REDCap: Securing PHI and Sensitive Data Collection

We recommend that projects do not collect unnecessary identifiable information.  But when you must, you can use REDCap. 

Why do I need to be concerned about protecting PHI in REDCap?  Isn't it secured by Partners Research Computing?
Yes, REDCap is a secure application supported by Partners Research Computing, Enterprise Research Infrastructure & Services (ERIS).   ERIS has all the necessary physical and operational securities in place to meet or exceed Federal and State security and privacy regulations for data transmission and storage using REDCap. 

However, REDCap is a web-based application and the projects are managed by YOU, the project user.  This means your project data can be accessed by users for which YOU grant and restrict access.  Your project will be accessed via the internet which means it can be accessed from anywhere, including outside the Partners network.

These steps will allow YOU to collect PHI and Sensitive data securely:


REDCap users must NOT share or reveal their authentication methods to others.  Sharing usernames and passwords means the authorized user assumes responsibility for actions that another party takes within REDCap.  Providing IDs or passwords to unauthorized individuals is a BREACH OF CONFIDENTIALITY and is grounds for disciplinary action.

2) Access REDCap ONLY:
 - on a secure network (ex: Partners intranet, password protected wifi)
 - from a Partners workstation or encrypted, Partners approved mobile device (laptop, iPad)

3) Grant access ONLY to staff, researchers, and external collaborators:
 - who are trained in protecting PHI  
            CITI Training:
           NIH Security Training:
 - who will access REDCap on secured networks and devices that comply with Partners standards
For more information for external collaborators:  Adding External Users to REDCap

4) Flag PHI and Sensitive data fields as "Identifiers = Yes"

Field as Identifier

Run the "Check For Identifiers" module to review all your project variables.

Run Check for Identifiers

5) Group all contact information required to engage the participant on a separate Data Collection Instrument. 

Restrict Access to this instrument in the User Rights > Data Entry Rights. 

Grant "NONE" access to ALL users except those users that need this information to follow-up with the participant.

Grant User Rights     then     Limit Data Entry Rights

6) Grant "None" or "De-Identified" Export Access to project users.  Ensure that PHI and sensitive data does not leave the secured REDCap database and is "accidentally" downloaded to a non-secured device.

De-Identify Export Rights  


For more information, please access Partners HealthCare Information Security Policies.


Go to KB0027906 in the IS Service Desk

Related articles