REDCap resides in a HIPAA compliant (21-CFR-11) protected space within the University of Utah Center for High Performance Computing (CHPC). The production and development servers use encrypted drives and the web server, which provides access to REDCap forms, reports and other data applications, resides outside of the CHPC protected space. Data access between the database and the web server is encrypted and restricted to a monitored port. All REDCap data, which is displayed or captured by the user interface, is encrypted using 128bit Secure Socket Layer (SSL) technology. Within REDCap all data transactions including inserts, updates, deletions, import/export and reporting are logged.