...
If you have questions about the information on this page or any other REDCap questions, please submit a ticket.
...
WashU REDCap Instance and Servers
Each REDCap consortium member institution hosts its own separate and independent REDCap server instance. The Institute for Informatics, Data Science, and Biostatistics (I2DB) hosts the WUSTL REDCap instance and maintains servers where REDCap data and metadata are stored. Data stored in the WUSTL REDCap instance in Production Status are protected by multiple layers of security, running on Linux platforms configured for strict user permission policies. Our REDCap database is hosted on scalable cloud based services hosted in the WUSM secure network. User access is provided via an external secure web server. All web communication between the user web browser and the web server is SSL encrypted. Further protections are provided via strict Linux permission configurations on the servers themselves. All database transactions for projects in Productions Status are continually backed to facilitate PITR (point in time recovery) methods and are stored for approximately 30 days. Uploaded files are stored on secure cloud services and are only accessible via the WUSM secure network. Please note, while data are backed up on the production server, if you or anyone added to your project purposely deletes data, for example by deleting records, fields, or instruments, or changing variable names or multiple choice codes, there will be a fee associated with recovering data.Access to the data and various systems are protected by
Access to REDCap, projects, data, metadata, etc., are protected by WUSTL Key and password authentication in accordance with Washington University policy. Information regarding account, project, and data policies are below.
User Account Requirements
All REDCap users must have and use their own log in credentials. Log in credentials for the WUSTL REDCap instance are an active WUSTL Key and password. All user authentications occur in a centralized identification and authorization managed environment. Centralized accounts have aged complex passwords and multi-factor authentication enabled. Accounts are not to be shared in accordance with Washington University policy. That means that you should NOT allow anyone else to work in REDCap while logged in to your account. That person should log into their own account with their WUSTL key on a separate device in order to work in REDCap.* This includes external collaborators as well, e.g. you cannot create a single "External University REDCap Account" when collaborating with a study team at a single university. Users having their own accounts helps improve the security and quality of research participant data stored in the WUSTL instance of REDCap. This is because REDCap stores user activity in the Logging tool in order to 1) resolve data entry and collection issues and 2) assist with study audits. Individual accounts are also a regulatory requirement by the university and you will not be considered in compliance if the requirement is not followed. Also, if multiple users log in from a single REDCap account, the person who's information is attached to that account assumes all risk for any action taken by any user logged in with the credentials for that account. For example, if someone logs into an account, makes a change to the project that causes data loss (e.g. deletes a field containing data), the person who's name and contact information associated with the account is responsible as that is the information tracked in the REDCap log.
*Please note, multiple users can work on the same project at the same time if they are logged in with their own WUSTL key and password on separate devices.
User Account Access
Anyone with a WUSTL Key and password can log in to https://redcap.wustl.edu/. When logging in for the first time, you will be prompted to enter a primary email. For Washington University faculty and staff, please enter your @wustl.edu email. For users with a guest WUSTL key, please enter your email from you other institution or organization. Ideally, this is a .edu or .org email. A confirmation email will be sent to the primary email you entered. Once you have confirmed your email address, you can create projects and be added to projects.
Guest WashU REDCap Accounts
...
REDCap Back-ups and Copies
A REDCap project must be in production mode for any of the subsequent information about back-ups and copies to be relevant. There are no back-ups or copies of projects in development status. Maintaining projects and collecting real patient data in development status is not recommended. If you choose to do this, you are risking data loss and may be non-compliant with the Washington University Research Data and Materials Policy.
Continuous Back-ups: WashU REDCap back-ups are maintained to restore the entire REDCap database (all projects' data and metadata) following a major data loss event. Back-ups are not used to recover individual projects or data from an individual project. REDCap database transactions for projects in Productions Status (for example, data entry, project modifications, survey invitation logs, etc.) are continually backed-up to facilitate point in time recovery (PITR). The continuous back-ups are stored on a rolling 30-day basis. This means that 30 days of back-ups exist from a specific point in time at all times.
