What is REDCap?

REDCap (Research Electronic Data Capture) is a secure, web-based application for building and managing online surveys and databases in support of research studies and operational projects. It is designed to be flexible, easy to use, and compliant with regulatory requirements, including HIPAA.

Key Capabilities

  • Flexible Project Design – Create projects online with the Online Designer or offline with a “data dictionary” in Microsoft Excel. No advanced programming skills required.
  • Multiple Data Collection Methods – Capture data via online surveys, direct data entry, mobile apps, or printable PDFs for offline use. Supports both anonymous and identified data.
  • Secure, Web-Based Access – Build and manage projects from anywhere with secure authentication, encryption, and detailed logging.
  • Multi-Site Collaboration – Share projects across multiple sites and institutions with controlled permissions.
  • Fully Customizable Forms – Choose from various question types: text fields, multiple choice, rating scales, matrices, file uploads, and more.
  • Audit Trails – Track all data changes and user actions for transparency and compliance.
  • Automated Data Export – Export seamlessly to Excel, PDF, or statistical packages (SPSS, SAS, Stata, R).
    Advanced Features
  • Branching logic, calculated fields, file uploads, and data validation.
  • Built-in project calendar and scheduling tools.
  • Ad hoc reporting and data visualization options.
  • Multi-language management for surveys, forms, navigation, and system messages.
  • Secure messaging and survey invitations sent directly from REDCap.

Compliance & Security at UConn Health

HIPAA Capability & User Responsibility
UCH REDCap is a HIPAA-capable platform approved by UCH IT Security. While the system meets institutional security requirements, HIPAA compliance also depends on user practices. Project owners must ensure appropriate data collection and management—even for projects without high-risk data.
All UCH REDCap users are required to:

  • Complete institutional and federal regulatory training as determined by the IRB of record (e.g., CITI Courses, HIPAA training) – whether through UConn, UCH, or an approved external equivalent.
  • Follow Protecting High Risk Data guidelines regardless of the type of data collected.
  • Limit access to high-risk data and restrict exports in accordance with HIPAA and institutional policy.

Note: UCH REDCap is not 21 CFR Part 11–compliant and should not be used for FDA-regulated studies (e.g., IND, IDE, abbreviated IDE).


Hosting & Data Security
REDCap is hosted on-premise at UConn Health and jointly managed by Academic IT Services and the Clinical Research Center. All data is stored on secure UConn Health servers and protected using HIPAA-required safeguards, including:

  • Protection behind the IT Data Center firewall with controlled physical access.
  • Regular operating system and application patching/upgrades.
  • Role-based access control for projects.
  • Encryption of data in transit.
  • Daily system backups.
  • Routine audits of system events and logs.
  • Secure, encrypted remote access for off-campus users.

Contact Us

If you have any questions, please do not hesitate to reach out to us: redcap@uchc.edu.