Security and Archival of Data. The EDC and Rave eCOA/ePRO systems are hosted by Medidata; the data are stored at Medidata’s primary data center in Houston, Texas, with fail-safe data centers in New Jersey. Data are regularly backed up by Medidata. Medidata maintains 21 CFR Part 11-compliant electronic systems, with procedures in place to safeguard against unauthorized acquisition of data. Any authorized communication with the Medidata servers at the Houston Data Center is conducted via SSL (128-bit) encryption. Robust password procedures, consistent with 21 Part 11, are in place. Robust physical security procedures are in place at the Houston Data Center to prevent unauthorized personnel physical access to the server rooms. EDC account access is maintained and monitored by the Biostatistics and Clinical Data Management group of the TDNCC. Other databases will be stored on Seattle Children’s servers and are safeguarded against unauthorized access by established security procedures. Network accounts are password protected and maintained and monitored by Seattle Children’s. Data is backed up regularly according to the Information Services group’s procedures.
Security and Archival of Data. The EDC system is hosted by Medidata; the data are stored at Medidata’s primary data center in Houston, Texas, with fail-safe data centers in New Jersey. Data are regularly backed up by Medidata and stored with Iron Mountain. Medidata maintains 21 CFR Part 11-compliant electronic systems, with procedures in place to safeguard against unauthorized acquisition of data. Any authorized communication with the Medidata servers at the Houston Data Center is conducted via SSL (128-bit) encryption. Robust password procedures, consistent with 21 CFRPart 11, are in place. Robust physical security procedures are in place at the Houston Data Center to prevent unauthorized personnel physical access to the server rooms. EDC account access is maintained and monitored by the Data Management group of the TDNCC. Other databases will be stored on Seattle Children’s servers and are safeguarded against unauthorized access by established security procedures. Network accounts are password protected and maintained and monitored by the Seattle Children’s Research Institute Information Technology group. Data is backed up regularly according to the Information Technology group’s procedures. Note that there is an intention to make biospecimens and associated data available to investigators for future exploration. The biospecimens will be collected under IRB approval, processed according to a rigorous standard operating procedure and stored at a central facility, with appropriate procedures to enable long term, stable storage. Researchers may apply, via a standardized process, for use of de-identified data and specimens for research purposes. Applications will undergo a scientific review process administered through CFFT. When applying for use of data or specimens, the applicant must agree to: (1) use the data and specimens only for research purposes and to not make any attempts to try to identify any individual subject; (2) securing the data and specimens using appropriate methods; and
