Brad Ulrich has a 15+ year career as a computer scientist, tech entrepreneur, and expert consultant. He is trusted by federal agencies and leading software vendors to provide expert analysis and guidance on complex matters involving the safety and quality of software, regulations such as CEHRT and Meaningful Use, and industry best practices for quality and risk management in Health IT software.
His professional experience includes modern software architectures, safety-based product design, health IT software, FDA-regulated medical devices, distributed software, automation and DevOps, cellular devices, and more. He is adept at risk management, SDLCs and project management, software governance and compliance with SDO standards, CTO and strategic management, IP management and consulting, and litigation support and expert testimony as a computer scientist.
He is currently the Director of Quandary Peak’s Health IT and Audits division, where he oversees a team of software and health informatics experts in analyzing and audits of health IT software systems and companies, including reviews for private companies as well as the Department of Health and Human Services and United States Department of Justice.
Summary of Qualifications
Trusted and respected health IT software analyst and auditor; selected by the federal government and guiding EHR vendors to lead ground-breaking projects
Experience leading independent 3rd party audits in the healthcare IT sector, including serving at the request of Office of National Coordinator for Health IT (ONC) and Office of Inspector General (OIG) as a Software Quality Oversight Organization (SQOO) and Independant Consultative Expert (ICE).
Well-versed in best practices for compliance and patient safety, with specialization in quality management systems, SDLC, risk management, high-quality software and software organizations, and software usability.
A trusted litigation consultant and software expert witness.
Served on dozens of contract dispute, regulatory, trade secret, and patent infringement cases.
Has served as an expert in International Trade Commission (ITC) investigations and USPTO patent re-examinations and IPRs, in addition to federal and state court cases.
Conveys technical subjects in a clear, logical style easily understood by a broader audience. Has a depth of experience in modern software architectures, software governance, and risk-based design controls in medical software.
Known for root cause analysis and corrective and preventive actions (CAPA)
Known for his fast and efficient code review and analysis in wide-array of software languages such as Java, Android, iOS, Objective C, C++, C#, Microsoft Windows, .NET, Python, Matlab, and more.
Well versed in software design patterns, both classic, and cloud/devops, SDLC, Software standards (ISO 13485, 25010, etc.)
Has expertise in usability and UI design, microservices, smartphones, mobile apps, medical devices, electronic health record systems (EHRs), embedded systems, cellular devices, web applications, and ERP systems.
Formerly served as Chief Technology Officer for Genesis Health Technologies, LLC, where he managed the growth of the company’s technology department and the commercial launch of Genesis’ flagship products and technology services for diabetes healthcare.
Member of the IEEE Computer Society.
Received his B.S. in Computer Science and Mathematics with cum laude honors from Vanderbilt University
Areas of Expertise
Software Development Standards
Medical Device Standards (ISO 13485, ISO 14971, ISO 62304), Software governance (disciplined agile, CMMI for Agile); code quality standards (CWE, ISO 25010 / 25012, CISQ); SDLCs (Scrum).
Software Risk Management and Technology Mgmt
Risk classification, HAZOP analysis, agile and FDA-regulated SDLC processes, risk and requirements traceability systems, software governance, compliance and audits.
.NET, C#, VB.NET, Windows Phone SDK, IIS, Visual C++, Win32 applications and DLLs, WinCE applications, MFC 6.0, Visual Basic 6.0, Windows Phone OS
Database and ERP
MySQL, PostgreSQL, Oracle, Siebel, OFBiz, OpenERP, JDBC, ADO.NET, OLE, Microsoft SQL
Project Development and Management
Eclipse, Visual Studio 6, 8, 2005-2010, Visual Studio .NET, Siebel Tools, Visual Paradigm, UML, Github, JIRA, COCOMO, CASE tools, Microsoft Project, wrike, Visual SourceSafe
Analytics
MATLAB. Statistical and numerical analysis, signal processing algorithms and systems, machine learning, financial trading indicators and systems.
