The code block below illustrates how one might use # and // as comments in your logic and calculations.

This value you provided is not a number. Please try again.

This value you provided is not an integer. Please try again.

The value entered is not a valid Vanderbilt Medical Record Number (i.e. 4- to 9-digit number, excluding leading zeros). Please try again.

The value you provided must be within the suggested range

The value you provided is outside the suggested range

This value is admissible, but you may wish to double check it.

The value entered must be a time value in the following format HH:MM within the range 00:00-23:59 (e.g., 04:32 or 23:19).

This field must be a 5 or 9 digit U.S. ZIP Code (like 94043). Please re-enter it now.

This field must be a 10 digit U.S. phone number (like 415 555 1212). Please re-enter it now.

This field must be a valid email address (like joe@user.com). Please re-enter it now.

The value you provided could not be validated because it does not follow the expected format. Please try again.

Required format:

po7gJ6ndAvb9YR7WciTyHakmgzrFQSEdokm3RFdYPoaXbn3ArIjHI98GRzET7niFkU

REDCap Acceptable Use Policy

Please read and accept all terms and conditions.

Thank you!

The purpose of this document is to outline acceptable uses of REDCap (Research Electronic Data Capture) for The Ottawa Hospital (TOH), the University of Ottawa Heart Institute, and The Ottawa Hospital Research Institute (OHRI) investigators, scientists and staff. This policy is intended to ensure REDCap is used in a way that protects privacy and confidentiality while assisting authorized users to collect and manage data for research, quality assurance and administrative purposes.

This policy outlines acceptable uses of The Ottawa Hospital's instance of REDCap (Research Electronic Data Capture) and is intended to ensure it is used in a way that protects privacy and confidentiality while assisting authorized users to collect and manage survey data.

This policy is applicable to all Ottawa Hospital (TOH), University of Ottawa Heart Institute (UOHI), and Ottawa Hospital Research Institute (OHRI) investigators, scientists and staff who use REDCap.

Developed by a multi-institutional consortium initiated at Vanderbilt University, REDCap is a free, secure, web-based application designed to support data capture. Initially designed for research studies, REDCap may also be used for quality assurance and administrative projects, subject to the specific requirements for each type of use. Data collection is customized for each project by the project team members.

REDCap provides a streamlined process to build and manage online surveys and databases. Users can:

a) Design data collection forms
b) Conduct real-time data entry validation
c) Consult audit trails to track data manipulation and export procedures
d) Export data for analysis in common statistical packages (SPSS, SAS, Stata, R)
e) Assign different levels of access for each member of the project team
f) Send files securely using Send-It

REDCap is licensed at no cost to academic institutions by Vanderbilt University. All data entered into the software are stored on local servers of the institution.

Research Studies
Only non-regulated studies (i.e. studies that will not be audited by Health Canada or Food and Drug Administration [FDA]) that have obtained approval from Ottawa Health Science Network Research Ethics Board (OHSN-REB) or alternate REB of record may use REDCap. These include observational (cross-sectional, case control, or cohort) studies, or surveys.

Quality Assurance Initiatives
REDCap may be used to support quality assurance (QA) initiatives where QA is defined as: the systematic monitoring and evaluation of the various aspects of a project, service, or facility to ensure that standards of quality are being met.

Administrative Purposes
REDCap may be used to support administrative and operational activities unrelated to patient
care.
Examples: a feedback survey for staff invited to an information session; an employee
scheduling survey sent to managers by Human Resources; a form to request departmental
services.

I ACCEPT

reset

Users must not use REDCap products, services or technology infrastructure in any manner that constitutes an inappropriate use, which include, but is not limited to:

