Setting of user rights / roles should directly reflect the study’s operational workflow granting functionality based solely upon the need to fulfill project responsibilities. It is important to give the minimum amount of access needed for users (including the Secondary Owner) to perform their duties.
Click on the desired topic to jump to the relevant information.
Data Entry Rights - Grants the user “No Access”, “Read Only”, or “View&Edit” rights to that particular collection instruments. (Located on right side of box)
Expiration Date - Automatically terminates project access for the user on date entered.
Highest level privileges:
Project Design and Setup - Grants user access to add, update, or delete any forms within the project. Also allows user to enable and disable project features and modules. We suggest that only a limited number of users have access to his ability.
User Rights - Grants user access to change the rights and privileges of all users on a particular project, including themselves. We suggest that only the P.I. and the Manager have access to this ability.
Data Access Groups - Grants user access to create and add users to data access groups. User should not assign their self to a data access group or they will lose their access to update other users to data access groups. Therefore, user with this privilege should be able to see all project data regardless of group. We suggest that only a limited number of users have access
Privileges for data reports (including PDFs and API exports), reports, and stats:
Data Export Tool - Grants user “No Access”, “De-identified”, "Remove all tagged identifier fields", or “Full Data Set” access to export all or selected data fields. Data can be exported to one of the 5 default programs in REDCap (Excel, SAS, SPSS, R, Statal).
Default Access: De-Identified;
o No Access - a user will not be able to export data
o De-Identified - shifts all dates even if they are not marked as identifiers and non-validated text fields and note fields (free text) are automatically removed from export.
o Remove all tagged Identifier fields - removes fields marked as identifiers, however, it does NOT automatically remove non-validated text fields or field notes and does NOT date shift
o Full Data Set - has access to export all data
Add / Edit Reports - Grants user access to build and edit simple queries within the project. If user does not have access to a data collection instrument that the report is pulling data from, access will be denied for report.
Stats & Charts - Grants user access to view simple statistics on each field in the project. If user does not have access to a data collection instrument, that instrument will not be listed on the page.
Other privileges:
Manage Survey Participants - Grants user access to manage the public survey URLs, participant contact lists, and survey invitation log.
Calendar - Grants user access to track study progress and allows user to update calendar events, such as mark milestones, enter ad hoc meetings
Data Import Tool - Grants user access to download and modify import templates for uploading data directly into the project bypassing data entry forms.
Data Comparison Tool - Grants user access to see two selected records side by side for comparison.
Logging - Grants user access to view log of all occurrences of data exports, design changes, record creation, updating & deletion, user creation, record locking, and page views. This is the audit trail for the project.
File Repository - Grants user access to upload, view, and retrieve project files and documents (ex: protocols, instructions, announcements). In addition, it stores all data and syntax files when data is exported using the Data Export Tool.
Data Quality - Grants user access to find data discrepancies or errors in project data by allowing user to create & edit rules; and execute data quality rules. If user does not have access to a data collection instrument that the query is referencing, access will be denied for query results.
API - (Application Programming Interface) The REDCap API is an interface that allows external applications to connect to REDCap remotely, and is used for programmatically retrieving or modifying data or settings within REDCap, such as performing automated data imports/exports from a specified REDCap project. For details on the capabilities of the REDCap API and how to use it, please see the REDCap API documentation.
Settings pertaining to project records:
Create Records - Grants user access to add record and data to database.
Rename Records - Grants user access to change key id of record. We suggest that only a limited number of users have access
Delete Records - Grants user access to remove an entire record. We suggest that only the P.I. and the Manager have rights to delete records
Settings pertaining to record locking and E-signatures:
Record Locking customization - Grants user access to customize record locking text.
Lock/Unlock Records - Grants user access to lock/unlock a record from editing. Users without this right will not be able to edit a locked record. User will need "Read only" or "View&edit" to lock/unlock a data collection instrument
User Right Descriptions
NOTE: You must EXPAND the below section to view the full content. Click the (>) carrot to expand.
User Right
Access
Notes
Potential to Access Protected Health Info (PHI)?
Data Entry Rights
Grants user "No Access", "Read Only", "View & Edit", "Edit Survey Responses" rights to the project's data collection instruments.
