How does LabArchives compare to other MGB Enterprise Applications?

A fewMGB Enterprise Applications may appear meet the ELN Policy requirements, however, they do not meet the definition of an electronic lab notebook for the purposes of data integrity, transparency, reproducibility, and legal documentation for patent prosecution.

An Electronic Research/Lab Notebook is a legally defensible, centralized system for documenting your research processes and research data throughout its lifecycle in a manner that is real-time available, reusable, discoverable, and if need be, peer-reviewable. 

REDCap, Dropbox, and other storage solutions will continue to be supporting solutions. They have different features / functionality that will compliment LabArchives as these features and functions are not available in the LabArchives ELN. MGB will continue to support these solutions for use in conjunction with the LabArchives Research/Lab Notebook.

 

For all Active Research Projects as of Oct. 1, 2019, Researchers should use LabArchives to:

  1. Document Data Lifecycle in line with the MGB Research Data Management Integrity initiative (on the Research Navigator)
  2. Document Statistical Analysis processes and procedures about data prepared for publication, grant submission, or provided to sponsors or reporting agencies.

GOAL: Ensure Data Integrity, Transparency and Reproducibility

Application Data Life Cycle Statistical Analysis Plan
REDCap Good for primary/source data storage and also archiving at study close. Reference REDCap project ID in LabArchives documentation. Data must be exported from REDCap for analysis. Document SAP in LabArchives
Dropbox Business Good for primary/source data storage, data in use, archiving, and MS Office document storage. Reference folder/directory in LabArchives documentation. Good for output file storage, Reference folder/directory in LabArchives documentation.

 

LabArchives Quick Guides: Storage https://rc.partners.org/labarchives

MGB Secure Storage Solutions: https://rc.partners.org/storage

MGB Enterprise Dropbox: https://rc.partners.org/dropbox

  • Dropbox does not have a statement on 21 CFR Part 11 compliance. It is a recommended storage solution because it does comply with other data integrity requirements such as: revision history, authorization by MGB account, access controls. Acceptable for record keeping activities and data use storage if Part 11 compliance is not needed. Limitations may include data storage limits.

 

 

DropBox Business

MGB Dropbox Business will continue to be a storage solution.

Dropbox will continue to be supporting storage solution. It is a recommended storage solution because it does comply with other data integrity requirements such as: revision history, authorization by MGB account, access controls. Limitations may include data storage limits.

ELN Requirements Data Storage / Collaboration Tool: Dropbox Business
1. Must be compliant with all MGB Enterprise Information Security Policies, Standards, and Procedures. Yes

2. Must be compliant with applicable regulatory and legal requirements evaluated and applied where appropriate including, but not limited to:

  • Health Insurance Portability and Accountability Act (HIPAA);
  • Mass General Law, Chapter 93H (M.G.L.c.93H); and
  • EU General Data Protection Requirement (GDPR) if the Research Data include personal data collected in the EU, and the research is operating under a contract or research agreement with GDPR terms.
Dropbox is approved for Institutional and Confidential data, including Protected Health Information (PHI), at Partners HealthCare, but may not meet all regulations governing data protected under specific contracts and federal regulations. See Dropbox Business FAQ
3. ELN Systems that include signing and witnessing of electronic records with electronic signatures must also comply with Title 21 of the Code of Federal Regulations (21 CFR Part 11.) No

4. The ELN must include Data Integrity Controls for the entire Data Life Cycle.  These include, but are not limited to:

  • Date time, user, and action logs of any modification to Primary Data
  • Inability to delete primary data or deletion with appropriate deletion logs
  • Control of Primary Data access by PI and/or Lab Manager or designee
  • Documentation of Research Data chain of custody (i.e. Ownership, PI Transfer In/Out)
  • Logs that record access to primary data sharing activities
Yes

 

REDCap

REDCap is an electronic data capture system.

REDCap is great for primary/source data storage and archiving primary/source data at study close. However, data must be exported from REDCap for analysis and the analysis must be documented in LabArchives.

