2015-04-10 User Manual Progeny

User Manual - Progeny ALS database
Prior to gaining access to the Progeny ALS database, the principal investigator of the participating ALS
research center/organization is required to sign a data sharing agreement to ensure confidentiality of
the data and prevent use of data without prior consent of the owner of the data. Each contributing
center remains owner of its own data including clinical data, biological samples and analyses of
biological samples.
This user manual will help first-time users of the Progeny ALS database in the context of the
EuroMOTOR project, the SOPHIA project, Project MinE, and any other future collaborative ALS
research projects. The manual shows how to open up the part of the database assigned to your
center/organization and, depending on your security level, how to create new individuals, input data,
and extract specific data for analysis.
There are two types of database users: ‘Researcher’ and ‘Assistant’. Assistants have read-and-write
access to the database and are the people who input all patient/control data. Researchers have readonly access to the database and can extract anonymous data only.
! Every Monday morning from 9.00 until 12.00 hrs the Progeny ALS database will be down for
maintenance and updates. Please do not try to enter the database during this time, thank you !
Logging in
 Open your internet browser and go to: euromotor.umcutrecht.nl (without ‘www’ )
If you encounter problems with opening the login-page (e.g. an “invalid response” message) please follow the
steps described in Appendix A to add this page to your ‘trusted sites’. This should resolve the problem.
 Log in using your username and password, which you can obtain by contacting the Progeny
admin
The homepage of the database will open, which looks like this:
2015-04-10 User Manual Progeny
1
This example shows what an Irish user would find: The folder Ireland and the subfolders 1 Clinical
Data IR, 2 EuroMOTOR IR and 3 SOPHIA IR. These folders (and the data that is put in) are only
accessible to the people in your center/organization (and to the persons with general database
administration rights – Hermieneke Vergunst and Barbara Thuss – ALS Centre The Netherlands).
In the upper right-hand corner of the screen it is possible to view and edit your user profile and to
sign out of the system:
Creating a new individual and adding data (Assistants only)
If you are an Assistant and want to start filling in data for an individual (patient or control) you first
have to create a new individual in the database in the folder 1 Clinical Data.
 Make sure the folder 1 Clinical Data is highlighted and click on ‘New Ind’ in the top left-hand
corner of the screen:
 A new screen will pop-up; Fill in the individual name. This needs to be an unique and
anonymous or coded name or number for the individual, it can also be the number of your
2015-04-10 User Manual Progeny
2
own database for example. Than indicate whether the individual is male or female, tick the
box that says ‘Open on save’ and click ‘save’.
(If needed we can always set up a second ID field to record any additional database system
number.)
 The template for the newly created individual (in this example the individual called ‘Test123’)
will open up and data can be added. The data will be saved automatically.
 Do make sure that the new individual does not already exist in the database, by for example
searching for the Individual ID first in the top right of the screen before creating the new
individual.
You will now also see that the newly created individual has been added to the folder 1 Clinical Data,
with an automatically assigned individual Global ID number (‘1626’):
This individual has also been automatically added to the other two folders (2 EuroMOTOR and 3
SOPHIA) in the database:
2015-04-10 User Manual Progeny
3
 You can also double-click on the new individual in any of the three folders and start filling in
specific data for this individual. The data will be saved automatically.
The data folders
Personal and core clinical data can be added in folder 1 Clinical Data. The data sheet in this folder
contains several tabs: Personal Data, Clinical Data, Genetic Testing, ALS-FRS-R, ECAS Cognitive, ECAS
Behaviour.
Under Personal Data, an Assistant is able to fill in and see non-anonymous data under the heading
‘Contact Details’ – this data is hidden from those logging in as Researchers:
Logged in as Researcher
Logged in as Assistant
The assistant can indicate in relation to which project data for this individual is assembled by ticking
the box for the appropriate projects (currently EuroMOTOR, SOPHIA, Project MinE and/or PYRAMID).
Extra ID’s can be filled in here as well.
For each individual entered into the Progeny ALS database, the data fields in the folder 1 Clinical
Data should be filled in as completely as possible, as a minimum.
