Anonymous surveys

Can I use the Participant List to collect anonymous survey data from participants?

Technically, no. Data is not anonymous when collected using the Participant List, but it can be "coded" and "unidentifiable" to the project admins.

REDCap's user interface has two separate modules for (1) sending emails and tracking responders/non-responders [Participant List] and (2) viewing data/responses. Through the REDCap interface, there is no link between the modules and no connection between the email address entered and the responses collected unless you enter unique values into the "Participant Identifier (optional)" field. The Participant Identifier field links the email address to the survey responses.

To ensure the confidentiality of the data, REDCap tracks responses by attributing them to an email address. If the Participant List > Participant Identifier field is not used, and the project administrators are not privy to this information. Access to the association between the individual who took the survey and the survey responses is restricted in the database and can only be accessed by authorized privileged users(system engineers, database admins).

**Important to know: There is a link “behind the scenes” and REDCap / REDCap support personnel (system engineers, database admins) are acting as an “Honest Broker”: information is provided to investigators in such a manner that it would not be reasonably possible for the investigator or others to identify the corresponding patients-subjects directly or indirectly. REDCap holds the key to the code.

** If you truly need Anonymous Data, use the Public Survey Link.

For the Participant List, the identifying emails can be forever stripped from the data with no way for anyone to go back and find out the identity of the individual from whom the data was obtained. No re-identification is possible if you do the following:

  1. Export a copy of the REDCap dataset (so you have a copy of the data + date/time stamps if needed for future reference)
  2. EXPORT LIST for the Participant List to Excel
  3. REMOVE ALL PARTICIPANTS from the Participant List. This will delete all links between the email addresses and data collected, INCLUDING survey date/time stamps. The date/time entered is still available in the Logging module.

This ensures that identities cannot be reversed engineered in REDCap.

**If data collection must be anonymous in "real-time", then the Participant List should NOT be used. Use the Public Survey Link to collect anonymous survey data.

It is recommended that you keep access to the Survey Distribution Tools tool restricted since a small number of respondents would be easily identifiable from the Participant List and the Add / Edit Records pages.

Additional guidelines to help you collect unidentifiable coded survey data:

Multiple Surveys: Be mindful that projects with multiple surveys present potential challenges to anonymous data collection.

Only participants that answer the first survey will be able to respond to the follow-up surveys. If you wish to collect additional surveys for the non-responders, you will need to create additional REDCap projects with the follow-up surveys or you may have to open the survey using the link provided and save the survey without data (issue will be required fields).

LACK OF DATA MAY INADVERTENTLY IDENTIFY PARTICIPANTS: If you are using the Participant List to send 3 surveys, a scenario may arise in which a high number of subjects respond to the first 2 surveys and only 1 or 2 subjects respond to the last survey.

As you know, each exported record will contain a subject's response to all of the survey questions. In this scenario, you will need to be aware that the lack of data for the third survey can inadvertently identify a subject's identity and his/her responses to all prior surveys.

For this reason,

1. Do not EXPORT any of the project data until the survey in question is completed and closed.

2. Before exporting survey data:

  • Review the number of responses (for each survey in the project) and make a judgment as to whether or not enough responses have been received to ensure that subject identities can remain unidentified. This is particularly critical when using the Participant List, as this list will identify the individuals who have responded. A low count of responses could be problematic. Take care to ONLY export and view data from surveys that have a suitable number of responses. For example, if only one response has been received (and the Participant List identifies that jsmith@yahoo.com<mailto:jsmith@yahoo.com> has responded), you will know that this single response belongs to that subject.
  • Only export the data associated with a closed survey (both single and multi-survey projects). Once data has been exported, no further responses should be received or allowed.

Also note: Projects containing data entry forms and surveys cannot be considered anonymous. Manually entered data needs to be identified by the team to be properly associated and linked with survey responses.


Is there any tool to deter spam bot access to public surveys?

REDCap provides a reCAPTCHA tool that can deter spam bot access to public surveys in REDCap version 8.11.0 and above

This feature allows users to utilize the Google reCAPTCHA functionality to help protect public surveys from abuse from “bots”, which are automated software programs that might enter trash data into surveys. This feature must first be enabled by an administrator for the entire server. If your administrator has enabled it for use on your REDCap, you can choose to enable the Google reCAPTCHA functionality on the Public Survey page in your project. Once this is done, the public survey will display the reCAPTCHA checkbox and “I’m not a robot” text on a survey page before allowing the participant to view the public survey. This feature is not employed on any private survey links because those are unique to a record and thus would never be made publicly available as a public survey link would.

A survey participant will never have to pass the reCAPTCHA test more than once per day on a given device/computer.