a) the collection and storage of clinical patient care data (e.g. electronic medical records);
b) the creation, collection, transmission, storage or exchange of any material in violation of applicable laws;
c) accessing, using, collecting, destroying, encrypting, altering or disposing of information in violation of any applicable laws;
d) making, possessing or distributing computer programs that are designed to assist in obtaining access to computer systems in violation of applicable laws;
e) possessing, viewing, downloading, transmitting, or storing any pornography or any involvement whatsoever with the traffic of such material;
f) using another user's password, or any other identifier to engage in any activity in violation of applicable laws;
g) breaching copyright, trade secret, or other intellectual property rights (e.g. breaching software licenses, pirating recorded music or movies or stealing trade secrets);
h) willfully bypassing or subverting The Ottawa Hospital's physical, logical or procedural safeguards such as firewalls, web-filtering software or other access controls;
i) deliberate unauthorized access to information, facilities or services accessible through The Ottawa Hospital's infrastructure;
j) Unauthorized use, collection, disposal, destruction, encryption, alteration or disclosure of any personal information or personal health information, business trade secrets, or sensitive information provided by or obtained from The Ottawa Hospital.
k) Selling, sharing or otherwise redistributing The Ottawa Hospital's products or services without written authorization from The Ottawa Hospital;
l) Any other activity that may expose The Ottawa Hospital to civil liability.

I ACCEPT

reset

Users must not use REDCap in any manner that constitutes an inappropriate use, which
includes, but is not limited to:

a) the collection and storage of clinical data to support real-time patient care and/or clinical
data which should be part of the patient record (I.e. this tool should not be used as part
of the official TOH health record);
b) any creation, collection, transmission, storage or exchange of any material in violation of
TOH privacy, confidentiality, and security policies and any applicable laws;
c) any other activity that may expose TOH to civil liability.

* must provide value

I ACCEPT

reset

When collecting patient-level data, it is incumbent upon the user to limit the collection of sensitive and possibly identifying patient information to only those data elements which arenecessary to collect to satisfy the purpose of the project. If you require clarification during the preparation of a survey or a data collection form, you may contact the TOH Information and Privacy Office (IPO) at infoprivacyoffice@toh.ca.
Note: Regular audits of the underlying data will help to ensure user compliance.

The following are Acceptable to collect without further assessment from the IPO:
- Unique study ID known to the surveyor to identify the respondent but defined uniquely for the study/project and not linkable to other health information systems or studies
- Age
- First 3 characters of postal code
- Birth year and month
- Chart number (MRN)
- Encounter number or other system identifier for data linkage
- Provider name, clinic, unit, etc.

The following requires assessment from either REB or TOH IPO:
- Name (patient or family member)
- Phone number
- E-mail address
- Full postal code
- Mailing address
- Full birth date
- OHIP number
- Social insurance number
- Vehicle identifiers & serial numbers
- Biometric identifiers
- Full face images

I ACCEPT

reset

Who can use REDCap?
Only TOH, the University of Ottawa Heart Institute, and OHRI staff and physicians may request to create a new REDCap account. REDCap account holders may share project documents with non-REDCap account holders who have a TOH, the University of Ottawa Heart Institute, or OHRI email account. Login credentials should never be shared.

It is the responsibility of every REDCap user to adhere to all Terms of Use outlined in this document. Members of the project team, including the Project Lead or Principal Investigator, are also responsible for:
â€¢ Building the REDCap database (entry forms) in such a way that it is adequate to capture the necessary data
â€¢ Collecting only the minimally necessary personal health information required
â€¢ Abiding by Terms of Use

Furthermore, the Project Lead (or Principal Investigator for research studies) has additional responsibilities:
â€¢ Ensuring approval of the Research Ethics Board (REB) is obtained before study begins, if applicable.
â€¢ Ensuring all members of the research team understand their responsibilities
â€¢ Designating the appropriate level of access for all project members to ensure compliance with the Personal Health Information Protection Act (PHIPA, 2004)1 and other provincial and federal regulations protecting patient privacy and confidentiality
â€¢ Ensuring the study in all sites is conducted in compliance with the approved protocol, REB and if applicable, Health Canada and the FDA
â€¢ Immediate reporting of any suspected or known security breaches to the Chief Privacy officer at TOH

I ACCEPT

reset

Only TOH, UOHI, and OHRI staff and physicians may request to create a new REDCap user account. Login credentials must never be shared.

User: An individual who holds a REDCap account.

All REDCap users are responsible for:
â€¢ Adhering to the Acceptable Use Policy;
â€¢ Creating surveys and data collection forms in such a way that is adequate to capture the necessary data but at the same time limiting the collection of sensitive and possibly identifying information to only those data elements which are necessary to collect.