When double-clicking an individual in the 2 EuroMOTOR folder, the data sheet for this project
appears. It has several tabs, following the standard CRF as defined in EuroMOTOR:
-
Basic Information
Biometrics
Ancestry
Residential History
2015-04-10 User Manual Progeny
-
Smoking History
Alcohol Consumption
Hormones
Medical History 1 & 2
4
-
Trauma/Injury
Other Hospitalization
Sport Drug Use
Prescription Drug Use
Parents, Brothers and Sisters
Uncles and Aunts
-
Disorders Parents and Grandparents
Disorders Father’s side
Disorders Mother’s side
Physical Activity
Occupations
When double-clicking an individual in the 3 SOPHIA folder, the data sheet for this project appears. It
has several tabs, one for each of the different subprojects within SOPHIA (e.g. Munix,
neuropathology). It also has a tab called Personal Data, which is a copy of the data filled in earlier in
the 1 Clinical Data folder, and only repeated here as a double check.
When filling in tables you always start with adding a row to the table (see button ‘Add Row’ in lower lefthand corner, or
right-click on the table and select ‘Add Row’).
The folder 4 Extra is currently empty, but has been added in case extra questions from your
center/organization need to be added to the database in the future.
Data extraction (mainly for Researchers)
Progeny allows extraction of specific data from individuals into a spreadsheet.
 Click on the arrow to the right of ‘Ind Spreadsheet’ in the top left-hand corner of the screen:
2015-04-10 User Manual Progeny
5
 Select ‘Build Spreadsheet’ (or if a spreadsheet format has been created already, select
‘Spreadsheet formats’).
 Select and drag the data fields you want to extract the data from to the ‘Type’/’Field’ area in
‘Columns’ on the right-hand side of the screen:
Data fields in Progeny
The data fields to select from are organized in 5 main folders: System fields, 01 General, 02 Clinical,
03 Projects and 04 Institutes:
2015-04-10 User Manual Progenypdf
6
There are some standard fields in the Progeny database which you can choose. They are in the folder
System Fields:
- Global ID: An unique number automatically given by Progeny to each new individual
- Individual Name: A unique number or name linking Progeny to your own system or database
- …
In the folder 01 General the data fields for contact details, date of birth and gender, and different
project numbers (EuroMOTOR, SOPHIA, etc.) can be found.
In the folder 02 Clinical the data fields for all core clinical data can be found (personal data, clinical
data, genetic testing, ALS-FRS-R and ECAS).
In 03 Projects the data fields specific to projects can be found, such as the data fields for EuroMOTOR
(CRF data fields) and SOPHIA (MUNIX data fields, neuropathology data fields, etc.).
In the folder 04 Institutes subfolders have been created for each center/organization (only visible to
that centre/organization), in which data fields specific to that centre/organization are assembled.
Sometimes, data has been collected in a table format, like for example the El Escorial data:
2015-04-10 User Manual Progenypdf
7
The data fields to select for data extraction can be recognised as follows when building the
spreadsheet:
2015-04-10 User Manual Progenypdf
8
The subfolder called ‘Tbl subfields’ can be ignored, these subfolders should never be used to extract
data from tables.
 Once the data fields have been selected (the order of which can still be adjusted by clicking
the green arrows on the right hand side of the box), one can also sort or query the data
output by adding the data fields to sort or query on to the boxes below and select the sorting
order or query type:
2015-04-10 User Manual Progenypdf
9
‘Add to sort’ or ‘Add to query’
 Query: It is possible to search for or select data export for only selected (multiple) individuals
in the database. One can search on for example Global ID numbers or date of birth, or on any
data field. The different ID numbers or dates of birth (mm/dd/yy) need to be separated by
comma’s. And the ‘operator’ should be selected. One can play with the operator key and
make all sorts of selections.
 Once the spreadsheet output has been selected, the spreadsheet format can be saved as a
standard, so it can be used again at a later stage:
2015-04-10 User Manual Progenypdf
10
 Click ‘Run’ to create the spreadsheet and obtain all the data.
 After obtaining the results you can still edit the again by clicking ‘Edit’:
 You can also count the number of results by clicking ‘Count’.
 You can export the results by clicking ‘Export’. In the pop-up box, specify the delimiter and
make sure that you tick the boxes ‘Include Column Headings’ and ‘Export One Row per
Individual’. The latter is to make sure that results from data tables are exported in one row
instead of in multiple rows:
Set-up of the main screen
On the start page of the database you can select to view a few useful standard identifiers of your
own choice:
2015-04-10 User Manual Progenypdf
11
 The individuals can be sorted or filtered using these identifiers by right-clicking on one
identifier and choosing an option
 One can easily add (or delete) identifier columns by right-clicking on a column, clicking
‘Add/insert column’ and selecting which data field to show from the list of input options:
Contact
For any functional or technical questions regarding the use of the Progeny ALS database, please
contact Hermieneke Vergunst or Bas Middelkoop by sending an email to h.vergunst@umcutrecht.nl
or b.m.middelkoop@umcutrecht.nl.
