Research 07.21.15 Minutes

Attending:

Ugo Buy, Andy Johnson, Houshang Darabi, Allen Randall, Bill Hendrickson, Bob Sandusky, Annette Valenta, Andy Boyd, Heather O’Leary, Clyde Wheeler, Jackie Berger, Colleen Kehoe, Cynthia Herrera Lindstrom, Sara Hall

  • Updates
    • Health Information Campus Committee
      • Trying to determine what data sources exist, what to do with the data
      • Focused on HIPAA and FERPA data
      • Access must be increased and added to infrastructure for storage and analysis
      • For September meeting, will be presentation on efforts in the Office of Vice President for Health Affairs to make data more accessible
      • Group will work to identify a viable strategy for ITGC Research Committee
      • Related information has been compiled to complement the recent report on data management, will be shared soon
    • Chair Elect
      • Henrik Aratyn is new chair elect, will become chair in AY17
    • Meeting Times for AY16
      • Research Committee will continue meeting at 9am the first Thursday of the month
  • Membership Bylaws
    • Updates
      • Proposal to change the bylaws membership has been revised
      • Committee reviewed membership
      • Approved Motion: Motion to send bylaws forward to the IT Governance Council for approval was accepted
  • Announcements from the Chief Information Officer
    • Report of Non-University Activities
      • RNUA online submission going live in September, developed in-house
    • Data Governance
      • Provost approved Data Governance Committee, will be 5th ITGC Committee
      • Discussion of who should be members on this committee
    • Scholarship Management Software
      • UIC SnAP application is now housing various scholarships for colleges
    • High Performance Computing Cluster
      • Open position has not yet been hired, but a graduate assistant is helping out
    • UIC Website
      • New webpage will go live in August

InfraSec 07.08.15 Minutes

Attending:

Jason Maslanka, Kevin Price, Chris Barton, Ed Zawacki, Bala Ramaraju, Craig Jackson, Phil Reiter, Allen Randall, Frank Cervone, Sandeep Dath, Therese Molina, Mike Kirda, Doug McCarthy, Ashok Benet, Sarah Ritch, Gene Fruit, Lisa Blake, Julio Chavarria, Ian Huggins, Josh Naylor, Cynthia Herrera Lindstrom, Ilir Zenku, Vinay Surpuriya, Mark Goedert, Kevin Shalla

  • Subcommittee Reports
    • Subcommittee Review
      • Went over list of existing subcommittees, active and standing
      • Subcommittee reports will be on the agenda for future meetings
    • IS-0002 Digital Accessibility
      • On hiatus
      • Currently looking at standards in accessibility, training and tools available
      • IT accessibility policy is being drafted at Urbana
    • IS-0008 Risk Management/Risk Assessment
      • Risk assessment report completed of all Health Science Colleges
      • Group working on furthering risk management
      • Will go beyond identifying risks to remediating issues
      • Three quotes shared on data inventory, risk management, vulnerability scans
      • Letter coming from University Audits on risk assessment observations
      • Discussion of budget, security program, current efforts, and various concerns
    • IS-0009 Security Program
      • Two sections withstanding on reviewing the policy
      • Group is working on what changes can be implemented now, what will wait
  • Project and Services Updates
    • Tigger Decommissioning
      • Getting all website off Tigger by end of fall semester
      • Emails will go out how to remove site and where to get help
      • After, email accounts on Tigger will be deactivated, switched to Exchange
      • End goal to make Tigger accessible only to ACCC people
      • Discussion of publish.uic.edu templates and official design
    • RedHat Licensing
      • License costs went up 20k, plan to renegotiate cost to reflect current use levels
      • Otherwise, there will be a move to CentOS from RedHat
    • Virtual Private Network Update
      • Presentation on VPN survey findings
      • Discussion of findings, reliability of client, alternative services
      • Discussion of VPN problems, solutions, and need for more communication
  • Open Discussion
    • Governance Structure & COBIT
      • Observations of goals shared for the future of InfraSec Committee
      • Meeting imminent to discuss InfraSec and COBIT with ACCC
      • Summary of feedback shared from survey sent to the committee
      • Discussion of whether or not committee will continue to set/pursue priorities
      • Discussion of following-up priorities, creating action items and a roadmap
      • Discussion of how COBIT can help with this
    • ADSM Plan/Server Backups
      • Discussion of aging equipment, no storage space, and things to be removed
      • Working to move onto a new system/adjust hardware to address problems
      • No official backup service for new servers, work is being done to address this
    • IT Security Policy Letter
      • Committee had asked for an official letter to go out to communicate IT Security Program and available resources
      • Provost will send letter out, members should comment in Box with feedback
    • Ideas To Be Explored – RT Upgrade, Web/Content Management System Committee
      • Group is tabling Web/CMS
      • Discussion of feedback on RT upgrade
      • Discussion of work being done to develop each RT as a separate instance
    • Outside Services
      • Concerns about outside service that affect the campus, i.e. SharePoint via AITS
      • Concerns about HIPAA and FERPA restrictions on these services
  • Informational
    • Disaster Recovery & Business Continuity Engagement with McGladery
      • McGladery representative discussed working on consulting project with ACCC
      • Discussion of responses to survey sent out about disaster recovery
      • Discussion of members’ expectations if ACCC data center were to fail
      • Suggestion that a plan must be put in place and shared with campus
    • Perfect Attendance Awards
      • Recognition of committee members who had perfect/near perfect attendance
    • Identity Access Management
      • NetID length discussion has been moving forward
      • IAM will be reaching out to committee members for feedback on applications
    • HIPAA
      • A letter will be going out to deans outlining HIPAA related policy and training to those under the covered entity

