REDCap Security Information

Security Information

While the REDCap environment controls implemented by ITCS keep your research and data safe, we ask that all users take an active role to ensure we continue to maintain our high level of security.

HIPAA Compliance and PHI

The HIPAA Security Rule defines the standards, which require covered entities to implement basic safeguards to protect electronic protected health information (EPHI), which is individually identifiable health information in the electronic form. Privacy depends upon security measures: no security, no privacy.

HIPAA also mandates that covered entities must maintain reasonable and appropriate administrative, physical, and technical safeguards to protect patients’ electronic protected health information. This information may be in any electronic format that is stored or transmitted from devices such as desktop or laptop computers, networked systems, disks, CD-ROMs, hand-held device (PDAs), and other clinical-related devices.

Always think about the security of your data-only export when necessary. Take precaution when exporting data and only export data if you need to run reports or analysis outside REDCap. Limit user privileges to allow export rights only to those who really need them. Note: REDCap is a web-based system. Once data is downloaded from REDCap to a device (ex: computer, laptop, mobile device), the user is responsible for that data. If the data being downloaded is protected health information (PHI), the user must be trained and knowledgeable as to which devices are secure and in compliance with ECU’s standards (ex: HIPAA) for securing PHI.

Use the REDCap Send-It feature to send data-Send-It is a secure data transfer application that allows you to upload a file (up to 32MB in size) and then allow multiple recipients to download the file in a secure manner. Each recipient will receive an email containing a unique download URL, along with a second follow-up email with the password (for greater security) for downloading the file. The file will be stored securely and then later removed from the server after the specified expiration date. Send-It is the perfect solution for anyone wanting to send files that are too large for email attachments or that contain sensitive data.

At ECU, we are committed to protecting our patients’ privacy and maintaining our organization’s security of information. We continue to comply with the HIPAA rule and maintain the confidentiality, security, and integrity of our patients’ health information. Note: If you have a question about HIPAA or wish to report a privacy concern, please call: 744-5200 or email: HEALTHCAREPRIVACY@ecu.edu.

HIPAA Identifiers

  • Names
  • All geographic subdivisions smaller than state, including street address, city, county, precinct, Zip Code, and their equivalent geographic codes, except for the initial three digits of a ZIP Code if, according to the current publicly available data from the Bureau of the Census:
    1. The geographic unit formed by combining all ZIP Codes with the same three initial digits contains more than 20,000 people.
    2. The initial three digits of a ZIP Code for all such geographic units containing 20,000 or fewer people are changed to 000.
  • All elements (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death; and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 and older.
  • Telephone numbers
  • Facsimile numbers
  • Electronic mail addresses
  • Social Security numbers (not allowed in REDCap)
  • Medical record numbers
  • Health plan beneficiary numbers
  • Account numbers
  • Certificate/license numbers
  • Vehicle identifier and serial numbers, including license plates
  • Device Identifiers and serial numbers
  • Web Universal Resource Locators (URLs)
  • Internet Protocol (IP) address numbers
  • Biometric Identifiers, including finger and voiceprints
  • Full-face photographic images and any comparable images
  • Any other unique identifying number, characteristic, or code that could identify the individual

Source: U.S. Department of Health and Human Services National Institutes of Health (2017). Retrieved from https://privacyruleandresearch.nih.gov/pr_08.asp


Mark the Identifiers in REDCap:

When you are creating project fields in your data collection instrument, remember the 18 HIPAA Identifiers. If your field label uses identifying information, make sure you choose YES next to Identifier. This will be important when you are ready to export your data. All fields tagged as identifiers will be marked in red.

REDCap User Rights Information

Please Note: REDCap is a web-based system. Once data is downloaded from REDCap to a device (computer, laptop, mobile device), the user is responsible for that data. If the downloaded data is protected health information (PHI), the user must be trained and knowledgeable as to which devices are secure and in compliance with ECU’s standards (like HIPAA) for securing PHI.

User right and access Potential to access PHI

Data Entry Rights

Grants user one of these rights to the project's data collection instruments:

  • No Access
  • Read Only
  • View & Edit
  • Edit Survey Responses

WARNING: The data entry rights pertain only to a user's ability to view or edit data on the web page. It has NO effect on data exports

Yes.

If access to a form with PHI is Read Only or View & Edit, user will be able to view PHI.

Expiration Date

Automatically terminates a user's project access on a specific date.

 

Highest Level Privileges:

User Right, Access and Notes Potential to Access to PHI

Project Design and Setup

Access to add, update or delete any forms within the project. Also allows user to enable and disable project features and modules.

This should be allocated only to trained study members and should be limited to a very few number of users per study.

 

User Rights

Access to change the rights and privileges of all project users, including themselves.

WARNING: Granting User Rights privileges gives the user the ability to control other users' project access. This user should be very trusted and knowledgeable about the project and REDCap. Giving user rights to team members should be a carefully thought-out decision. The consequences of poor user rights assignments could be damaging to both the security and integrity of your project. For instance, giving record deletion or project design rights to an unqualified person could result in data loss or database integrity issues.