Litigation Experience
Lenovo Group Limited
Counsel: Sheppard Mullin Richter and Hampton LLP
Nature of Matter: patent analysis
Providing analysis regarding patent invalidity of Nokia-owned patents related to Android smartphone software
Private Parties v CONFIDENTIAL
Jurisdiction: U.S. District Court
Counsel: Schlichter Bogard & Denton LLP
Nature of Suit: False Claims Act
Providing expert analysis regarding potential false claims related to Meaningful Use and CEHRT regulations in the Health IT industry
North Brevard County Hospital District v McKesson Technologies, Inc.
Jurisdiction: U.S. District Court, Middle District of Florida
Counsel: GrayRobinson, P.A.
Nature of Suit: contract dispute
Provided expert report and analysis of the implementation of McKesson’s Horizon and Paragon systems at a community hospital, including a review of the EHR software and services and their compliance with industry standards.
Automation Middleware Solutions vs. Emerson Process Management LLP et. al.
Jurisdiction: U.S. District Court, Eastern District of Texas
Counsel: Bragalone Conroy PC
Nature of Suit: patent infringement
Performed code review and infringement analysis for middleware components in industrial motion control software.
CWI, Inc. v SmartDog Services LLC
Jurisdiction: U.S. District Court, Western District of Kentucky
Counsel: Broderick and Davenport LLP
Nature of Suit: contract dispute
Reviewed and provided expert report covering Oracle eBusiness Suite and WMS installation for a large outdoor products retail and distribution company.
AliphCom, Inc. et. al. v Fitbit, Inc.
Jurisdiction: International Trade Commission, U.S. District Court, Northern Dist. of California
Counsel: Gibson Dunn and Crutcher LLP
Nature of Suit: Patent Infringement
Walmart-Stores, Inc. v Cuker Interactive, LLC
Jurisdiction: U.S. District Court, Western District of Arkanas
Counsel: Kutak Rock LLP
Nature of Suit: Contract Dispute
Ericsson, Inc. et al. v. TCL Communication Technology Holdings, Ltd, et al.
Jurisdiction: U.S. District Court, Eastern District of Texas
Counsel: Sheppard Mullin Richter and Hampton LLP
Nature of Suit: Intellectual Property – Patent
Justin Hull and Amy Sweigard v. Marriott International, Inc.
Jurisdiction: U.S. District Court for the Southern District of Maryland
Counsel: Conn Maciel Carey PLLC
Nature of Suit: Americans with Disabilities Act (ADA) Compliance
Mary Rutan Hospital v. Nextgen Healthcare Information Systems, Inc.
Jurisdiction: U.S. District Court for the Southern District of Ohio
Counsel: Reminger Co., L.P.A.
Nature of Suit: EMR Contract Dispute
Computer Programs and Systems, Inc. v. Mad River Community Hospital and American Hospital Management Corporation
Jurisdiction: Circuit Court, Mobile County Alabama
Counsel: Janssen Malloy LLP
Nature of Suit: EMR Contract Dispute
Core Wireless Licensing S.a.r.l. v. LG Electronics, Inc. & LG Electronics MobileComm USA, Inc.
Jurisdiction: U.S. District Court for the Eastern District of Texas
Counsel: Bunsow De Mory Smith & Allison LLP
Nature of Suit: Intellectual Property – Patent
Core Wireless Licensing S.a.r.l. v. Apple Computer, Inc.
Jurisdiction: U.S. District Court for the Eastern District of Texas
Counsel: Bunsow De Mory Smith & Allison LLP
Nature of Suit: Intellectual Property – Patent
Packet Intelligence, LLC v. Cisco Systems, Inc.
Jurisdiction: U.S. District Court for the Eastern District of Texas
Counsel: Heim, Payne and Chorush LLP
Nature of Suit: Intellectual Property – Patent
Denise C. Tullock and Sandra M. Fry v. Success Health Corp.
Jurisdiction: Circuit Court, City of St. Louis, Missouri
Counsel: Thurman Howald Weber Senkel & Norrik LLC
Nature of Suit: Medical Malpractice
Bridgetree, Inc. v. Red F Marketing LLC et al.
Jurisdiction: U.S. District Court – Western District of North Carolina Charlotte Division
Counsel: Harwell Howard Hyne Gabbert & Manner
Nature of Suit: Intellectual Property – Trade Secret
YPPI v. SuperMedia LLC
Jurisdiction: U.S. Bankruptcy Court – District of Delaware
Counsel: Kirkland and Ellis
Nature of Suit: Intellectual Property – Copyright Infringement
Guitar Apprentice, Inc. v. Ubisoft, Inc.
