diff --git a/.gitignore b/.gitignore
index dc638be..87ea9dc 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,3 +8,5 @@ spell_check_results.tsv
.RData
.httr-oauth
docker/git_token.txt
+docs/*
+.RProj.user/
diff --git a/03-data_management.Rmd b/03-data_management.Rmd
index 011f3e2..821a510 100644
--- a/03-data_management.Rmd
+++ b/03-data_management.Rmd
@@ -10,12 +10,161 @@ ottrpal::set_knitr_image_path()
## Learning Objectives
+```{r, fig.align='center', echo = FALSE, fig.alt= "Learning Objectives: Learning Objectives: 1. Understand the clinical data handling process and how to choose clinical data handling tools, 2. Explain privacy considerations for clinical data, 3. List major regulations and regulatory bodies for clinical data, 4. Describe different types of documents used when working with clinical data", out.width="100%"}
+ottrpal::include_slide("https://docs.google.com/presentation/d/1ivDTcLjb2078O0GemkSeCgC1jmxk4fMsiFQaPaer9mQ/edit?slide=id.g3edc229d226_1_0#slide=id.g3edc229d226_1_0" )
+```
+
## Clinical data handling tools
-## Importance of keeping clinical data safe
+Clinical research relies heavily on the collection, processing, analysis, and management of data. Efficient and effective data handling is crucial to ensure the integrity, reliability, and validity of clinical trials and studies. Selecting the right tools for handling clinical data is a critical step in the research process. This section defines data handling in the context of clinical research and contrasts it with data quality, discusses the importance of privacy, provides a comprehensive guide on how to find suitable clinical data handling tools with a focus on open-source options, and emphasizes the importance of testing data handling methods using dummy data in the preliminary phases of a clinical trial.
+
+### Clinical data handling
+
+**Clinical data handling** involves the processes and tools used to collect, manage, store, process, and share clinical data in a way that maintains its integrity, security, and usability. It encompasses a range of activities, including:
+
+- Data Collection: Gathering data from various sources such as case report forms (CRFs), electronic health records (EHRs), patient surveys, and laboratory results.
+- Data Storage and Management: Safely storing data in databases or data warehouses and managing access to ensure that only authorized personnel can interact with the data.
+- Data Cleaning and Processing: Ensuring data consistency, accuracy, and completeness by detecting and rectifying errors, missing values, and inconsistencies.
+- Data Analysis: Using statistical and analytical tools to generate insights from the data that can inform clinical decisions and study outcomes.
+- Data Sharing and Reporting: Providing access to data for collaborators, regulators, or stakeholders in a secure and controlled manner and generating reports that summarize findings.
+
+The goal of effective data handling is to ensure that data is accurate, reliable, and available when needed, while also protecting patient privacy and complying with regulatory standards.
+
+#### Data quality vs data handling
+
+Data quality and data handling are closely related but distinct concepts in clinical research.
+
+- **Data Quality**: Refers to the accuracy, completeness, consistency, and reliability of data. High-quality data is essential for producing valid and reliable research outcomes. It involves processes such as data validation, error checking, and quality control measures.
+- **Data Handling**: Encompasses the broader scope of managing the data lifecycle, from collection and storage to processing, analysis, and sharing. While data quality is a component of data handling, the latter also involves aspects like data security, access management, and regulatory compliance.
+
+Both data quality and data handling are critical for ensuring the integrity of clinical research. Data handling tools must support high data quality standards through features like automated data validation checks, error reporting, and data cleaning functions.
+
+### Selecting clinical data handling tools
+
+Choosing the right tools for clinical data handling depends on several factors, including the study's size, complexity, data types, regulatory requirements, and budget. Clinical data studies will often utilize multiple tools (e.g., at least one for data collection and another for data analysis). Depending on what stage the study is in, researchers may not need to choose tools for all or certain aspects of the clinical data handling process, for example because data collection may have already occurred. Key considerations include:
+
+- **Compatibility and Integration**: The tool should be compatible with existing data systems and workflows, allowing for seamless integration of data from multiple sources.
+- **Scalability**: The tool should be able to handle the volume of data expected in the study and scale as the study progresses.
