REDCap Security Best Practices

 

Never Dismiss a Concern Regarding Security

While the REDCap environment controls implemented by Information Technology keep your studies and data safe, we ask that all REDCap users take an active role to insure that we continue to maintain our high level of security.

Your Responsibilities to Insure Safety and Security 

• Know your list of 18 HIPAA Patient Identifiers
• Insure you have marked each one of these identifiers in REDCap
• Review REDCap User Rights and set permissions appropriately
• Review all users who have access to your projects once a month
• Be mindful of transporting files containing sensitive data
• Archive Projects that are complete

Your Workstation Security Requirements

• Your computer must be encrypted
• Your computer must have up to date antivirus
• Contact UMass Chan Helpdesk to have Computrace installed on your computer
  (LoJack theft recovery software for computers)

   

REDCap Environment Controls Implemented by IT 

• Data storage resides in a Regulated Environment
• IT REDCap System Administrators access through SSL, VPN, signing at entry point
• Daily automated data backup and storage
• Centralized regulatory/compliance management