Anh Truong Nguyen
Anh Truong Nguyen
Healthcare IT · Clinical Informatics · Cybersecurity

Where IT infrastructure
meets clinical AI

5+ years solving complex IT and security problems at Palo Alto Networks, Infineon, and school districts — now applying that systems depth to clinical decision support, explainable AI, and healthcare data workflows.

View projects → LinkedIn nguyenandy770@gmail.com ↓ Download resume
5+Years IT &
cybersecurity
3,000+Devices managed
via MDM
6Portfolio
projects
98%Case resolution
rate (PAN)
About me
Anh Truong Nguyen
Anh Truong Nguyen
San Jose, CA

IT engineer turned
clinical informatics
specialist

I started my career building and securing IT infrastructure — managing enterprise firewalls, deploying thousands of devices, and resolving complex technical issues for global organisations. That foundation taught me how systems fail, how people actually use technology, and how to design solutions that stick.

Now I'm applying that same lens to healthcare — where the stakes are higher, the users are clinicians and patients, and a poorly designed interface can mean a life-saving AI tool gets ignored.

At a glance
LocationSan Jose, CA
EducationB.S. Cybersecurity · Capella
Current roleIT Specialist · PAUSD
Devices managed3,000+
Case resolution98% (Palo Alto Networks)
Target rolesClinical Informatics · Health IT
CertificationsCompTIA A+ · ITIL v4 · PAN
Portfolio

Projects

Four hands-on projects spanning clinical AI explainability, healthcare system analysis, enterprise device management, and cybersecurity — showing the full range from infrastructure to clinical informatics.

Project 01 — Clinical AI
XGBoostSHAPAzure MLPython

Cardiac risk prediction

Built a multi-audience clinical decision support system on 200 real patient records. Used SHAP to explain why the model flagged each patient — then designed three separate interfaces for cardiologists, primary care physicians, and patients.

SHAP FEATURE CONTRIBUTIONS
LDL chol.
+12%
Age
+8%
Smoking
+6%
Exercise
−3%

Three-audience interface design

Same model, three completely different interfaces — each designed around how that audience thinks, what they need to decide, and how much time they have.

Cardiologist
SHAP · CI · What-if simulator
Primary care
Traffic light · Action lists
Patient
Plain language · Goals
Dataset200 real patient records
Model AUC0.87 (XGBoost)
ExplainabilitySHAP TreeExplainer
ComplianceHIPAA · WCAG 2.1 AA
Technical depth
Cardiologist view
Full SHAP waterfall, 95% CI, cohort percentile, interactive what-if intervention simulator.
Time to insight~4 min/patient
Key featureSHAP bar chart
Workflow first
Primary care view
Traffic-light badge, AHA/ACC-aligned action list, longitudinal trend, one-click referral templates.
Time to insight<1 min/patient
Key featureTraffic light system
Accessible
Patient view
Risk gauge, icon-based factor breakdown, goal tracker. Grade 6–8 reading level, multilingual.
Comprehension88% in testing
Reading levelGrade 6–8
Live interactive demo
Try the dashboard — select any of the 200 patients and switch between all three audience views
XGBoost · SHAP 200 patients 3 interfaces
Cardiologist
Primary care
Patient
High risk
Predicted risk
95% CI
Cohort pctile
High-risk label
SHAP feature contributions
Confidence interval
0%
100%

What-if simulator
Lower LDL (mg/dL)−0
Smoking cessationNo

Simulated risk:

High risk
Top modifiable risk factors
Clinical details
Your risk factors
What you can work on
Project 02 — Clinical System Analysis
HL7 FHIREHR IntegrationSQLPython

EHR workflow optimisation & clinical system analysis

Analysed clinical workflows across a multi-site hospital system to identify inefficiencies in EHR data entry, order management, and care coordination. Mapped current-state vs future-state workflows, identified integration gaps between systems, and designed a HL7 FHIR-based data pipeline to unify patient records across disparate platforms.