+- **User-Friendliness**: A user-friendly interface can reduce the learning curve for researchers and data managers, improving efficiency and reducing errors.
+- **Regulatory Compliance**: The tool should comply with relevant data privacy and security regulations to protect patient data.
+- **Support and Documentation**: Adequate support, including user manuals, tutorials, and customer service, is essential for troubleshooting and maximizing the tool's potential.
+- **Institutional Support**: Your institution may have policies, regulations, or recommendations about which tools can be used—particularly when working with clinical data. Institutions often provide licenses or access to specific tools (for example, an institutional REDCap consortium membership), as well as varying levels of support through scientific staff, data offices, or training programs.
+- **Established Practices in the Field**: Choosing tools that are widely used and accepted in your field is often a safe and effective option. Although newer or less common tools may offer advantages, using them may require additional justification to explain why they are suitable for your specific use case.
+
+Research teams should conduct thorough evaluations, including reading reviews, seeking recommendations, and conducting pilot tests, to identify the best tool for their specific needs.
+
+#### Open source options
+
+Open-source tools provide a cost-effective and flexible alternative to proprietary software for handling clinical data. These tools are often developed and maintained by vibrant communities and can be customized to fit specific research needs.
+
+Advantages of open-source tools include:
+
+- They are typically **free to use**
+- They provide **transparency** by allowing users to review the codebase for security and compliance
+- They can be **modified** to meet unique requirements
+- They often have strong **community support**, which can be valuable for troubleshooting and enhancing functionalities.
+
+Examples of popular open-source data handling tools include:
+
+- **REDCap**: A secure, web-based application for building and managing online surveys and databases, widely used in clinical research for data collection and management.
+- **OpenClinica**: An open-source clinical trial software that supports data capture, management, and analysis, compliant with regulatory standards like FDA requirements for electronic data (FDA 21 CFR Part 11).
+- **KNIME**: A data analytics, reporting, and integration platform that can be used for data cleaning, processing, and analysis, with extensive capabilities for machine learning and data visualization.
+- **R and Python**: These programming languages offer powerful libraries and packages (such as the `tidyverse` for R, and `pandas` and `NumPy` for Python) that support a wide range of data handling and analysis tasks.
+
+Each of these tools carries their own idiosyncratic pros and cons. For example, KNIME is a code-free analytical platform that may be ideal for students or new analysts to get comfortable with data processing and management. However, KNIME is not easily scalable, so it may not be ideal for large or multi-site projects. REDCap is a highly scalable and customizable survey and data collection platform, and has robust capability for data quality checks. While it offers some basic statistical and data visualization tools, and has APIs to allow for real-time analytics in other platforms (R, C#, cURL, etc.), it is not capable of advanced statistical modeling or more sophisticated analyses that are possible with R and Python. Additionally, REDCap licensing limits it to non-profit institutions (and other potentially limiting requirements), so this should be investigated before plans are made to use the environment. REDCap and R both allow for regulatory compliance. The FDA has issued [guidance](https://www.r-project.org/doc/R-FDA.pdf) on using R for clinical trials. REDCap can be configured to support compliance with the FDA 21 CFR Part 11, HIPAA, and GDPR.
+
+While open-source tools are beneficial, it is essential to ensure they are secure, well-maintained, and compliant with relevant privacy and regulatory standards.
+
+When moving between multiple data handling tools, it is important to consider interoperability. As an example, REDCap and R play very nicely together via API tokens, but this may not be true of all electronic data capture systems or databases. The sharing, integration and redistribution of data between systems - whether internally or externally - needs to be carefully planned, tested, and documented.
+
+### Testing data handling tools
+
+Before implementing data handling methods in an actual clinical trial, it is crucial to run tests using **dummy data**. This step ensures that the data handling process is robust, efficient, and free from errors across different conditions, without risking sensitive patient information.
+
+- **Creating Realistic Dummy Data**: Dummy data should mimic the real data in terms of format, structure, and complexity. It should include various scenarios (e.g., missing data, outliers, data entry errors) to test the system's error-handling capabilities.
+- **Simulating the Full Data Handling Workflow**: The process should involve every stage of data handling, from data collection and entry to storage, cleaning, analysis, and reporting. This comprehensive simulation helps identify potential issues early, such as data loss, security vulnerabilities, or errors in data processing algorithms.