Nightly Copies: WashU REDCap projects in production mode are copied nightly with copies stored on a 30-day rolling basis. This means that 30 days of copies exist from a specific day at all times. These copies allow for recovery of data deleted in error, data that had the meaning changed due to project modifications, and other issues that may arise based on user activity. While we can recover data for these reasons, recovery could take several days and will require a $150 per hour fee for the time spent to recover. Depending on the amount data or other information you need to recover, you may choose to try to recover this information from the 1) Logging or 2) Project Revision History features in order to save time and money.
User Account Requirements
All REDCap users must have and use their own log in credentials. Log in credentials for the WUSTL REDCap instance are an active WUSTL Key and password. All user authentications occur in a centralized identification and authorization managed environment. Centralized accounts have aged complex passwords and multi-factor authentication enabled. Accounts are not to be shared in accordance with Washington University policy. That means that you should NOT allow anyone else to work in REDCap while logged in to your account. That person should log into their own account with their WUSTL key on a separate device in order to work in REDCap.* This includes external collaborators as well, e.g. you cannot create a single "External University REDCap Account" when collaborating with a study team at a single university. Users having their own accounts helps improve the security and quality of research participant data stored in the WUSTL instance of REDCap. This is because REDCap stores user activity in the Logging tool in order to 1) resolve data entry and collection issues and 2) assist with study audits. Individual accounts are also a regulatory requirement by the university and you will not be considered in compliance if the requirement is not followed. Also, if multiple users log in from a single REDCap account, the person who's information is attached to that account assumes all risk for any action taken by any user logged in with the credentials for that account. For example, if someone logs into an account, makes a change to the project that causes data loss (e.g. deletes a field containing data), the person who's name and contact information associated with the account is responsible as that is the information tracked in the REDCap log.
*Please note, multiple users can work on the same project at the same time if they are logged in with their own WUSTL key and password on separate devices.
User Account Access
Anyone with a WUSTL Key and password can log in to https://redcap.wustl.edu/. When logging in for the first time, you will be prompted to enter a primary email. For Washington University faculty and staff, please enter your @wustl.edu email. For users with a guest WUSTL key, please enter your email from you other institution or organization. Ideally, this is a .edu or .org email. A confirmation email will be sent to the primary email you entered. Once you have confirmed your email address, you can create projects and be added to projects.
Guest WashU REDCap Accounts
Users from external sites must receive a Guest WUSTL Key and Password. In order for an external collaborator to receive a guest WUSTL Key, a WashU sponsor will need to complete the WUSTL Key Guest Account Request Form. This form needs to be completed for EVERY external collaborator, not one form per site. The sponsor must be the project Principal Investigator (PI). Once the user has obtained their guest WUSTL Key, they can log in as described in the “User Account Access” section above. See the links below full description of obtaining a Guest WUSTL Key:
Manage and Renew Guest WUSTL Keys
Guest WUSTL Keys are temporary with duration of 1-12 months. To manage or renew, the WashU sponsor of the guest key(s) will need to navigate to the WUSTL Connect page and select Manage Guests. You will be required to log in with your WUSTL Key and Password.
WUSTL Key Changes
If your WUSTL key changes or will be changing for any reason, please Submit a REDCap Ticket. When your WUSTL Key change goes into effect, your REDCap username will automatically change to the new WUSTL key, however, your projects will not automatically connect to the new username. If you are on many projects, we can run a script to transfer the projects automatically. Ideally, submit a ticket prior to the WUSTL key change so we can plan to do this soon after the change. If you only have a few projects, you also can have a study team member add your new WUSTL key to the projects manually (Adding Study Team Members to REDCap Projects).
Account De-activation
Accounts will remain active as long as the user is associated with the university or the guest WUSTL Key is active. Accounts of users departing the university will be suspended when the WUSTL Key and password becomes inactive. Users who change departments within Washington University do not have their accounts suspended so do not need to create a new account when they begin in the new department. Please note, a guest WUSTL Key is not tied to an external collaborators institutional account meaning if they leave their current position, the guest WUSTL Key may remain active unless the "Sponsor" of the guest WUSTL Key alerts Wash U IT to deactivate the account. It is important that you monitor external accounts and remove the user from projects if they are no longer working on the project.
...