Table 1 Description of Web-Based Application for the Research Ethics Board (REB)

Study population

Obese patients (ages 7-17) with existing cardiac condition

Data Storage Locations

1. LHSC Shared Drive: Identifiable data is stored only on the LHSC network on a private shared storage location.

• Type of Data:

• Notes and documentation gathered from the health coaches, demographic data, etc.

• Patient demographic data.

• Study related documentation.

• Database backups and Web access logs.

2. Web Server: Anonymized data is maintained on ISQ Solutions Inc. web server. This data is stored in SQL DB with user authentication via a web interface or mobile phone app. All information is entered under a generic patient login name (e.g., ‘patient1’, ‘patient2’, etc) and password.

• Type of Data:

• Numerical data related to the users’ exercise and eating habits.

3. Email System: Data is also transferred via email to and from patients, again using anonymized generated patient ID. Information is transient and is deleted as the trial data is analyzed.

• Type of Data:

• Follow-up from health coaches will be transferred to and from patients.

4. External Drive: The identified data stored on the LHSC network is backed up with the standard LHSC backup utility, and copied to an external encrypted HD that is stored on site at LHSC in a locked cabinet, compatible with hospital records-keeping standards.

• Type of Data:

• Notes and documentation gathered from the health coaches.

• Patient demographic data.

• Study related documentation.

Logging

• The phone and email communication will be logged on pen-and-paper forms by the health coaches as it is acquired.

• Access to the web site and database will be logged to an activity log and stored on the web server. This log is backed up nightly to the LHSC server shared area.

Data Retention

• All study data will be maintained five years after the study has been completed, as per hospital protocol.

Information Security

• External access to data:

• Anonymized information is stored on an external web server. Web server requires ID and password for access.

• Email communication to and from health coach. Emails are stored on external email server. Anonymized accounts are used, and no patient identifiable information is transferred. ID and password are required for access.

• External access to the shared drive on LHSC server is accessible to team members only via Juniper VPN, utilizing 2 form authentication.

• External data backup drive:

• Kept onsite at hospital, stored in a locked drawer, and encrypted with 512-bit encryption and 64 character password. Trucrypt is used to encrypt the drive.

• System Tracking, backup and logging:

• Web site access is tracked and logged.

• Email access is logged.

• Website, database, all log files are backed up nightly.

• Shared Drive is backed up nightly and archived to encrypted external drive.

Access to Information

• Role-based access

• Access rights (e.g., read only, read/modify) to web site, shared drive, and e-mail account is controlled depending on type of user (physician, health coach, participant, vendor/ISQ Solutions. Inc, technical support staff)

Disclosure

• No personal health information will be disclosed to any persons who are not employees or agents of the hospital.

Consent

• Patient/SDM consent is being obtained for the collection, use and/or disclosure of the information for the study.

Hosting and Environment

• LHSC Shared Drive is stored on a server in the LHSC Data Centre.

• Web Server is hosted by ISQ Solution Inc.

o Windows2008 server

o SQL2008 Database.

o IIS 7

o Backend access is via sftp or https.

• Email Server is hosted by ISQ Solution Inc.

o Windows2008 server

o Web Mail

• Secure web mail client available. (https)

Authentication

• All access requires an ID and password.

• No information is stored on the phone or workstation.

• All data accessible via email or web server and has no patient identifiers.

• System access is logged.