+- **Refining and Optimizing Data Handling Methods**: Based on the findings from dummy data tests, researchers can refine their data handling protocols, such as their survey instruments or case report forms, adjust tools and settings, and optimize workflows to ensure smooth operations when real data is introduced.
+
+Testing with dummy data provides an additional layer of quality assurance and helps build confidence in the data handling process before the clinical trial begins.
+
+#### How to Generate Dummy Data
+
+There are several ways to simulate data to use for testing.
+
+- Write a script that uses a probabilistic modeling framework to create a dataset with values that mimic what you expect to find. There are also R packages that can help with this task, such as [`simstudy`](https://cran.r-project.org/web/packages/simstudy/index.html). After you simulate data, can also remove data or add errors that might occur in your real data collection process
+- If you are using a case report form to collect data, you could answer questions several times to create a dataset, and then continue through the data handling pipeline
+- In some scenarios, you could start with a real dataset that is publicly available and de-identified, and then directly use that data or sample from that data, adding missing data and errors that might occur in your data generation process
+
+### Conclusion
+
+Effective clinical data handling is fundamental to the success of clinical trials and studies. Selecting the right tools requires careful consideration of privacy, regulatory compliance, open-source versus proprietary options, and the specific needs of the study. Understanding the difference between data quality and data handling is crucial, as both are essential for ensuring the validity and reliability of research outcomes. Running preliminary tests using dummy data is a critical step in validating data handling methods, ensuring that the chosen tools and processes are robust, secure, and efficient. By following these guidelines, researchers can enhance data management practices, protect patient privacy, and achieve meaningful and reliable clinical research outcomes.
+
+## Privacy considerations for clinical data
+
+Privacy is a fundamental consideration in clinical data management, given the sensitive nature of the information involved. Clinical data often contains personally identifiable information (PII) or personal health information (PHI), which must be protected to comply with privacy regulations such as the [Health Insurance Portability and Accountability Act](https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html) (HIPAA) in the United States, the [General Data Protection Regulation](https://gdpr.eu/what-is-gdpr/) (GDPR) in the European Union, and other regional laws. More information about PII and PHI can be found in [this course](https://hutchdatascience.org/Ethical_Data_Handling_for_Cancer_Research/data-privacy.html) about ethical data handling.
+
+When selecting data handling tools, it is crucial to prioritize those that offer comprehensive privacy features to safeguard sensitive information and maintain public trust in clinical research.
+
+- **Data Anonymization and De-identification**: One of the primary methods to protect privacy is to anonymize or de-identify data, removing or encrypting any information that could directly or indirectly identify an individual.
+- **Privacy-Preserving Record Linkages**: In scenarios where data from multiple sources need to be linked without compromising individual privacy, privacy-preserving record linkage techniques are essential. These methods enable the integration of datasets by matching records in a way that minimizes the risk of re-identification. Techniques such as secure multi-party computation, homomorphic encryption, and differential privacy can be employed to ensure that the linkage process itself does not expose sensitive information.
+- **Access Control and Encryption**: Tools should support robust access controls, ensuring that only authorized users have access to the data. Encryption should be used for both data at rest and data in transit to prevent unauthorized access.
+- **Compliance and Auditing**: Tools should facilitate compliance with regulatory standards and provide auditing capabilities to track data access and usage.
## Government regulators
+Clinical data is governed by several different types of regulations. In this section, we will review some of the major regulatory frameworks and organizations.
+
+### Health Insurance Portability and Accountability Act (HIPAA)
+
+The [Health Insurance Portability and Accountability Act](https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html) (HIPAA), regulated by the U.S. Department of Health and Human Services (HHS), establishes national standards to protect individuals’ medical records and other personal health information. It applies to health plans, healthcare clearinghouses, and healthcare providers that conduct certain healthcare transactions electronically. The HIPAA Privacy Rule requires appropriate safeguards to protect the privacy of protected health information (PHI) and sets limits on the uses and disclosures of such information without patient authorization.