ELN Requirements

Data Mangement Tool:  REDCap

1. Must be compliant with all MGB Enterprise Information Security Policies, Standards, and Procedures. Yes

2. Must be compliant with applicable regulatory and legal requirements evaluated and applied where appropriate including, but not limited to:

  • Health Insurance Portability and Accountability Act (HIPAA);
  • Mass General Law, Chapter 93H (M.G.L.c.93H); and
  • EU General Data Protection Requirement (GDPR) if the Research Data include personal data collected in the EU, and the research is operating under a contract or research agreement with GDPR terms.
Yes
3. ELN Systems that include signing and witnessing of electronic records with electronic signatures must also comply with Title 21 of the Code of Federal Regulations (21 CFR Part 11.) Yes, but not proven. See REDCap: Compliance

4. The ELN must include Data Integrity Controls for the entire Data Life Cycle.  These include, but are not limited to:

  • Date time, user, and action logs of any modification to Primary Data
  • Inability to delete primary data or deletion with appropriate deletion logs
  • Control of Primary Data access by PI and/or Lab Manager or designee
  • Documentation of Research Data chain of custody (i.e. Ownership, PI Transfer In/Out)
  • Logs that record access to primary data sharing activities
ELN Policy Concern: REDCap ensures Data Integrity Controls for data collection but not the entire Data Life Cycle. Data must be exported from REDCap for analysis. Therefore, researchers must document their Statistical Analysis Plan in LabArchives

 

OneNote

OneNote is primarily a notes-taking app and is not designed for recording scientific work.

OneNote is primarily a note-taking app and is not designed for recording scientific work.

OneNote does not support digital signatures and witnessing of documents or maintain a robust audit trail, so the researchers' inventions or discoveries do not have adequate intellectual property or patent protections.

OneNote is not compliant with 21 CFR Part 11 or GxP (good practice guidelines and regulations).

There are MGB groups that have a managed license for OneNote that are currently under review for ELN Policy Exception. If granted, that exception will ONLY APPLY to approved groups and not for the general use of OneNote as an ELN.

ELN Requirements Notes Taking: OneNote
1. Must be compliant with all MGB Enterprise Information Security Policies, Standards, and Procedures. Yes

2. Must be compliant with applicable regulatory and legal requirements evaluated and applied where appropriate including, but not limited to:

  • Health Insurance Portability and Accountability Act (HIPAA);
  • Mass General Law, Chapter 93H (M.G.L.c.93H); and
  • EU General Data Protection Requirement (GDPR) if the Research Data include personal data collected in the EU, and the research is operating under a contract or research agreement with GDPR terms.
Need to Confirm
3. ELN Systems that include signing and witnessing of electronic records with electronic signatures must also comply with Title 21 of the Code of Federal Regulations (21 CFR Part 11.)

Microsoft Statement: https://www.microsoft.com/en-us/trustcenter/compliance/fda

No, OneNote does not provide an option to electronically sign a note.

 

4. The ELN must include Data Integrity Controls for the entire Data Life Cycle.  These include, but are not limited to:

  • Date time, user, and action logs of any modification to Primary Data
  • Inability to delete primary data or deletion with appropriate deletion logs
  • Control of Primary Data access by PI and/or Lab Manager or designee
  • Documentation of Research Data chain of custody (i.e. Ownership, PI Transfer In/Out)
  • Logs that record access to primary data sharing activities

ELN Policy Concern: Alterable Time- and Date-Stamping: Change or remove the page creation date or time in OneNote Online : the user can alter the times and dates. Since timestamping can be done by the user, it may not be possible to prove when a document was generated for the first time -  Insert the current date and time on a page 

ELN Policy Concern: Audit Trail: OneNote does not keep every version of the page – only changes made on up to 10 unique days OneNote Page Versions. The only audit trail is an alterable time stamp and who edited the document or record. There’s no long-term trail of what was changed.

ELN Policy Concern: User can manually delete a Notebook (Delete a Notebook in OneNote for Windows) – This has major implications on control of data and chain of custody.