InfraSec 06.10.15 Minutes

Attending:

Phil Reiter, Allen Randall, Frank Cervone, Kevin Shalla, Lalo Camacho, Sandeep Dath, Therese Molina, Mark Goedert, Mat Willis, Bala Ramaraju, Ernesto Reyna, Craig Jackson, Jason Maslanka, Kevin Price, Ed Zawacki, Chris Barton, Mike Kirda, Andre Pavkovic, Lisa Blake, Heather O’Leary, Ron Fernandez, Marcin Hiolski, Ilir Zenku

  • Risk Assessment
    • Overview
      • Risk assessment is completed
      • Procedure for future assessments has been created
      • Draft recommendations reviewed, focusing on four to be implemented
      • Cynthia is now a U of I HIPAA Privacy and Security Officer
    • Business Associate Agreement
      • HIPAA subcommittee is working on a BAA template for BAAs on campus
    • Vulnerability Assessment
      • Committee should recommend how to roll out assessment
    • ePHI Data Inventory
      • Proposal for a shared inventory tool is to be made available to campus
      • Discussion of recommendations, what it will take to move forward
  • Security Goals for InfraSec
    • Review of Security Program
      • A policy shift as occurred—HIPAA issued a mandate that policy must be amended to include encryption of all devices under the covered entity
      • Decision was made not to allow employees to store high risk data on their personal devices
      • HIPAA training will be required of everyone under the covered entity, not just for those handling high risk data
    • Subcommittees
      • Suggestion to evaluate subcommittees: what exists, what each is working on, how each should change going forward
    • Disaster Recovery Plan
      • McGladery will work to survey InfraSec members about disaster recovery needs
  • Status Updates
    • Enterprise Apps
      • The group is meeting next week to discuss requirements and next steps
    • Office 365
      • An email is going out to REACH and IT professionals focusing on a change in personal purchases
    • Chair Meeting Outcomes/ Council
      • Chairs of ITGC committees met to discuss HR resolution
      • Discussion of Data Governance Committee recommendation on the need to consider language to differentiate between governance and operations
    • Subcommittees and Bylaws
      • There are a number of listed subcommittees to review, work to be archived
    • ADSM
      • There have been issues with ADSM
      • CrashPlan is a solution for workstations, but not servers
      • CrashPlan licenses are not going out to everyone yet, but units are encouraged to use it when possible, and to pull data off ADSM
      • Goal is to incorporate CrashPlan costs into rate and funding for FY17
    • Virtual Private Network
      • Working on VPN, looking for more user data for what more is needed
    • Unified Communications Roadmap/Consulting
      • The Burwood group is consulting with ACCC on Unified Communications

Admin 05.20.15 Minutes

Attending:

Mike Kamowski, Monica Tith, Mint Simagrai, Dick Harris, Kelly Block, Mary Berta, Jackie Kalan, John Fyfe, Linda Naru, Todd Van Neck, Dimuthu Tilakaratne, Tony Kerber, Dibyen Majumdar, Al Schorsch, Jackie Finch