Jurisdiction: U.S. District Court – Western District of Tennessee Western Division
Counsel: Waddey Patterson
Nature of Suit: Intellectual Property – Patent
Special Learning, Inc. v. Step-By-Step Academy, Inc.
Jurisdiction: U.S. District Court – Southern District of Ohio Eastern Division
Counsel: Cooke Demers and Gleason LLP
Nature of Suit: Contract Dispute
Mediware Information Systems, Inc. v. Hematerra Technologies, LLC
Jurisdiction: U.S. District Court, Middle District of Florida Jacksonville Division
Counsel: Barack Ferrazzano Kirschbaum & Nagelberg LLP
Nature of Suit: Intellectual Property – Trade Secret
Intellectual Ventures, LLC v. AT&T Mobility, LLC, et al.
Intellectual Ventures, LLC v. T-Mobile USA, Inc., et al.
Intellectual Ventures, LLC v. Nextel Operations, Inc., et al.
Intellectual Ventures, LLC v. United States Cellular Corporation
Jurisdiction: U.S. District Court for the District of Delaware
Counsel: Dechert LLP
Nature of Suit: Intellectual Property – Patent
ROY-G-BIV Corporation v. Honeywell International, Inc., et al.
ROY-G-BIV Corporation v. Siemens Corporation, et al.
ROY-G-BIV Corporation v. ABB, Ltd., et al.
Jurisdiction: U.S. District Court for the Eastern District of Texas
Counsel: Boies, Schiller & Flexner LLP
Nature of Suit: Intellectual Property – Patent
Motion Games, LLC v. Nintendo Co., Ltd., Nintendo of America Inc., Retro Studios, Inc., Rent-a-Center, Inc., and
Gamestop Corp.
Jurisdiction: U.S. District Court for the Eastern District of Texas
Counsel: Boies Schiller & Flexner LLP
Nature of Suit: Intellectual Property – Patent
Nokia Corporation and Nokia Inc. v. HTC Corporation and HTC America, Inc.
Jurisdiction: United States International Trade Commission
Counsel: Desmarais LLP
Nature of Suit: Intellectual Property – Patent
N5 Technologies, LLC v. Capital One, N.A., Capital One Bank (USA), and Capital One Services, LLC
Jurisdiction: U.S. District Court for the Eastern District of Virginia
Counsel: Panovia Group, LLP
Nature of Suit: Intellectual Property – Patent
Anthony Dike, M.D. v. Kindred Healthcare Operating, Inc.
Jurisdiction: Superior Court of the State of Califoria, County of Los Angeles – East District
Counsel: Giovanniello & Michels, LLP
Nature of Suit: Loss of Property
Wisconsin Technology Venture, LLC v. Fatwallet, Inc.
Jurisdiction: U.S. District Court for the Western District of Wisconsin
Counsel: Newman Du Wors LLP
Nature of Suit: Intellectual Property – Patent
Nokia Corp. and Intellisync Corp. v. HTC, HTC America, Inc., and Exedea, Inc.
Jurisdiction: United States International Trade Commission
Counsel: Desmarais LLP
Nature of Suit: Intellectual Property – Patent
Yazmin Reyazuddin v. Montgomery County, Maryland
Jurisdiction: U.S. District Court for the District of Maryland (Southern Division)
Counsel: Office of the Montgomery County Attorney
Nature of Suit: Reasonable Accommodations Dispute Re: Section 508 of the Rehabilitation Act
MobileMedia Ideas, LLC v. HTC Corporation and HTC America, Inc.
Jurisdiction: U.S. District Court for the Eastern District of Texas
Counsel: Desmarais LLP
Nature of Suit: Intellectual Property – Patent
Audits and Compliance Consulting
Electronic Health Record Vendor (CONFIDENTIAL)
Performing consultation regarding compliance and regulatory matters for Certified Health IT software.
Electronic Health Record Vendor (CONFIDENTIAL)
Performing gap analysis and recommendations for improving compliance with CEHRT regulations for Certified Health IT software.
