Customize Your Path

Select all of the following that apply to you and your research project to tailor the topics and resources displayed. Your selections will persist every time you access the site on the same device, until you change or reset the selections.
Your role:
Project inclusions:
Project sponsor or funding:
(seeking funding from or have already secured funding from)
Project managed by:
Subtopic

Research involving apps, websites, and wearables

Need assistance with apps, websites, or other technologies?

Since technologies are constantly evolving, it can be difficult to navigate all that is needed for research studies that involve web or mobile apps, websites, or wearable devices. Researchers should expect to be engaging with various offices to determine technical, financial, and contractual feasibility of the plan. In order to be as prepared as possible, use the guidance in the accordions below to help you navigate the challenges.

After reading the guidance below, engage the appropriate consultation service, available in the "Related Resources" section of this page under Consultations and Help.
If your research involves a mobile or web app

Before you get too far, here are things you need to know or have when having early conversations with support groups at Duke:

BASIC CHECKLIST

  • Who is paying for the app development? 
  • Who will build the app?
    • If not Duke, do you know if this is an approved vendor? [If not, expect the process to take longer!]
  • Has the app previously been reviewed by either of the Duke Information Security Offices? 
  • How (or will) will the app be used by research participants?
  • Where will the app live? (personal device, sponsor device, cloud hosted, etc.)
  • What kinds of device permissions will be required? (e.g., access to the camera, microphone, storage, etc.)
  • Who will maintain the app after it launches?  Has that been budgeted?
  • Will you be collecting and/or transmitting data with the app?
    • Where will the data be stored?
    • Are you subject to any specific regulations (HIPAA for patient data, FERPA for student data, etc.)?
    • How will the data be transmitted?
  • Will the app be Duke branded?

DOCUMENTS TO HAVE AVAILABLE

If your research involves a website

Before you get too far, here are things you need to know or have when having early conversations with support groups at Duke:

BASIC CHECKLIST

  • Who is paying for the website development? 
  • Who will build the website?
    • If not Duke, do you know if this is an approved vendor? [If not, expect the process to take longer!]
  • Has the ISO or ITSO run a security scan on the website?
  • How will participants access the website?  Is it secured in some way?
  • Where will the website be hosted?
  • What kinds of permissions will be allowed?
  • Who will maintain the website after it launches?  Has that been budgeted?
  • Will you be collecting and/or transmitting data to/from the website?
    • Where will the data be stored?
    • Are you subject to any specific regulations (HIPAA for patient data, FERPA for student data, etc.)?
    • How will the data be transmitted?  Does it need to be protected?
  • Will the website be Duke branded?

DOCUMENTS TO HAVE AVAILABLE

If your research involves wearable or other technologies

Before you get too far, here are things you need to know or have when having early conversations with support groups at Duke:

BASIC CHECKLIST

  • If this is a medical device, have you engaged ORAQ and/or Engineering?
  • Who purchased the wearable or technology (e.g., is it participant-owned, purchased by Duke, purchased by sponsor, etc.)?
  • Who is responsible for maintaining the wearable or technology? Are regular security updates available?
  • How will the wearable or technology be set up?  By whom?
  • What kinds of permissions will be allowed?  Does the wearable access personal devices (e.g., the participant’s phone or watch?)
  • Will you be collecting and/or transmitting data to/from the wearable or technology?
    • Where will the data be stored?
    • Are you subject to any specific regulations (HIPAA for patient data, FERPA for student data, etc.)?
    • How will the data be transmitted?  Does it need to be protected?

 

DOCUMENTS TO HAVE AVAILABLE