REDCap System Security Statement

ITHS REDCap System Security Statement
Version Date: 29 March, 2013
In 2010 the Biomedical Informatics Core of the Institute of Translational Health Sciences (ITHS BMI)
began supporting an installation of REDCap (Research Electronic Data Capture), which is software
specifically designed for electronic data capture (EDC) for clinical trials. REDCap was originally
developed at Vanderbilt University and is actively developed and supported by a consortium of
academic institutional partners. For more information about the REDCap software, please see
http://www.project-redcap.org/
REDCap features include differentiated user roles and privileges, user authentication and
authorization security, electronic signatures, SSL encryption (128 bit minimum), and comprehensive
auditing to record and monitor access and data changes. Principal Investigators can configure REDCap
User Rights and Data Access Groups to provide granular study data access to authorized study
personnel.
Further information on ITHS Standard Operating Procedure for production servers:






Access to servers is restricted to authorized ITHS Biomedical Informatics Core support personnel
whose contact email address is listed below.
The servers are located on ITHS-owned hardware in a secure server room at the University of
Washington. This server room meets the technical requirements for HIPAA compliance and hosts
other servers containing Protected Health Information (PHI).
The Operating System of each server will be kept fully patched and firewalled in accordance with
UW Medicine Information Security Policy SEC05.04, which can be found online at
http://security.uwmedicine.org/guidance/policy/computingdevice_system/default.asp
REDCap and supporting software will be maintained and updated by ITHS Biomedical Informatics
Core with advance notice given to users.
The REDCap system has been reviewed by the security department of the Information Technology
Services and was deemed secure. However, REDCap was not intended to be used for any continuous
business purposes and therefore shouldn’t be used by any user for that specific purpose.

Contact Information:

ITHS REDCap System Administrators
Institute of Translational Health Sciences
iths_redcap_admin@uw.edu

About the ITHS
The ITHS is a partnership among the University of Washington, Seattle Children’s, the Fred Hutchinson
Cancer Research Center, and other local institutions dedicated to improving human health. The ITHS is
also part of the national Clinical and Translational Science Awards (CTSA) consortium, and is funded
under grants UL1 RR 025014, KL2 RR 025015, and TL1 RR 025016 from the National Center for
Research Resources and the National Center for Advancing Translational Sciences, part of the National
Institutes of Health.
850 Republican Street, Seattle, WA 98109

email: iths@u.washington.edu

website: http://www.iths.org