2015-04-10 User Manual Progenypdf
12
Appendix A
To open the login-page of the database, please follow the next steps to add the page to your ‘trusted
sites’ and try opening the page once more by typing https://euromotor.umcutrecht.nl in the Internet
Explorer (note the additional ‘s’!).
 Open Internet Explorer and go to Tools-Internet Options-Security
 Click the ‘Security’ tab and choose the ‘Trusted Sites’ icon
 Click on the button ‘Sites’. A window will open, where you can add any sites that you wish to
be in the trusted zone. Be sure to remove the check by the entry "Require server verification
(https:)...."
2015-04-10 User Manual Progenypdf
13
 Enter the site of interest in the line provided: http://euromotor.umcutrecht.nl. Site URLs can
be typed in directly or entered by copying and pasting. Note that it is not an https site and
that the appropriate box is unchecked. After entering the site click the "Add" button.
The site is now added to the list of trusted sites.
You can open the site by typing https://euromotor.umcutrecht.nl in Internet Explorer (note the
additional ‘s’!).
2015-04-10 User Manual Progenypdf
14
Progeny Database Security Statement
The Progeny system has clinical data security at its core and meets the robust compliance required by the US HIPAA
standards for managing sensitive clinical data (http://www.hhs.gov/ocr/privacy/). The WEB system separates the
application server that is exposed to the outside world and the database server that remains behind the UMCU firewall. All
data transferred between the database, WEB application and the outside world is encrypted and secured using SSL
connections (https).
Progeny Security Features
•
•
•
•
•
•
•
•
•
•
•
User identification and authentication: The User ID and encrypted password control who has database access.
Auditing: With two forms of auditing available, the Chain of Custody audit maintains a record of transactions
performed on the database, while the Field audit records the values that are updated, displaying old and new
values for every modification. Both audits time stamp each event with a date, time and User ID. In addition the
database engine has extensive auditing available in the form of log file operations.
Discretionary access control features: The actions that a user can carry out while connected to a database are
defined within the User ID.
User and user-class definitions: Users are assigned to class definitions to determine the roles and permissions
throughout the software. General permissions such as access to spreadsheets, the data warehouse, markers, and
form design are also assigned to the User ID.
Field level security: Class based security can be defined even at the field level. Roles and permissions can be setup
to determine what rights a given category of users has to modify or view data fields.
Folder level security: The ability to read, add, delete, and modify is controlled at the folder level. Security applies
to folders throughout the software including data field folders. This flexibility is ideal for SOPHIA, where one
group of users is not able to read or to modify another group's data. Folder level security makes it possible for
several institutions or groups to share a single database.
Database level security: The user can set the level of security on the database by restricting functions such as the
ability to add, delete, or modify an individual folder as well as the ability to add, delete, or modify a data folder.
Password expiration: Passwords have a forced expiration every 180 days after which they must be changed. The
new password is validated to not contain the old password.
Password naming conventions: Enforced passwords are required to be 6 characters long, contain both letters and
numbers, and cannot include the User ID.
External access protection: Access to the Progeny database from outside the Progeny application is restricted to
the Progeny administrator User ID.
Login auditing: Each login to the database is audited. The User ID, operating system, application, host name, login
date, and logout date are recorded for every successful and unsuccessful login.
Progeny Web Application Security Features
The Progeny Web Application depends on and builds on top of the security features available in the desktop application. To
protect the application against web-specific security vulnerabilities, a security layer was added with the following
protections:
• Server generated user tokens have expiry time
• SQL injection attack protections
• Treat all requests from internet as untrusted
• SSL encryption of all request progeny web application
• Cross site scripting protection
2015-04-10 User Manual Progenypdf
15
•
•
Strong public cryptographic algorithms
Measures against session stealing
The Progeny ALS database is set up behind a firewall. This ensures that any attack on the web server does not necessary
result in a direct compromising of the database since there will be another security layer for the attacker to get past.
2015-04-10 User Manual Progenypdf
16