Yes.

User can change own user rights and grant access to any module where PHI can be viewed or downloaded to a device.

Data Access Groups

Access to create and add users to data access groups.

Do not assign yourself to a data access group; you will limit your ability to access all project data and to add other users to data access groups.

For multi-site studies this allows the ability to place barriers between sites' data (i.e. group A cannot see, export, or edit group B's data).

 

Privileges for Data Exports (including PDFs and API exports), Reports and Stats:

User Right, Access and Notes Potential to Access to PHI

Data Exports

Grants No Access, De-Identified Only, Remove All Tagged Identifier Fields and Full Data Set Access to export all or selected data fields to Microsoft Excel, SAS, SPSS, R and Stata.

Default Access: De-Identified; De-identified access shifts all dates even if they are not marked as identifiers.

Non-validated text fields and note fields (free text) are also automatically removed from export.

Remove All Tagged Identifier Fields ONLY removes fields marked as identifiers and does NOT automatically remove non-validated text fields or field notes and does NOT date shift. In reports and in the API data exports, any fields that have been tagged as...

WARNING: The De-identified and Remove All Tagged Identifier field options are contingent upon correctly flagging identifiers in each field.

It is advised to mark all PHI fields as identifiers and restrict export access to de-identified.

Yes.

PHI can be exported and downloaded to a device

Exporting data is NOT linked to data entry rights. User with full export rights can export ALL data from all data collection instruments.

Please see Data Exports, Reports, and Stats FAQ for additional info.

Add/Edit Reports

Access to build reports within the project. If user does not have access to a data collection instrument that the report is pulling data from, those fields will not appear in the report.

For complex querying of data, best results are acquired by exporting data to a statistical package.

Yes.

Depending on data entry rights, PHI can be viewed.

Stats and Charts

Access to view simple statistics on each field in the project in real time. If user does not have access to a data collection instrument, that instrument will not be listed on the page.

Outliers can be identified. When clicked, navigates to the record, form and field with the outlier data.

Yes.

Depending on data entry rights, PHI can be viewd.

Other Privileges:

User Right, Access and Notes Potential to Access PHI

Manage Survey Participants

Access to manage the public survey URLs, participant contact lists, and survey invitation log.

Yes.

Email addresses (PHI) may be listed for the participant contact lists and invitation logs. Emails can be downloaded to a device.

Calendar

Access to track study progress and update calendar events such as mark milestones, enter ad hoc meetings.

In combination with the scheduling module the calendar tool can be used to add, view and update project records which are due for manipulation.

Yes.

PHI can be entered and viewed in the Notes field. Data entered can be printed to PDF and downloaded to a device.

Data Import Tool

Access to download and modify import templates for uploading data directly into the project bypassing data entry forms.

WARNING: This gives the user the capability to overwrite existing data. Blank cells in the data import spreadsheet do no overwrite fields with data.

 

Data Comparison Tool

Access to see two selected records side by side for comparison.

Extremely helpful when using double data entry.

Yes.

PHI can be viewed. Data can be printed and downloaded to a device. ALL data discrepancies for all fields in project are displayed and can be downloaded to user with access to this module - NOT linked to Data Entry Rights or Data Export Tool Rights.

Logging

Grants user access to view log of all occurrences of data exports, design changes, record creation, updating & deletion, user creation, record locking, and page views. This is the audit trail of the project.

Useful for audit capability

Yes.

ALL data entered, modified and changed is listed in module, can be viewed and downloaded to a device.

File Repository

Access to upload, view, and retrieve project files and documents (ex: protocols, instructions, announcements). In addition, it stores all data and syntax files when data is exported using the Data Export Tool.

WARNING: While users with restricted data export rights will not be able to access saved identified exports, they will be able to view any other sensitive information stored in the file repository such as photos or scanned documents. Limit this privilege to those who should have access to PHI.

Yes.

Depending on Data Export Tool rights, PHI can be downloaded to a device.

Data Quality

Access to find data discrepancies or errors in project data by allowing user to create & edit rules; and execute data quality rules. If user does not have access to a data collection instrument that the query is referencing, access will be denied for query results.

Yes.

Depending on Data Entry Rights, PHI can be viewed.

API

Access to the API interface that allows external application to connect to REDCap remotely, and is used for programmatically retrieving or modifying data or settings within REDCap, such as performing automated data imports/exports from a specified project.

Reminder: While REDCap itself has many security layers to ensure the highest level of security and data integrity, it is your responsibility to ensure that you are using the most secure methods and best practices when using the REDCap API. This is especially important if you are moving sensitive data in to or out of REDCap.

Yes.

Depending on the Data Import/Export rights the user will be able to view PHI being imported or exported.

 

Details

Article ID: 67288
Created
Fri 7/5/19 2:12 PM
Modified
Tue 2/11/20 9:31 AM