Attachment G
Use of the Internet
COMIRB #:Approval Stamp here:
Principal Investigator:
Protocol Title:
Version date:
This form should be completed for studies that collect data via the internet. This may involve internet-based surveys (including REDCap survey tool), data collection from social networking sites, or monitoring a subject’s internet activity.
Do not use this form for E-CRF submissions to Sponsors, REDCap data storage functions, or advertising over the internet.
1) Use of the Internet
a. How is the internet being used in this research:
Observation of internet activity
Collecting data over the internet
Other, specify:
2) Expertise
a. Describe the technical expertise of the investigator and/or research team with regard to conducting research on the Internet:
b. Have any technical consultants been involved in designing this research?
Yes No
If yes, please specify and describe their expertise:
3) Studies observing internet activity, please answer the following questions:
a. Is online activity (e.g. chat rooms) being observed?
Yes No
i. If yes, describe the setting and nature of the online activity:
ii. If yes, will the subjects be aware that their activity is being observed (consider chat room access, privacy settings on social media sites, privacy warnings on web pages, etc.)?
Yes No
iii. If no, provide a justification:
b. How will you protect the confidentiality of subject information? Include technical information such as encryption, firewalls, etc.:
4)Studies collecting data over the internet, please answer the following questions:
a. Informed consent
i. Does the software provide a record that captures that a respondent has consented to the survey before survey initiation?
Yes No
If no, provide a justification:
ii. Is that record logged with a timestamp (e.g., respondent #12 consented at 21:27:13 (GMT-0000) on June 5, 2006.)?
Yes No N/A
If no, provide a justification:
b. Secure transmission
Information sent to and from websites can either be transmitted in clear text that could be read if the information was intercepted by a third party (http protocol) or encrypted so that a third party could not read the intercepted information (https protocol)
i. Does the survey use https encryption?
Yes No
If no, provide a justification:
ii. Are there controls in place to prevent a respondent from accidentally entering survey data via the http protocol instead of the https protocol (i.e. does the server display an error message or automatically re-route the respondent to an https page)?
Yes No
If no, explain:
c. Database security
i. Do researchers have access to their data in the database via a username and password?
Yes No
If no, provide a justification:
ii. Has the software company maintaining the research database signed confidentiality agreements preventing them from improperly accessing or disclosing the information contained in those databases?
Yes No N/A
If no, explain:
d. Server security
i. Are the servers that contain the research data, located in a data center, with physical security controls and environmental controls?
Yes No
If no, provide a justification:
e. Backups
i. Is the data backed up nightly?
Yes No
If no, describe frequency of back up:
ii. Is there a finite time period in which a deleted dataset can still be retrieved?
[It is recommended that the investigator inquire about the length of that time period]
Yes No
If no, explain:
f. IP addresses
i.Is the respondent's IP address masked from the researcher?
Yes No
If no, provide a justification:
Criteria for Disqualification of Internet Survey Software:
An answer of no to any of questions excepta(i), a(ii), e(i) ore(ii)is likely to disqualify the survey software system from being used.
Attachment G: Use of the Internet
CF-096, Effective 08/22/11Page 1 of 3