REMS – Data, Quality, Process and Systems Review (CONFIDENTIAL)
Performing independent, internal data, quality, process and systems review for a major FDA-regulated REMS (Risk Evaluation and Mitigation Strategies) program and for a popular generic medication with serious side effects. Includes 21 CFR Part 11 compliance review, review of software development, architecture, requirements, documentation, testing and validation; review of annual report data and assisting with responses to FDA inquiries.
Major Electronic Health Record Vendor (CONFIDENTIAL)
Developing guidance to meet CEHRT regulations with a focus on software governance and quality management systems; drafting policies and procedures that combine agile processes with regulatory governance requirements. Reviewing source code and issue tracking records to identify regulatory issues.
Office of National Coordinator for Health IT
ONC Health IT Safety Evaluation Technical Analysis
Currently engaged as the leading software engineer on a small team led by NORC at the University of Chicago and selected under a federal contract and open solicitation (Solicitation # 17-233-SOL-00329) issued by the ONC. The project is expected to include technical reviews of known or expected patient safety issues in ONC-certified EHR systems, including software process and source code review, including review of past issues, recommendations for risk and quality management systems, design controls, improvements to software development and testing processes, code review and manual and automated code quality analysis.
eClinicalWorks, LLC and the Office of the Inspector General of HHS
Software Quality Oversight Organization
Leading a team of seven serving as the Software Quality and Oversight Organization (SQOO) under the Corporate Integrity Agreement between eClinicalWorks LLC and the Office of the Inspector General of the United States Department of Health and Human Services dated May 30, 2017. Serving as an independent audit and oversight organization covering a technical review of EHR software and development processes as it relates to patient safety. The project includes software process and source code review, including review of past issues, recommendations for risk and quality management systems, design controls, improvements to software development and testing processes, code review and manual and automated code quality analysis.
Office of National Coordinator for Health IT
Led a team of four serving as an Independent Consultative Expert (ICE), and issued a formal ICE report covering a technical review and audit of a major EHR software product as it relates to patient safety. The project included software process and source code review, review of past issues, and development of recommendations for risk and quality management systems, design controls, improvements to software development and testing processes, code review
and manual and automated code quality analysis.
Consumer Financial Protections Bureau (CFPB)
Leading a team of three from Quandary Peak Research in providing technical review and audit for the CFPB in an ongoing investigation of a large mortgage servicing company. The review covers software process and code review, including a review of internal software development processes, documentation and communication practices, data storage and access practices, and source code review. The project includes assessing the integrity and reliability of key data and identifying potential data integrity and validation remedies.
Director of Information Security & Audit ServicesChicago
Juan has over 10 years of experience in Information Security, Cybersecurity, Information Technology, Operational Technology, IT Audit, and IT Risk & Controls. He has 16 years of military service and continues to serve as an IT Operations Manager and Exercise Planner in the US Marine Corps Reserve.
Ajit Dhavle is a healthcare technologist, clinician, entrepreneur and a problem solver with 15+ years of experience in digital health, quality, e-medications, Health IT standards, and patient safety.
Andrew Holm-Hansen has worked in Health IT for 15 years as a Health IT Solutions Architect. He led several development teams during his career at Vanderbilt University Medical Center.
Dr. Ali Khosh is a computer scientist, entrepreneur and technology executive with years of experience at leading tech companies including Microsoft, Yahoo and Samsung. Ali serves as an expert in various software-related litigation matters (patent infringement, trade secret, etc.) and technical due diligence of emerging technology (VC investments, M&A transactions).
Litigation
Senior Testifying Expert
Focus Area
Emerging & Cloud Technology
Area of Expertise
Machine Learning & AI Consultant
Senior Biomedical and Health IT ConsultantNashville
Shahzad Ahmad has a deep background in healthcare IT as a technical project manager and product owner. His 8+ years of experience includes implementation of EHR systems across the nations top healthcare institutions, owning the SDLC of medical devices, as well as bioengineering research of early detection technologies for debilitating diseases.
Hassan currently serves as a consultant and source-code reviewer in software and hardware related litigation including patent/copyright infringement and breach-of-contract matters. He holds a Ph.D. in Electrical Engineering.