+
+### Food and Drug Administration (FDA)
+
+The U.S. [Food and Drug Administration](https://www.fda.gov/regulatory-information/fda-rules-and-regulations) (FDA) regulates the safety, efficacy, and security of human and veterinary drugs, biological products, medical devices, food, cosmetics, and products that emit radiation. The FDA’s regulations ensure that clinical trials are conducted ethically and that data collected is reliable and accurate. This includes oversight of clinical trial protocols, informed consent, and reporting of adverse events.
+
+### General Data Protection Regulation (GDPR)
+
+The [General Data Protection Regulation](https://gdpr.eu/what-is-gdpr/) (GDPR), governed by the European Union (EU), is a comprehensive data protection law that governs the collection, processing, storage, and transfer of personal data within the EU. It aims to enhance individuals’ control over their personal data and simplify the regulatory environment for international business. GDPR applies to any organization that processes the personal data of EU residents, regardless of where the organization is based. Key provisions include the right to be forgotten, data portability, and mandatory breach notifications.
+
+### Honest brokers
+
+Honest brokers act as neutral intermediaries between the data source and researchers, typically regulated by Institutional Review Boards (IRBs) or equivalent bodies. They are responsible for de-identifying data to ensure that researchers cannot trace the data back to individual patients. Honest brokers must complete specific training, such as Collaborative Institutional Training Initiative (CITI) Research Ethics and HIPAA training, before accessing data. They play a crucial role in maintaining the confidentiality and integrity of clinical data.
+
## Documentation
-## Conclusion
\ No newline at end of file
+In data management, several types of documentation are frequently encountered, each serving a specific purpose throughout the lifecycle of a research project. These documents are crucial for ensuring data integrity, regulatory compliance, and effective project management.
+
+### Data Management Plan
+
+A Data Management Plan (DMP) outlines how data will be handled during and after a research project. Typically created at the beginning of a project, it is stored in project documentation repositories or institutional databases. Often required by funding agencies, a DMP may include plans for testing with dummy data to ensure data integrity. The importance of a DMP lies in its role in planning and managing data throughout the project, ensuring that data is handled consistently and [responsibly](https://www.tableau.com/learn/articles/what-is-data-management).
+
+### Statistical Analysis Plan
+
+The Statistical Analysis Plan (SAP) details the statistical methods and analyses to be performed on the collected data. Developed before data analysis begins, it is stored with project documentation or in electronic lab notebooks. Essential for clinical trials and other research requiring rigorous statistical analysis, the SAP may involve testing statistical methods on dummy data. The SAP is crucial for maintaining the integrity and reproducibility of statistical [analyses](https://www.questionpro.com/blog/data-documentation/).
+
+### Standard Operating Procedures
+
+Standard Operating Procedures (SOPs) provide detailed instructions on how to perform specific tasks or processes. Used throughout the project lifecycle, they are stored in organizational repositories or document management systems. SOPs are often required for regulatory compliance and may include procedures for testing with dummy data. The importance of SOPs lies in their ability to standardize processes, ensuring consistency and compliance with regulatory [requirements](https://managing-qualitative-data.org/modules/2/a/).
+
+### Data Use Agreements
+
+Data Use Agreements (DUAs) define the terms and conditions for data sharing and use. Encountered before data is shared with external parties, they are stored in legal or administrative offices. DUAs are required when sharing data with external collaborators but are typically not directly related to dummy data. DUAs are important for protecting data privacy and ensuring that data is used [appropriately](https://www.ibm.com/topics/data-compliance).
+
+### Data Sharing Agreements
+
+Data Sharing Agreements (DSAs) specify the terms for sharing data between organizations. Encountered prior to data sharing, they are stored in legal or administrative offices. DSAs are necessary for formalizing data sharing arrangements and generally do not relate to dummy data. The importance of DSAs lies in their role in facilitating collaboration while protecting data integrity and compliance with legal [requirements](https://atlan.com/know/data-governance/data-compliance-management/).
+
+### Documentation across the span of a project
+
+These documents are encountered at various stages of a project, from planning (DMP, SAP) to execution (SOP) and data sharing (DUA, DSA). They are typically stored in project documentation repositories, institutional databases, or document management systems, with access restricted to authorized personnel. Not all documents are required for every project; their necessity depends on the project’s scope, regulatory requirements, and institutional policies. Some documents, like the DMP, SAP, and SOP, may include provisions for testing with dummy data to ensure data integrity and validate processes.
