Scope of Work
The CBMI will provide access and support for the above REDCap database project. Training, set-up assistance and support will be provided for projects being managed in the REDCap system. The CBMI is responsible for the maintenance of the REDCap system and its database. In some circumstances, after discussion with CBMI staff, data migration into REDCap may be performed. The project team will be responsible for all data entry and data analysis.
This Statement of Work will cover:
• 1 Projects
• Up to 10 users
• 10 GB of database space
This scope of work includes up to 3 hours of technical assistance including but not limited to user-training, and discussions. All data back-ups, project development, and maintenance services may be charged a fee for service.
UTHSC-ORNL CBMI Resources
The UTHSC-ORNL Center for Biomedical Informatics (CBMI) has licensed from Vanderbilt University the REDCap data management system. REDCap is an appropriate cost-effective system for projects requiring minimal CBMI effort for design, development, or maintenance. REDCap is securely accessed via user-friendly and intuitive web-applications and is used to collect, process, archive, share and distribute basic, clinical, and translational research data. The REDCap database is an encrypted instance of MySQL and is maintained in the UTHSC Information Technology Services (ITS) HIPAA Compliant server room. MySQL is an appropriate database for small to medium size projects with limited numbers of data collection forms, small registries and databases, and surveys.
To maintain HIPAA compliance each PI controls data access to the level of individual variables. Thus, a PI can allow off-site collaborator access to certain data by providing access to only a de-identified or limited dataset. UTHSC is a Covered Entity under HIPAA and conducts research governed by federal and state laws and regulations. As such, UTHSC has active programs to ensure compliance with these statutes. Members of the Center for Biomedical Informatics, Information Technology Services, and UT Office of Research Compliance help ensure that data are accessed under safe and compliant conditions.
UTHSC ITS Resources
The UTHSC network and computing facilities are owned and managed by UTHSC-ITS and all CBMI systems are physically housed in the ITS computer center, which has electric power conditioning, UPS battery backup for short-term outages, and a backup diesel generator for long-term outages. The computer center also has fire suppression, temperature and humidity control, card key-controlled access, and video monitoring. The building has after-hours access controls and is monitored by the UTHSC police force. Networking equipment across the campus is housed in dedicated and locked wiring closets with battery backups and access limited to UTHSC network services personnel.
A 100-MB switched network with fully redundant network cores provides Internet connections to both the Internet and Internet 2. Network traffic crossing the UTHSC network boundary is examined by a Cisco firewall against its Access Control Lists. Access from outside the UTHSC network for public data is to know web server ports and services. The VPN access is available to authorized users by NetID for off-campus access.
END USER AGREEMENT
Research Electronic Data Capture (REDCap) is an electronic data capture tool provided by the UTHSC-ORNL Center for Biomedical Informatics (CBMI) at The University of Tennessee Health Science Center. In addition to the above, in approving this agreement the user agrees to the following:
1. If REDCap is to be used for a project classified as human subjects research (per the U.S. Department of Health and Human Services [DHHS] Code of Federal Regulations1), it must be APPROVED by the UTHSC IRB before data collection can begin. The user/ project owner will have to provide an IRB outcome letter to CBMI Program Administrator. Additionally, the project owner may add CBMI Program Administrator as a study contact and provide the CBMI with a copy of the approved protocol.
2. The user understands that the collection of Protected Health Information (PHI; per the HIPAA Privacy Rule2) requires that the project database be hosted by UTHSC Information Technology Services behind their firewall and that access outside of UTHSC and specific UT domains will require the use of a Secure ID.
3. All non-UTHSC employees must obtain UTHSC login credentials to access REDCap.
4. Users will not share their login credentials with other study personnel working on the project. Login credentials are obtained via sponsorship to UT-ITS by the CBMI and can be expired for temporary employees.
5. Access to REDCap projects is granted on completion of the online request form and first consultation with the CBMI team.
6. The user understands that the REDCap project will be actively maintained per the timeframe described in the user's approved IRB protocol, or other timeframe agreed upon by all parties before study initiation. The REDCap project will be archived after this time. Once archived, the data will remain in the database (unless requested by the user to be deleted permanently) and the study can be re-‐opened as necessary with the appropriate approvals.
7. Per the license agreement signed with Vanderbilt University, any publications resulting from the use of REDCap should include the following citation:
Paul A. Harris, Robert Taylor, Robert Thielke, Jonathon Payne, Nathaniel Gonzalez, Jose G. Conde, Research electronic data capture (REDCap) -‐ A metadata-‐driven methodology and workflow process for providing translational research informatics support, J Biomed Inform. 2009 Apr;42(2):377-‐81.
1 http://www.hhs.gov/ohrp/policy/cdebiol.html
2 http://dhhs.gov/ocr/privacy/hipaa/administrative/privacyrule/index.html
Working...