  • Implementing Business Process Recommendations
    • Introduction
      • Members were asked to provide input on how to implement recommendations
      • Suggestion that recommendations are abstract, it might be helpful to apply them to specific projects
    • IT Priorities Committee Formal Process Review
      • Review will be part of IT Priorities Committee strategic plan, which will come up in August meeting
      • Admin Committee will work with Priorities Committee, provide input on process
      • ACCC/UIC specific processes still need to be considered separately
      • Implementation is important, but guidelines should be reviewed and accepted by community at large
    • Discussion
      • Discussion on proposal from Education Committee for submission of ideas for instructional technology services
      • Look at list of large projects, set subcommittees to review them
      • Discussion of crowdsourcing idea, what it would take to make it happen
      • Idea to create specific checklist of considerations at various stages of a project
      • Suggestion to start with design principles, communication, change management
    • Demo/Existing Projects
      • Demos could be presented to committee for feedback
      • Discussion of existing projects, which might be good for reviewing
      • Meeting scheduled to present a large number of projects to all ITGC committees
    • Discussion for Implementation/Recap
      • Discussion of various possibilities for implementing recommendations
      • Plan to send representatives to attend various parts of the proposal process—act as active participants
    • Potential Subcommittees
      • Creation of draft for several possible subcommittees to aid this process
  • Data Governance Committee
    • Concerns/Discussion
      • Suggestion that there is a lot of potential for overlap, creating conflict, and data is too big of an issue for one committee to manage
      • Discussion of data as an asset, intellectual property needs to be considered
      • General consensus is that the scope should be defined early

Research 05.07.15 Minutes

Attending:

Cynthia Herrera Lindstrom, Colleen Kehoe, Allen Randall, Sara Hall, Ugo Buy, Andy Boyd, Bob Sandusky, Clyde Wheeler, Annette Valenta, David Ibrahim, Barbara Corpus, Karen Dunn Lopez, Henrik Aratyn, Bill Hendrickson, Neil Bahroos, Houshang Darabi, Al Schorsch, Ugo Buy

  • Ad Hoc Committee on Data Management
    • Overview
      • Scope of committee has been broadened
      • Now addressing all data, including HIPAA and FERPA
      • Discussion of data access for researchers and graduate students
      • Discussion of committee in relationship to ITGC Data Governance Committee
      • Consideration of creating website with links for all data-related information
    • HIPAA Privacy and Security Official
      • Cynthia Herrera Lindstrom is new University HIPAA Privacy & Security Official
    • Center for Research Informatics
      • Center has been established
      • Health-centered, looking at translational informatics
      • Goal is to provide service, not governance
    • Goals and Deadlines
      • Discussion of setting deadlines and committee goals
      • Discussion of current regulations, availability of research data, and educating the campus on these issues
      • Discussion on role of governance in this issue
      • Discussion on how to compile more information on Institutional Review Board protocols and Principal Investigators
  • High Performance Computing Cluster
    • Cost Analysis with the Office of Business & Financial Services is being scheduled
  • Chair Elect
    • Replacement
      • New chair elect must be chosen for FY17
    • Statutory Limits to Data Sharing
      • Discussion of statutes in place to keep hospital from sharing data with Cerner and other data mining businesses
      • UI Health made this decision, not a federal statute
  • Bylaws Membership Committee
    • Overview on Current Membership
      • Presentation on how to reorganize this
      • Discussion of who should be active voting members
      • Recommendation to create a Blackboard site to keep researchers across campus informed and receive feedback

InfraSec 05.22.15 Minutes

Attending:

Ian Huggins, Kevin Shalla, Chris Barton, Mike Kirda, Marcin Hiolski, Sarah Ritch, Phil Reiter, Craig Jackson, Ed Zawacki, Mark Goedert, Mat Willis, Frank Cervone, Sandeep Dath, Lisa Blake, Therese Molina, Doug McCarthy, Andre Pavkovic, Jonathan Kupferer, Yilmaz Bal, Ron Puskarits, Jason Maslanka, Ilir Zenku, Sharla Roberts, Dale Morrison, Jackie Finch, Ron Fernandez