  • Conducted 12 stakeholder interviews across nursing, pharmacy, and physician teams to map clinical workflow pain points
  • Identified 3 critical integration gaps between the EHR, lab system, and pharmacy platform causing duplicate data entry
  • Designed FHIR R4 resource mapping for Patient, Observation, MedicationRequest, and DiagnosticReport resources
  • Built SQL queries to audit data quality — flagging 847 inconsistent patient records across sites
  • Produced a gap analysis report with prioritised recommendations aligned to ONC interoperability standards

System architecture

Unified three disconnected clinical systems through a FHIR-based integration layer.

LAYER 1 — SOURCE SYSTEMS
Epic EHR  ·  LabCorp LIS  ·  Pharmacy PIS
↓ HL7 FHIR R4
LAYER 2 — INTEGRATION ENGINE
FHIR API Gateway  ·  Data validation  ·  Audit logs
↓ Unified patient record
LAYER 3 — CLINICAL APPS
Clinician dashboard  ·  Analytics  ·  Alerts
Data quality issues found847 records
Integration gaps resolved3 systems
StandardONC / HL7 FHIR R4
Workflow analysis
Current-state mapping
Mapped 6 end-to-end clinical workflows including patient admission, medication ordering, and lab result routing. Identified 14 manual handoff points.
Interviews12 stakeholders
Workflows mapped6 end-to-end
FHIR design
Interoperability blueprint
Designed FHIR R4 resource mapping across Patient, Observation, MedicationRequest, and DiagnosticReport. Aligned with ONC 21st Century Cures Act.
StandardHL7 FHIR R4
Resources mapped4 core types
Data quality
SQL audit & reporting
Built SQL audit queries to detect duplicate records, missing fields, and inconsistent identifiers. Delivered executive gap analysis report with phased recommendations.
Records audited847 issues flagged
DeliverableGap analysis report
Project 03 — Clinical AI · ICU monitoring
PythonTime-seriesAzure ADXPower BI

Multi-parameter anomaly detection

Built a real-time ICU monitoring system that detects clinically significant anomalies across 6 physiological parameters — distinguishing true clinical events from sensor noise using multivariate co-occurrence logic.

CRITICAL · 01:15–01:55
HR↑ SBP↓ Lactate↑ SpO2↓ — Sepsis concern · 4 params
HIGH · 03:30–04:10
RR↑ SpO2↓ BP↑ — Respiratory distress · 4 params
NOISE · 00:35
HR spike 135 bpm — sensor artifact · filtered

Live ICU dashboard

Interactive multi-parameter chart with adjustable sensitivity, clinical event zoom filters, and real-time alert classification. Built on real simulated ICU data at 5-min intervals.

Dataset61 records · 5-min intervals
Parameters6 (HR, BP, RR, SpO2, Lactate)
Events detected2 clinical · 1 noise filtered
Missing values2 imputed
StandardFHIR · Azure ADX · KQL
Live interactive demo
Adjust sensitivity · zoom into events · see multivariate co-occurrence logic
61 data points6 parameters2 clinical events
Heart rate (last)
80 bpm
Systolic BP
122 mmHg
SpO2
98%
Lactate
1.2 mmol/L
Heart rate Systolic BP SpO2 Resp rate Lactate ×20
Sensitivity Medium — standard
Anomalies detected
2
Noise filtered
1
Values imputed
2
Data prep
KQL + Azure ADX pipeline
Cleaned 61 time-series records using moving averages, missing value imputation, and timestamp synchronisation before anomaly detection.
Missing values2 imputed
Noise spikes1 filtered
Multivariate
Co-occurrence detection
Alerts only trigger when ≥2 parameters deviate simultaneously for >10 minutes — reducing false positives from 6+ isolated spikes to 2 true clinical events.
Alert precision100% (0 false pos)
Min duration>10 min filter
Clinical
Escalation protocol
CRITICAL alerts (4+ params, sepsis pattern) route via Power Automate to ICU charge nurse in 2 min. HIGH alerts to bedside monitor. Noise suppressed.
CRITICAL escalationCharge nurse · 2 min
StandardFHIR · HL7
Project 06 — Clinical Alert System
Power AutomateHL7 FHIRIoT IntegrationAzure Logic Apps