+
+To ensure compliance with these documents, organizations should implement robust data governance frameworks that include regular audits, training programs, and clear policies and [procedures](https://teamhub.com/blog/document-management-compliance-2/). Standardized templates for these documents are often available from funding agencies, regulatory bodies, or institutional guidelines, helping to ensure consistency and compliance with best practices. It’s best to ask before starting any document to ensure the correct format is used.
+
+For further reading, consider the following resources:
+
+- Guide to Clinical Data Management Procedures (GCDMP): GCDMP
+- Books by Suzanne Prokscha: Writing and Managing SOPs for GCP and Practical Guide to Clinical Data Management
+
+Additionally, remember the insightful quote by [Damian Conway](https://www.questionpro.com/blog/data-documentation/): “Documentation is a love letter that you write to your future self.” This is an invaluable tidbit to keep in mind throughout the lifecycle of a study.
+
+## Conclusion
diff --git a/Course_Name.rds b/Course_Name.rds
index 89313df..03b31e9 100644
Binary files a/Course_Name.rds and b/Course_Name.rds differ
diff --git a/_bookdown_files/02-chapter_of_course_files/figure-html/unnamed-chunk-2-1.png b/_bookdown_files/02-chapter_of_course_files/figure-html/unnamed-chunk-2-1.png
deleted file mode 100644
index 0a0abd2..0000000
Binary files a/_bookdown_files/02-chapter_of_course_files/figure-html/unnamed-chunk-2-1.png and /dev/null differ
diff --git a/_bookdown_files/02-chapter_of_course_files/figure-html/unnamed-chunk-3-1.png b/_bookdown_files/02-chapter_of_course_files/figure-html/unnamed-chunk-3-1.png
deleted file mode 100644
index 0f0641a..0000000
Binary files a/_bookdown_files/02-chapter_of_course_files/figure-html/unnamed-chunk-3-1.png and /dev/null differ
diff --git a/docs/03-data_management.md b/docs/03-data_management.md
index 9ca8c41..54573c7 100644
--- a/docs/03-data_management.md
+++ b/docs/03-data_management.md
@@ -8,12 +8,149 @@ title: Clinical Data Management
## Learning Objectives
+
+
## Clinical data handling tools
-## Importance of keeping clinical data safe
+Clinical research relies heavily on the collection, processing, analysis, and management of data. Efficient and effective data handling is crucial to ensure the integrity, reliability, and validity of clinical trials and studies. Selecting the right tools for handling clinical data is a critical step in the research process. This section defines data handling in the context of clinical research and contrasts it with data quality, discusses the importance of privacy, provides a comprehensive guide on how to find suitable clinical data handling tools with a focus on open-source options, and emphasizes the importance of testing data handling methods using dummy data in the preliminary phases of a clinical trial.
+
+### Clinical data handling
+
+**Clinical data handling** involves the processes and tools used to collect, manage, store, process, and share clinical data in a way that maintains its integrity, security, and usability. It encompasses a range of activities, including:
+
+- Data Collection: Gathering data from various sources such as case report forms (CRFs), electronic health records (EHRs), patient surveys, and laboratory results.
+- Data Storage and Management: Safely storing data in databases or data warehouses and managing access to ensure that only authorized personnel can interact with the data.
+- Data Cleaning and Processing: Ensuring data consistency, accuracy, and completeness by detecting and rectifying errors, missing values, and inconsistencies.
+- Data Analysis: Using statistical and analytical tools to generate insights from the data that can inform clinical decisions and study outcomes.
+- Data Sharing and Reporting: Providing access to data for collaborators, regulators, or stakeholders in a secure and controlled manner and generating reports that summarize findings.
+
+The goal of effective data handling is to ensure that data is accurate, reliable, and available when needed, while also protecting patient privacy and complying with regulatory standards.
+
+#### Data quality vs data handling
+
+Data quality and data handling are closely related but distinct concepts in clinical research.