  • HR Job Analysis
    • Discussion
      • Introduction to topic of Civil Service job classifications for IT positions
      • IT Director Civil Service title has been decommissioned by Civil Service
      • Title must now work within IT Support Associate and IT Tech Associate
      • Would be very difficult to reinstate the director position
    • Several Concerns
      • Putting IT Directors into the IT Manager specification does not make sense, as duties do not line up
      • Inconsistency in different people, with the same duties, being assigned to Civil Service and Academic Professional
      • Issues with managers sitting in the same union as the people they are supervising
      • Conversion process is increasing the turnover rate and making recruitment very difficult
      • Compliance, timelines, transparency, and communication – answers are needed
      • Inconsistency in Civil Service conversation process for IT employees and the affect it is having on people’s lives – such as managers being converted to lower level positions – all with little discussion
    • HR Resolutions
      • Discussion
      • Individual shared experience in one college of collecting job descriptions of recently converted employees and those still Academic Professional and sending to HR leadership
      • Recommendation to do likewise at UIC
    • Voting
      • Motion to approve resolution on IT Directors in Civil Service passed
      • Motion to approve resolution on Job Model in Civil Service resolution passed
  • Information & Discussion
    • Procurement and Diversity
      • Introduction of the Minority and Female Business Enterprise Supplier Diversity Program office
      • Part of Board of Trustees resolution to increase supplier diversity to University
      • Policies and procedures being worked on to roll out program to accomplish this
    • Security Program Subcommittee
      • Program approved in early 2014, has been working through implementation
      • Part of program includes an annual review by InfraSec Committee
      • Security Program Subcommittee willing to lead the review
      • A communication will be sent out to update the campus about the program
  • Status Updates
    • Java Plug-in Use in Enterprise Apps
      • Discussion of concerns involving Java
      • Consideration of what solution might be available to address out-of-date software
    • Data Governance Proposal
      • Comments will be carried forward to the council
    • Security Posture
      • Discussion of presentation given to College of Medicine department heads/administrators to raise awareness of security breaches/consequences
  • Disaster Recovery
    • ACCC is working with McGladery
  • ACCC Updates
    • Email/Calendar
      • Health check completed
      • Issues will be resolved with mail routing
      • Pilot will start next week as originally planned
    • Network
      • Working on network core upgrade, will be completed shortly
      • There have been changes in Cisco technology
    • RAVE Campus Communicator
      • Discussion of where to obtain licenses
      • Discussion with Public Affairs for analysis of business requirements

Education 05.05.15 Minutes

Attending:

Valerie Prater, Anthony Marino, Michael Hites, Mike Kamowski, Rob Dixon, Francis Schlemmer, Dave Taeyaerts, Annie Armstrong, Saul Weiner, Eric Gobel, Gayla Stoner, Tom Okon, Abbas Hyderi, Michael Scott, Elizabeth Romero, Nathan Phillips

  • Opening Remarks
    • Introductions
      • Group will be going over subcommittee reports
      • Introduction of Gayla Stoner as new director for School of Continuing Studies
  • Basic Principles
    • Project Charter
      • Discussion of project charter
      • Discussion of handoff from ITGC Education committee to the Center for Excellence in Contemporary Teaching & Learning
      • Committee will have to determine how to proceed over the summer
    • Exemplar Website
      • Discussion of University of Michigan’s website on the Center for Research on Learning and Teaching, which resembles what UIC’s site would look like
  • Personal Computing Devices
    • Mobile Learning Initiative
      • Goal is to leverage mobile devices that students use every day
      • Pilot grant program is supposed to encourage faculty to implement and asses a mobile learning initiative
      • Waiting on approval of dollar amount from Provost’s office
    • Web-based Student Response System
      • Investigating alternatives to physical student response systems
      • Evaluated products – “Poll Everywhere” and “Lecture Tools”
    • Motion to conduct a comparison study of the two technologies was approved
  • DARS
    • Overview
      • Discussion of including graduate programs
      • CollegeSource not providing needed support, a switch is needed
      • Would require a lot of change to implement
      • Discussion of Banner system, DegreeWorks and federal funding
  • Instructional Technology
    • Overview
      • Brief overview on the goal to create online forms for receiving proposals for new technologies, and a process to review/select them as new projects
    • ITGC Data Governance Proposal
      • Suggested to include presentations, images, and video data
      • Suggestion of considering intellectual property as related to data
    • Bylaws Review
      • Review of proposed changes
      • Suggestion that some colleges be moved around
      • Motion to change new membership structure in bylaws was approved
    • Learning Management System
      • Looked at Educause article about selecting a Learning Management System
      • Goal is to make a plan to evaluate Blackboard and look at alternatives
      • Blackboard is presenting the board with new features and a roadmap

IT Governance Council 04.08.15 Minutes

Attending:

Terri Weaver, Phil Reiter, Michael Hites, Mary Case, Jason Maslanka, Ugo Buy, Cynthia Herrera Lindstrom, Dean Oyama, Ginny Schroeder, Heather O’Leary, Ilir Zenku

