No, GlobalSurg cohort studies are unfunded. Our studies are put together purely through enthusiasm, goodwill and collaborative effort! We are unable to help source funding for costs incurred. There is no charge for participation in our study. Apart from the requirement for internet access, the main resource required for our study is your time.
How long will be data be stored for, and how will it be disposed of? Katie Shaw
Data will be held for duration of analysis in line with standard NHS best practice. Data will eventually be deleted from shared server space and all backup will eventually be permanently removed from storage using robust secure data disposal methods. Briefly, data will be overwritten with random data to ensure complete data clearance.
How will data be analysed? Katie Shaw
REDCap is being provided by the department of Clinical Surgery at the University of Edinburgh and is hosted within the University of Edinburgh Virtual Machine architecture which is physically secured. “At rest” encryption is in place on the database server. Access control is achieved by directly administered usernames and passwords, with limitation of collaborator access to institution-specific data. Passwords are stored as an encrypted one-way hash of the password. Accounts are disabled after 5 failed login attempts. Users are auto logged out after 30 minutes of no activity. Users are forced to change password after 90 days. Daily audit tracking of users is in place.
Data is protected by being stored in MySQL databases on a separate server. This server is behind a firewall and can only be accessed from the IP address of the web server. An SSL-tunnel encrypts communication between the web and databases servers. File upload is secured between servers using the WebDAV protocol with SSL. “At rest” encryption is in place on the database server (aes-xts-plain64:sha256 with 512-bit keys). Operating security updates are installed automatically. Antivirus software runs to a scheduled protocol on the web server.
REDCap has a built-in audit trail that automatically logs all user activity and logs all pages viewed by every user, including contextual information (e.g. the project or record being accessed). Whether the activity be entering data, exporting data, modifying a field, running a report, or add/modifying a user, among a plethora of other activities, REDCap logs all actions. The logging record can itself be viewed within a project by users that have been given privileges to view the Logging page. The Logging page allows such users to view or export the entire audit trail for that project, and also to filter the audit trail in various ways based upon the type of activity and/or user. The built-in audit trail in REDCap allows administrators to be able to determine all the activity and all the data viewed or modified by any given user. Audit trail data will be analysed and any problems will be initially raised internally to the University of Edinburgh Information Services, before contacting the Scottish National Caldicott Guardian scrutiny panel.
For those with intermittent data access, paper forms will be provided with matching fields that can be printed and used. These must be held securely to conform with the local hospital data security policy, and then uploaded as soon as possible to the website.
How will data be collected? Katie Shaw
Data will be collected via a secure online system run by University of Edinburgh using REDCap software, used under licence from Vanderbilt University (Nashville, Tennessee, USA; Project REDCap). REDCap is used in by 2683 active institutional partners in 117 countries around the world to securely gather research data. This system is designed specifically around US Health Insurance Portability and Accountability Act (HIPAA) security guidelines.
What patient/personally-identifiable data will this study collect, and why? Katie Shaw
Our protocol outlines our intention to use the patient-identifiable variables of age, gender and patient identification number. Age of the patient is essential to meaningful interpretation of data. We believe this poses less risk of inadvertent patient identification than collecting date of birth. Gender is an essential prerequisite for meaningful analysis of our data and carries negligible risk of inadvertent patient identification. Patient identification numbers are necessary for local data collectors to be able to accurately identify patients on their dataset (for example, to add new information to that patient’s details). See the technical details FAQs for assurance of data security.
In the UK, the processing of this patient-identifiable data is lawful according to the Data Protection Act (1998) as it meets the following Schedule 2 condition: (6) “legitimate interests pursued by the Data Controller or the third party” and the following Schedule 3 condition: (8), “processing is necessary for “medical purposes…includes the purposes of medical research…”.
Approvals Outside the UK Katie Shaw
Collaborators are individually responsible for ensuring that all normal processes of study approval are correctly followed. Collaborators will be asked to confirm that permissions are all obtained before commencing data collection and submission. As above, this study is best regarded as a global audit; we are collecting data that is already available routinely, and are not making any change to normal care.
Approvals might be sought from local clinical audit departments, research departments or institutional review boards, depending on local regulations. It is appreciated that centres in some countries will not have a formalised review process, in which case written permission should be obtained from the next best available source, such as a chief of surgery, or supervising consultant/attending surgeon.
All approvals should be sought at the earliest possible opportunity as they make take some time to obtain. Further FAQs on technical details are supplied below and protocol details should also be referred to in local approvals.
Approvals Within the UK Katie Shaw
Within the UK, GlobalSurg 3 was assessed by the South East Scotland Research Ethics Service who defined the study as audit (reference NR/161AB6 ), therefore it was not necessary to obtain full NHS ethical review. UK collaborators still need to obtain local NHS Trust/Board and consultant approval. Collaborators based in England, Wales and Northern Ireland should also check with their hospital about whether they require local Caldicott Guardian approval for information transfer. The information about data security, anonymity and the ethical review to support this can all be found in the current protocol and in the FAQs in the technical section. Scotland-wide Public Benefit and Privacy Panel for Health and Social Care approval has been granted.
All approvals should be sought at the earliest possible opportunity as they make take some time to obtain.
Are there any circumstances in which my data will not be included? Katie Shaw
To preserve the data quality, we will only accept completed datasets from your hospital if you have submitted ALL consecutive relevant operations undertaken during your chosen data collection period. Case ascertainment will be verified during a data validation study
We will also only include datasets where at least 95% of the data is complete.
Will I have ongoing access to the data which I submit from my own institution? Katie Shaw
Throughout the data collection period, collaborators will be able to access the data they submit from their own institution, via the REDCap system. Access will end automatically shortly after the data collection period closes. However, access will be reinstated at any time on request and collaborators can download their own data to analyse as they wish.
What if my institution has lots of complications during the short data collection period? Is there a possibility that I could cause embarrassment to my hospital or country? Katie Shaw
It will not be possible to identify individual surgeons, institutions or countries within the final published results. You should submit your data regardless of how well or poorly you think you have performed, or how results may have been affected by external circumstances. Our studies intends to describe surgery as it actually happens in real life!
Is my hospital eligible to participate? What if we undertake very few cancer surgery cases? Katie Shaw
Any hospital performing surgery for breast, gastric or colon cancer is eligible to participate, regardless of size, location, specialization or funding sources. In order to participate, you must submit ALL consecutive eligible cases that are undertaken within your chosen data collection period. As long as this means that at least one case is undertaken during this period, you will be able to submit this data and be fully acknowledged for your contribution.
There are lots of clinicians keen to contribute to this study at my hospital – is authorship limited to a maximum number of collaborators? Katie Shaw
Our protocol specifies a maximum of 3 collaborators per team. However, if there are more clinicians or students keen to participate at your hospital, it is possible to submit data for more than one data collection period, with different teams for each period – please note the data collection periods must not overlap
Do patients need to consent to use of their data? Katie Shaw
Within the UK, this is not required since this study has been classed as an audit and does not require any change to routine care. We do not think it likely that patient-level consent will be necessary in other jurisdictions, but the advice of local authorities should be followed.