WARNING: The data entry rights only pertain to a user's ability to view or edit data on the web page. It has NO effect on what data is included in data exports or downloaded to a device*.
YES. If access to a form with PHI is "Read Only" or "View & Edit", user will be able to view PHI.
Expiration Date
Automatically terminates project access for the user on date entered.
Project Design and Setup
Grants user access to add, update or delete any forms within the project. Also allows user to enable and disable project features and modules.
This should be allocated only to trained study members and should be limited to a very few number of users per study.
User Rights
Grants user access to change the rights and privileges of all users on a particular project, including themselves.
WARNING: Granting User Rights privileges gives the user the ability to control other users' project access. This user should be very trusted and knowledgeable about the project and REDCap. Giving user rights to team members should be a carefully thought out decision. The consequences of poor user rights assignments could be damaging to both the security and integrity of your project. For instance, giving record deletion or project design rights to an unqualified person could result in data loss or database integrity issues.
YES. User can change own User Rights and grant access to any module where PHI can be viewed or downloaded to a device.
Data Access Groups
Grants user access to create and add users to data access groups. User should not assign their self to a data access group or they will lose their access to update other users to data access groups. Therefore, user with this privilege should be able to see all project data regardless of group.
For multisite studies this allows the ability to place barriers between sites' data (i.e. group A cannot see, export, or edit group B's data).
Data Exports
Grants user "No Access", "De-identified Only", "Remove all tagged Identifier fields" and "Full Data Set" access to export all or selected data fields to one of the 5 default programs in REDCap (SAS, SPSS, R, Stata, Excel). Default Access: De-Identified; De-identified access shifts all dates even if they are not marked as identifiers. Non-validated text fields and note fields (free text) are also automatically removed from export. "Remove all tagged Identifier fields" ONLY removes fields marked as identifiers and does NOT automatically remove non-validated text fields or field notes and does NOT date shift. In reports and in the API data exports, any fields that have been tagged as "Identifer" fields will be removed from the export file. In the PDF exports, it will include the Identifier field but it will indicated with text [*DATA REMOVED*].
WARNING: The "de-identified" and "remove all tagged identifier field" options are contingent upon correctly flagging identifiers in each field. It is advised to mark all PHI fields as identifiers and restrict export access to "de-identified".
YES. PHI can be exported and downloaded to a device. Exporting data is NOT linked to Data Entry Rights. User with Full Export Rights can export ALL data from all data collection instruments. Please see "Data Exports, Reports, and Stats" FAQ for additional info.
Add / Edit Reports
Grants user access to build reports within the project. If user does not have access to a data collection instrument that the report is pulling data from, those fields will not appear in the report
For complex querying of data, best results are acquired by exporting data to a statistical package.
YES. Depending on Data Entry Rights, PHI can be viewed.
Stats & Charts
Grants user access to view simple statistics on each field in the project in real time. If user does not have access to a data collection instrument, that instrument will not be listed on the page.
Outliers can be identified and clicked on which will take you immediately to the record, form and field of the individual with the outlier data.
YES. Depending on Data Entry Rights, PHI can be viewed.
Survey Distribution Tools
Grants user access to manage the public survey URLs, participant contact lists, and survey invitation log.
YES. Email addresses (PHI) may be listed for the participant contact lists and invitation logs. Emails can be downloaded to a device.
Calendar
Grants user access to track study progress and allows user to update calendar events, such as mark milestones, enter ad hoc meetings.
In combination with the scheduling module the calendar tool can be used to add, view and update project records which are due for manipulation.
YES. PHI can be entered and viewed in the "notes" field. Data entered can be printed to PDF and downloaded to a device.
Data Import Tool
Grants user access to download and modify import templates for uploading data directly into the project bypassing data entry forms.
WARNING: This will give the user the capability to overwrite existing data. Blank cells in the data import spreadsheet do not overwrite fields with data.
Data Comparison Tool
Grants user access to see two selected records side by side for comparison.
Extremely helpful when using double data entry.
YES. PHI can be viewed. Data can be printed and downloaded to a device. ALL data discrepancies for all fields in project are displayed and can be downloaded to user with access to this module - NOT linked to Data Entry Rights or Data Export Tool Rights.
