REDCap (Reasearch Electronic Data Capture) is a secure web application for building and managing online surveys and databases.
It has many features, including:
- Online or offline project design: Online using the Online Designer or offline using a “data dictionary” template in Microsoft Excel that can be uploaded later into REDCap.
- Secure and web-based: Input data or build an online survey or database from anywhere in the world over a secure web connection with authentication and data logging.
- Multi-site access: REDCap databases/surveys can be used by researchers from multiple sites and institutions.
- Autonomous utilization: Research groups have complete autonomy and control to add new users.
- Fully customizable: total control of shaping the database or survey.
- Audit trails: For tracking data manipulation and user activity.
- Automated export procedures: For seamless data downloads to Excel, PDF, and common statistical packages (SPSS, SAS, Stata, R). The Data Export Tool also has advanced export features that allow one to implement data deidentification methods, such as being able to automatically remove free-form text fields, remove dates, perform date shifting, and remove fields tagged as identifiers (e.g. PHI) from the data file being exported by the user. User privileges can also be set so that some users may be allowed to export data from the project but will have the data de-identification methods imposed as a means of preventing them from exporting sensitive data, either mistakenly or intentionally.
- A built-in project calendar
- A scheduling module
- Ad hoc reporting tools
- Many advanced features: Such as branching logic, file uploading, and calculated fields.
- Regulatory compliance: REDCap can be installed in a variety of environments for compliance with such standards as HIPAA, 21 CFR Part 11, FISMA (low, moderate, high), and international standards.
The actual version used is the 10.6. The web-hosting server is Apache, which is located behind the Institution firewall. The Institution perform a daily backup of its REDCap database tables. The REDCap database server use is MySQL database. In fact, REDCap stores its data and all system and project information in various relational database tables (i.e. utilizing foreign keys and indexes) within a single MySQL database, which is an open source RDBMS (relational database management system). The front end of REDCap is written in PHP, which is widely used, robust, open source scripting language. Setting up the web server and database server and securing the communication of the servers to each other and to the end-user is the responsibility of the Institution. The institution will store all data captured in REDCap on its own servers. Thus, all project data is stored and hosted there at the Institution, and no project data is ever transmitted at any time by REDCap from that Institution to another Institution or Organization.
To ensure that REDCap users have access only to data and information that they are supposed to have within the application, user privileges are utilized within the software. Each user has their own account, and their user account will only have access to REDCap projects that they themselves have created or to projects which other users have granted them access. Within each project, there are user controls to limit access to various functionality and modules, such as being able to export data, to enter data, to add or modify database fields or survey questions, to build or run reports, to modify user privileges, to view the logging records, and so on. Another feature called Data Access Groups can be implemented to help segregate users and the data they enter by placing users into data access groups, after which they will only be able to access records created by someone in their group.
REDCap implements authentication to validate the identity of end-users that log in to the system. REDCap contains an auto-logout that will automatically log a user out of the system if they have not had any activity (e.g. typing, moving the mouse) on their current web page for 30 minutes. This prevents someone else from accessing their account and their project data if they leave a workstation without properly logging out or closing their browser window.
REDCap maintains a built-in audit trail that logs all user activity and all pages viewed by every user, including contextual information (e.g. the project or record being accessed). Whether the activity be entering data, exporting data, modifying a field, running a report, or add/modifying a user, among a plethora of other activities, REDCap logs all actions.