Patient level, clinician level, and clinic level data for [Change to represent your study] will be stored electronically in the REDCap platform at University of Iowa.
The REDCap platform is managed by the Biomedical Informatics group in the Institute for Clinical and Translational Science at the University of Iowa. Each study team member will be granted access to REDCap through a secure login by the study PI, study manager or their proxy.
Credentials: Study team members log into REDCap using their University of Iowa HawkID and HawkID password. HawkID and HawkID passwords are never shared between individuals. External collaborators on the study are granted a HawkID and HawkID password at the request of the University of Iowa Study PI. HawkID and HawkID passwords follow the University of Iowa Password Policy. https://its.uiowa.edu/hawkid/password
Password Strength: University of Iowa HawkID passwords must be a minimum of nine (9) characters long, using a combination of alphabetic, numeric, and special characters and cannot contain consecutive, repeated characters (e.g., aaaaa11111) and cannot contain a string of characters that match previous passwords.
Two-factor Authentication: REDCap supports Two-factor authentication using DUO. Two-factor authentication requires something that only the user knows, with a second factor, something only the user has in their possession, to provide strong identity verification.
Data Backups & Retention: In the University of Iowa REDCap data platform, primary data is stored in an HCIS Data Center. Data backups are secured at an University of Iowa offsite Data Center. Physical system security includes two factor authentication. Operating system security includes: secure logins, firewalls, data encryption at rest, remote system logging and configuration and change management. Data backups are encrypted both in flight and at rest. Copies of data are replicated to the remote data center every 15 minutes. There are 100+ point in time copies of data available at any time. Disaster recovery is tested annually.
Logging: REDCap automatically logs all user access to data on the system and project level, including page views.