REDCap: Identifiers
What Fields Should Be Marked as Identifiers in REDCap?
Each data field that could be considered a PHI identifier should be marked as an identifier in REDCap. Note this may differ from what is considered identifying or sensitive information for other aspects of your project (such as IRB approval.)
The following data elements should be considered potential identifiers per UW-Madison KnowledgeBase:
- Dates (all elements of dates (except year) related to an individual. This includes dates of admission, discharge, birth, death. For individuals over 89 years old, the year of birth must not be used)
- Names (this includes parts of names, such as initials)
- Geographic subdivisions smaller than a state (including town, city, and zip code)
- Phone numbers
- Fax numbers
- Email addresses
- Social security numbers (includes parts of SSNs, e.g. last 4 digits, and scrambled SSNs)
- Medical record numbers
- Health plan beneficiary numbers
- Account numbers
- Certificate/license numbers
- Vehicle identifiers and serial numbers, including license plate numbers
- Device identifiers and serial numbers
- Web Universal Resource Locators (URLs)
- Internet Protocol (IP) address numbers
- Biometric identifiers (including finger and voice prints)
- Full face photographic images and any comparable images
- Note that subject ID or Record ID numbers should not be checked as identifiers. These numbers might be the only way to distinguish a record for users that export data and/or don’t have access to identifiers (per project specific permissions)
How to Mark a Field as an Identifier in REDCap
Marking Identifiers Using the Online Designer
If you are building an instrument using the Online Designer, you can mark a field as an identifier when you add it. Select that that the field is an identifier on the left side of the "Add New Field" pop-up window when you are adding or editing a field.
Using the "Check for Identifiers" Tool
You can use this tool when your project is in development mode, or while it is in draft mode before you submit changes for approval. This tool automatically checks the names and descriptions of your data fields to look for common keywords that indicate an identifier.
To use this tool, make sure your project is in Development mode or draft mode (for projects that are already in Production.) Navigate to "Project Setup" and the "Design your data collection instruments" box. There will be a small link under the buttons for Online Designer and Data Dictionary.
The Check for Identifiers tool will bring up a checklist of all the fields it has found that may contain identifiers. If the checkbox is already checked, the field has been marked as identifier. You can edit the identifier designation from this page by checking or un-checking the boxes. Make sure to save your changes with the "Update Identifiers" button at the bottom of the page.
Using the data dictionary
You can mark identifiers when setting up or editing your project using the data dictionary. Your project's data dictionary will have a column labeled 'Identifier.' Mark fields as identifiers by changing the value to "Y" in this column.
What is the impact of marking fields as identifiers in REDCap?
Important! When a field is marked as an identifier in REDCap, this only restricts access when data is exported!
Users who have "Read" or "View & Edit" access to an instrument will still be able to see data entered into fields marked as an identifier. This is true even if their export privileges only allow them to export de-identified data. For most projects, simply marking a field as an identifier in REDCap should not have significant impacts on how users interact with data in your REDCap project.
How to restrict user access to identifiers in REDCap
User Rights - RECOMMENDED
The only way to restrict users from viewing (on forms & reports) and exporting identifier data is to segregate identifier fields within one or more instruments. Then using User Rights access, a user's access to those forms should be set to 'No Access (Hidden)' data viewing rights and either 'No Access' or 'De-Identified' data export rights.
Restricting Individual Fields (viewing on forms ONLY):
To restrict view of individual fields within a data collection form you can use one of the two following methods which use Smart Variables.
Restricting access to individual fields within a REDCap data collection instrument DOES NOT prevent access in any reports a user has access to or to export the data in those fields. This includes, but is not limited to, viewing the full data set.
- Branching Logic
- Apply advanced branching logic to check for specific usernames or roles using Smart Variables
- Example: [user-role-label]="Data Entry Coordinator" or [user-name] <> "bbadger4"
- Example: [user-role-label]="Data Entry Coordinator" or [user-name] <> "bbadger4"
- Apply advanced branching logic to check for specific usernames or roles using Smart Variables
- Action Tags
- Apply Action Tags to check for specific usernames or roles using Smart Variables
- Example: @IF([user-role-label]="Data Entry Coordinator", @HIDDEN, '')
- Example: @IF( [user-name] = "bbadger4", @HIDDEN, '')
- Apply Action Tags to check for specific usernames or roles using Smart Variables
Restrictions based on different permission settings
Permission Set | Access Instrument Fields During Data Entry | Access Reports | Allowed Exports |
Instrument Viewing - No Access | |||
Instrument Export - No Access | |||
Instrument Export - De-Identified |
|
||
Fields Hidden via Action Tags | |||
Fields Hidden via Branching Logic |