Logging
Grants user access to view log of all occurrences of data exports, design changes, record creation, updating & deletion, user creation, record locking, and page views. This is the audit trail for the project.
Useful for audit capability.
YES. ALL data entered, modified and changed is listed in module, can be viewed and downloaded to a device.
File Repository
Grants user access to upload, view, and retrieve project files and documents (ex: protocols, instructions, announcements). In addition, it stores all data and syntax files when data is exported using the Data Export Tool.
WARNING: While users with restricted data export rights will not be able to access saved identified exports, they will be able to view any other sensitive information stored in the file repository such as photos or scanned documents. Limit this privilege to those who should have access to PHI.
YES. Depending on Data Export Tool rights, PHI can be downloaded to a device.
Data Quality
Grants user access to find data discrepancies or errors in project data by allowing user to create & edit rules; and execute data quality rules. If user does not have access to a data collection instrument that the query is referencing, access will be denied for query results.
YES. Depending on Data Entry Rights, PHI can be viewed.
Create Records
Grants user access to add record and data to database.
Basic tool and need of data entry personnel.
Rename Records
Grants user access to change key id of record.
WARNING: Should only be given to trained staff - can cause problems in data integrity.
Delete Records
Grants user access to remove an entire record.
WARNING: Records deleted are records lost. Few, if any, team members should have this right.
Record Locking Customization
Grants user access to customize record locking text.
Will only be applicable to users with Lock/Unlock rights. Sometimes used for regulatory projects to provide "meaning" to the locking action.
Lock/Unlock Records
Grants user access to lock/unlock a record from editing. Users without this right will not be able to edit a locked record. User will need "Read Only" or "View & Edit" to lock/unlock a data collection instrument.
A good tool for a staff member who has verified the integrity of a record to ensure that the data will not be manipulated further. Works best if few team members have this right.
Yes. Depending on Data Entry Rights, PHI can be viewed.
How to setup User Roles:
User roles are useful when you will have several users with the same privileges because they allow you to easily add many users to a role in a much faster manner than setting their user privileges individually. Roles are also a nice way to categorize users within a project.
The following shows how to create and assign user roles:
Click "User Rights" in the left hand menu under ‘applications’
Click in the "Create new role name" box (circled in red in image below). Here type the name of the role and click "Create role"
Now the "Creating new role" box will appear > select the rights you'd like to give the user and click "Create role" (circled in red in image below).
Now that the role is created, users can be added to it. Do this by clicking in the "Assign new user" box > type in the user's unid or name > select the correct name. Next click "Assign to role" and select from the drop-down menu which role you would like to assign to the user.
The user will now be assigned to that role
Additional Considerations & FAQs
To restrict a user from viewing sensitive fields, you must group all of the sensitive fields on one form and set the user's data entry rights to "None" for that form. This will prevent the user from viewing the entire form. You cannot selectively prevent a user from viewing certain fields within a form.
To limit access to an instrument, go to User Rights > Select the User > Click “No Access”
The User Rights page can be used to determine the roles that a user can play within a REDCap database. The Data Access group on the other hand determines the data visibility of a user within a REDCap database.The following example will illustrate the distinction that was made above. Let's say that users 1 and 2 have identical data entry roles. In this situation the Create and Edit Record rights would be assigned to both users. However a particular project may require that they should have the ability to perform data entries on the same set of forms without seeing each other's entries. This can be done by assigning User1 into the access group1 and User2 to the access group2.
You can create roles to which you may assign users. User roles are useful when you will have several users with the same privileges because they allow you to easily add many users to a role in a much faster manner than setting their user privileges individually.
Below are roles & associated rights most commonly used in REDCap projects. It is up to the discretion of the project PI in conjunction with the study operations & workflow, etc. whether or not to set up roles in a project:
· PI/ Owner (s)
· Project Coordinator (s)
· Research Staff
· Reporting / Analysis
Roles allow you to categorize users within a project. You can clearly designate which user is the project owner in the User Rights section (with appropriate permissions). Usually the owner is the user with the right to grant project access to other users. For purposes of project identification, you might also want to have a separate role of PI. Be sure you also have the PI (if applicable) identified in "Modify project title, purpose etc.