Project Lead: A REDCap user who creates and oversees the management of a REDCap project. In Research Projects, this may be the Principal Investigator (PI) or someone designated by the PI.

The Project Lead is responsible for:
â€¢ Adding/removing users to the project and for managing their security and access privileges;
â€¢ Designating the appropriate level of access for all project members
â€¢ Ensuring all members of the project team understand their responsibilities; and
â€¢ Immediately reporting any suspected or known privacy breaches to the TOH IPO at infoprivacyoffice@toh.ca

For research projects, the PI is ultimately responsible for the conduct of their project. In addition to the responsibilities listed above, the PI is responsible for:
â€¢ Ensuring approval from OHSN-REB is obtained before the project begins; and
â€¢ Ensuring the study is conducted at all sites in compliance with the REB-approved protocol, REB policies, Tri-Council Policy 2 (TCPS 2), Good Clinical Practice Guidelines (GCP) and where applicable, Health Canada and the FDA

Project Staff: Any REDCap user added to a REDCap project by the Project Lead. The Project Staff will have varying security and access privileges, as assigned by the Project Lead.

* must provide value

I ACCEPT

reset

REDCap Send-It is a secure data transfer application that allows the upload and sharing of large files contain sensitive data via email. Files can be sent to multiple project team members with a TOH email account, including those without a REDCap account. Each recipient will receive an email containing a unique download URL, along with a second follow-up email with the password for downloading the file. The file will be stored securely and then later removed from the REDCap server after the specified expiration date set by the sender (up-to two weeks). Send-It is the preferred solution for sending project files that are too large for email attachments or that contain sensitive data.

* must provide value

I ACCEPT

reset

Any exceptions to this policy must be assessed and reviewed by the TOH Information and Privacy Office (IPO). The IPO will assess whether there is clear justification and help to determine the minimum extent of data collection necessary to meet the justified need. You can request feedback on the privacy risks relating to a survey at infoprivacyoffice@toh.ca.

* must provide value

I ACCEPT

reset

REDCap will be monitored and audited for any breach to this Acceptable Use Policy. All instances of noncompliance will be reviewed by the TOH Information and Privacy Office (IPO) which may recommend appropriate actions for any breach of TOH policy or privacy legislation. Non-compliance with TOH policies and/or legislation can result in corrective remedial action, mandatory reporting to regulatory bodies, and/or discipline up to and including termination of employment or privileges.

* must provide value

I ACCEPT

reset

Personal Health Information (PHI)
As outlined in Section 4 of PHIPA, 20041, PHI refers to "identifying information about an individual in oral or recorded form" as it relates to:

a) Physical/mental health of the individual including family health history
b) The provision of health care to the individual, including identification of the health care provider
c) Payment or eligibility for health care or eligibility for coverage for health care
d) Donation of body part or bodily substance
e) The individual's health number or
f) The identification of an individual's substitute decision maker

Examples include:
1. Name
2. Partial Date of Birth (i.e. Month and/or Year of Birth)
3. Full or Partial Address (i.e., Postal Code only)
4. Health Card Number
5. Email Address/Phone/Fax
6. Medical Record Number (MRN)
7. Information from medical history
8. Test results

Identifying information / Identifier
As outlined in Section 4 of PHIPA, 20041 "identifying information means information that identifies an individual or for which it is reasonably foreseeable in the circumstances that it could be utilized, either alone or with other information, to identify an individual."

Project Team
This includes the Project Lead/Principal Investigator, research coordinators and assistants, data entry persons and other personnel granted access to the project-specific REDCap database.

Database
A set of data entry forms, surveys, schedules and other REDCap instruments pertaining to a specific study or project.

Authentication
A confirmation from the authoritative source (e.g. Active Directory) that the user credentials (username and password) are valid.

Authorization
A set of rights to access specific objects (forms, tabs, controls) in a specific mode (e.g. read-only, de-identified, etc.)

I ACCEPT

reset

You have selected an option that triggers this survey to end right now.

To save your responses and end the survey, click the 'End Survey' button below. If you have selected the wrong option by accident and/or wish to return to the survey, click the 'Return and Edit Response' button.