Intelligent clinical alert & routing system

Designed a multi-tier clinical alert system that classifies ICU events, routes notifications to the right clinician, and applies smart suppression to eliminate alert fatigue — reducing false positives to 0% while maintaining 100% critical event detection.

CRITICAL → 2 min response
4+ params → Bedside nurse + Attending physician STAT page
WARNING → 10 min response
1-3 params → Charge nurse mobile notification
SUPPRESSED → no alert sent
Single-param spike <2 min → sensor noise, audit log only

Live alert simulator

Adjust patient vitals to see real-time alert classification, routing decisions, and escalation timeline. Switch tabs to review 24-hour alert log and governance framework.

Alert levelsCritical · Warning · Info · Suppressed
False positive rate0% (smart suppression)
Critical response2 min escalation
IntegrationHL7 FHIR · Power Automate
IoT data sourceWearables · ICU monitors
Live interactive demo
Simulate conditions · see routing logic · explore governance framework
4 alert levelssmart suppressionescalation protocols
Alert simulator
Alert log
Governance
Normal
Sepsis
Resp distress
Noise spike
85
120
98
16
1.2
5
Routing
Escalation timeline
Alert fatigue
Smart suppression
Evidence-based alerting filters single-parameter spikes under 2 minutes as sensor noise — reducing non-actionable alerts by 43% while maintaining 100% critical event detection.
False positive rate0%
Noise suppressed43% of signals
Routing
Condition-based routing
Alerts routed based on severity, parameter count, and clinician role. CRITICAL events trigger simultaneous multi-channel notification — pager, mobile, and EHR banner.
Critical response2 min SLA
ChannelsPager · Mobile · EHR
Governance
Alert governance framework
Dedicated alert committee, real-time performance dashboard, and quarterly threshold review cycle aligned with ONC 21st Century Cures Act and HIPAA requirements.
StandardONC · HIPAA · FHIR
Review cycleQuarterly
Project 04 — IT Operations
JAMF ProMDMApple ecosystemIncidentIQ
Large-scale MDM fleet management
Designed and operated the complete device lifecycle for 3,000+ student and staff devices across a multi-school district — from zero-touch deployment through retirement. Reduced ticket escalations by 30% and standardised the onboarding process for new devices district-wide.
  • Configured JAMF Pro policies, profiles, and smart groups for automated macOS and iPadOS deployment across MacBooks, iPads, and Apple TVs
  • Built a device naming convention and asset tagging system tracked in IncidentIQ, reducing lost/untracked device incidents by 40%
  • Led procurement coordination for annual hardware refresh cycles, managing vendor relationships and aligning timelines with district IT leadership
  • Created self-service troubleshooting guides that reduced repeat tickets by 25% in the first semester
Devices managed3,000+
Ticket escalation reduction30%
PlatformJAMF Pro · IncidentIQ · Apple DEP
EnvironmentK-12 Education · Multi-site
CybersecurityPalo Alto NGFWVMwareLinux
Enterprise endpoint hardening & security tooling
At Palo Alto Networks, built internal tooling to streamline Level 2 firewall troubleshooting and automated repetitive diagnostic steps — achieving 153% of case closure target. Also implemented endpoint hardening procedures adopted across the support team.
  • Diagnosed and resolved complex issues on Palo Alto 7000/5000/3000-series NGFWs — routing, NAT, SSL inspection, and VPN failures
  • Built a Bash/Python diagnostic tool that automated log parsing and common failure pattern detection, cutting average resolution time by ~20 min/case
  • Developed endpoint hardening checklist (MFA, user access controls, patch management) adopted as team standard operating procedure
  • Maintained 98% case resolution without escalation across 1,000+ global users — highest on the team for two consecutive quarters
Case resolution rate98% without escalation
Case closure vs target153%
Tools builtBash + Python diagnostics
PlatformPAN-OS · VMware ESXi · Linux
Work history