  • Rate & Funding
    • Discussion
      • Presentation on final stages of rate and funding for campus IT services
      • Discussion of centrally-supported services and self-sustaining services
      • Discussion of strategic plan roadmap
      • Discussion of costs to units, ways to cut costs, changes in budget for FY16
  • Data Governance Committee
    • Proposal
      • Need to keep track of data on campus (how it is stored, accessed, etc.)
      • Proposal being put together with purpose, vision, goals, membership, & charge
      • New committee would provide one place for all data concerns
      • Concern for overlap with other committees
      • New committee would have a strategic, policy-based focus
      • Suggestion to share proposal with all four committees, get input, & put to a vote
  • IT Governance Summit
    • Information
      • Governance from all three campuses attended
  • Committee Updates
    • InfraSec
      • Current focus for the IT Security Policy is how to get support and communicate efficiently to the campus
      • ACCC Service Catalog is being reviewed, next step is to include other committees, and determine which services should remain/be adjusted
      • Unified Communications group is looking at existing services and other licenses available to the campus
    • Education
      • Working on three projects with a goal of having final proposals in May
      • With creation of Center for Excellence in Contemporary Teaching & Learning, directions will have to be adjusted
      • Discussion of what is involved with projects
    • Research
      • Working to revise membership bylaws
      • Discussion of access to clinical data
      • Presentation on analysis of large data sets, members are looking at software available to campus
      • Group is looking at continued support for High Performance Computing Cluster
  • Chief Information Officer Updates
    • Identity Access Management
      • UIS is going live in a few weeks, with Urbana to follow in October
      • New policies will be put in place, including required password changes
      • Discussion on consequences of these changes, best way to communicate them to campus
    • Learning Management System Governance Board
      • Has been meeting, reviewing issues with Blackboard, & considering options
    • IT Pro Forum
      • On April 28, all members are encouraged to attend
    • Center for Excellence in Contemporary Teaching & Learning
      • Goal is to have a single place where all faculty can go to for assistance
      • Education committee in talks as to how to be involved in center going forward
    • Electronic Document Management
      • Working with Laserfiche to bring this to campus

InfraSec 04.08.15 Minutes

Attending:

Lisa Blake, Ed Zawacki, Allen Randall, Phil Reiter, Yilmaz Bal, Craig Jackson, Mike Kirda, Sandeep Dath, Ron Fernandez, Bala Ramaraju, Jason Maslanka, Kevin Price, Julio Chavarria, Kevin Shalla, Chris Barton, Mat Willis, Marcin Hiolski, Brian Ng, Jay Dean, Sarah Ritch, Cynthia Herrera Lindstrom, Therese Molina, Ashok Benet, Jonathan Kupferer, Ernesto Reyna, Andre Pavkovic, Frank Cervone, Mark Goedert

  • Information & Discussion
    • Rate & Funding
      • WTC presented to IT Governance Council on what is included in service bundle, what rates would be
      • Discussion on how to track which departments are using what services
      • Goal is to implement this as a pilot in FY16
      • More work needs to be done on the strategic plan roadmap
    • Service Catalog
      • A survey will be sent out to the committee for feedback on existing services
      • Goal is to review services and determine the level of necessity for each
      • Discussion of what the definition of a service is
    • COBIT Framework
      • Presentation on framework for governance and operations working together
      • Overview of COBIT 5
      • Goal is to balance value, benefits, and risk
      • Discussion of how COBIT could help mature the governance process
    • Linux Support & Licensing
      • Linux is changing their funding model to match a number of FTEs, increasing costs for UIC
      • ACCC will switch infrastructure to CentOS 07, which is very similar
      • Discussion of RedHat, Virtual Machines, concerns, and consequences
    • HR Conversion/Job Analysis
      • Members expressed concern over reclassification of Access Points
      • Discussion of proposal addressing misclassified hiring with HR
    • Box Team Folders
      • Box users at UIC cannot create groups, only Box administrators can
    • Unified Communications & Automatic Call Distribution/Auto Attendant Systems
      • A consultant will be brought in to analyze campus requirements
  • Security
    • University Information Security Office/Security Program
      • At a meeting with the University Information Security Officers, the group received positive feedback
      • Discussion of policies and related issues, what role the committee should play in implementation
      • Modifications to policies have been proposed, will be shared with committee for a vote
    • Health Insurance Portability & Accountability Act/Privacy and Security
      • Training in the hospital is being updated, not yet shared with committee
      • Goal is to put HIPAA training in Blackboard for campuswide use
      • Committee continues to review BAAs
  • New Business
    • Password Expirations
      • Password expirations will be enforced within a year
      • A communication plan will be put in place
    • Data Governance Committee
      • A proposal is being drafted to create a fifth IT Governance Council committee focusing on data
      • Members are asked to review this and provide feedback at the next meeting