousy home internet connection are not a good candidate for telehealth. We do also provide hotspots when we need to. It is interesting to note that video quality is more important to patients while audio quality is more important to providers. In behavioral health settings, there are some behaviors that providers need to be able to see so sometimes in cases like these, patients are encouraged to come in. Finally, some communities have kiosks that can be beneficial for the homeless, for example.

Q. Victoria Szabo – I am interested in privacy-related to insurance companies. I have a sleep apnea machine and had to have data collected for insurance to pay for the CPAP machine. So the doctor has this data but now, the insurance company must have the data as well.

A. Matthew Roman – Yes, the data can stream straight through to the payer. The data might even run directly to the vendor cloud piping data from the device to ab intermediate link so that relevant data can be transferred. One advantage is that providers can intervene earlier if data shows it is needed. There are standards for transferring this data; regulatory or privacy standards must be in place.

Q. David MacAlpine – Were doctors and nurses satisfied?

A. Matt Roman – Yes. 92% of patients gave telehealth 4 and 5s out of 5; With providers, there was mixed feedback as some patients were seen online and some in person. Some providers felt telehealth was more challenging than it was worth. Clinic sessions can be all virtual or in-person though and the provider is not forced to provide online care if it is not comfortable for them.