5+ Years of experience

Consistent track record of high performance — 98% case resolution, 153% target achievement, 30% ticket reduction — across enterprise tech, government, and education sectors.

Feb 2024 — Present
Computer Support Specialist II
Palo Alto Unified School District · Palo Alto, CA
Primary IT lead for 2 elementary schools (~800 students/staff). Manage 3,000+ devices via JAMF Pro MDM. Lead hardware refresh cycles. Cut ticket escalations 30% through Tier 2/3 troubleshooting and staff training programs.
Dec 2022 — Feb 2024
Technical Support Specialist
Infineon Technologies · San Jose, CA
Handled 500+ monthly incidents for 1,000+ global users via Remedy CRM, maintaining SLA compliance. Rebuilt IT documentation and knowledge base, cutting repeat ticket volume.
Aug 2021 — Aug 2022
Technical Support Engineer
Palo Alto Networks · San Jose, CA
Resolved 98% of Level 2 cases without escalation, 95%+ satisfaction. Supported VMware ESXi, Linux, and Palo Alto Firewalls (7000/5000/3000 series). Achieved 153% case closure target. Built diagnostic tools to streamline troubleshooting.
May 2021 — Aug 2021
Technical Support Specialist
Diocese of San Jose · San Jose, CA
Supported 300+ IT assets, managed Active Directory user accounts. Achieved 130% case closure rate and 92% customer satisfaction.
Sep 2020 — Apr 2021
Technical Support Specialist
City of San Jose · San Jose, CA
Delivered IT support to 300 staff across 3 departments. Deployed 200+ PCs and 150+ security updates, boosting productivity by 30%.
Education
B.S. CYBERSECURITY & INFORMATION ASSURANCE
Capella University
Online · Completed
Certifications
CompTIA A+Hardware & OS support
ITIL v4IT service management
Palo Alto NetworksCybersecurity Specialization
Google IT SupportProfessional Certificate
WHAT I BRING TO HEALTHCARE IT

My B.S. in Cybersecurity, ITIL v4 process knowledge, and hands-on HIPAA-adjacent compliance work give me a strong foundation for healthcare IT roles. I understand how to build systems that are both technically secure and human-centered — a combination that's rare and essential in clinical environments.

Capabilities

Full tech stack

From enterprise firewalls and MDM at scale to clinical AI dashboards and FHIR integration — technical breadth with healthcare informatics depth.

Clinical AI & informatics
Python / XGBoost / SHAP
HL7 FHIR R4
Azure Machine Learning
CDSS design
HIPAA / WCAG 2.1
SQL / data auditing
Security & infrastructure
Palo Alto NGFW
VMware ESXi
MFA / endpoint hardening
Active Directory
DNS / SSL / TLS
Linux / Bash
Device & IT ops
JAMF Pro (MDM)
Apple DEP / ABM
IncidentIQ / Remedy
Google Workspace
macOS / Windows / iOS
ITIL v4 practices
Web & development
HTML / CSS / JavaScript
WordPress / Apache / Nginx
MySQL
D3.js / Chart.js
Streamlit / Dash
WCAG accessibility

Proficient   Familiar

Anh Truong Nguyen
Get in touch

Let's build clinical IT
that actually works

Open to Healthcare IT, Clinical Informatics, and Clinical System Analyst roles. Based in San Jose, CA — open to hybrid and remote.

nguyenandy770@gmail.com LinkedIn ☎ (408) 712-3221