+
+- **Data Quality**: Refers to the accuracy, completeness, consistency, and reliability of data. High-quality data is essential for producing valid and reliable research outcomes. It involves processes such as data validation, error checking, and quality control measures.
+- **Data Handling**: Encompasses the broader scope of managing the data lifecycle, from collection and storage to processing, analysis, and sharing. While data quality is a component of data handling, the latter also involves aspects like data security, access management, and regulatory compliance.
+
+Both data quality and data handling are critical for ensuring the integrity of clinical research. Data handling tools must support high data quality standards through features like automated data validation checks, error reporting, and data cleaning functions.
+
+### Selecting clinical data handling tools
+
+Choosing the right tools for clinical data handling depends on several factors, including the study's size, complexity, data types, regulatory requirements, and budget. Key considerations include:
+
+- **Compatibility and Integration**: The tool should be compatible with existing data systems and workflows, allowing for seamless integration of data from multiple sources.
+- **Scalability**: The tool should be able to handle the volume of data expected in the study and scale as the study progresses.
+- **User-Friendliness**: A user-friendly interface can reduce the learning curve for researchers and data managers, improving efficiency and reducing errors.
+- **Regulatory Compliance**: The tool should comply with relevant data privacy and security regulations to protect patient data.
+- **Support and Documentation**: Adequate support, including user manuals, tutorials, and customer service, is essential for troubleshooting and maximizing the tool's potential.
+
+Research teams should conduct thorough evaluations, including reading reviews, seeking recommendations, and conducting pilot tests, to identify the best tool for their specific needs.
+
+#### Open source options
+
+Open-source tools provide a cost-effective and flexible alternative to proprietary software for handling clinical data. These tools are often developed and maintained by vibrant communities and can be customized to fit specific research needs.
+
+Advantages of open-source tools include:
+
+- They are typically **free to use**
+- They provide **transparency** by allowing users to review the codebase for security and compliance
+- They can be **modified** to meet unique requirements
+- They often have strong **community support**, which can be valuable for troubleshooting and enhancing functionalities.
+
+Examples of popular open-source data handling tools include:
+
+- **REDCap**: A secure, web-based application for building and managing online surveys and databases, widely used in clinical research for data collection and management.
+- **OpenClinica**: An open-source clinical trial software that supports data capture, management, and analysis, compliant with regulatory standards like FDA requirements for electronic data (FDA 21 CFR Part 11).
+- **KNIME**: A data analytics, reporting, and integration platform that can be used for data cleaning, processing, and analysis, with extensive capabilities for machine learning and data visualization.
+- **R and Python**: These programming languages offer powerful libraries and packages (such as the `tidyverse` for R, and `pandas` and `NumPy` for Python) that support a wide range of data handling and analysis tasks.
+
+Each of these tools carries their own idiosyncratic pros and cons. For example, KNIME is a code-free analytical platform that may be ideal for students or new analysts to get comfortable with data processing and management. However, KNIME is not easily scalable, so it may not be ideal for large or multi-site projects. REDCap is a highly scalable and customizable survey and data collection platform that offers some basic statistical and data visualization tools, and offers APIs to allow the real-time analytics in other platforms (R, C#, cURL, etc.). However, REDCap licensing limits it to non-profit institutions (and other potentially limiting requirements), so this should be investigated before plans are made to use the environment. REDCap and R both allow for regulatory compliance. The FDA has issued [guidance](https://www.r-project.org/doc/R-FDA.pdf) on using R for clinical trials. REDCap can be configured to support compliance with the FDA 21 CFR Part 11, HIPAA, and GDPR.
+
+While open-source tools are beneficial, it is essential to ensure they are secure, well-maintained, and compliant with relevant privacy and regulatory standards.
+
+When moving between multiple data handling tools, it is important to consider interoperability. As an example, REDCap and R play very nicely together via API tokens, but this may not be true of all electronic data capture systems or databases. The sharing, integration and redistribution of data between systems - whether internally or externally - needs to be carefully planned, tested and documented.
+
+### Testing data handling tools
+
+Before implementing data handling methods in an actual clinical trial, it is crucial to run tests using **dummy data**. This step ensures that the data handling process is robust, efficient, and free from errors across different conditions, without risking sensitive patient information.
+
+- **Creating Realistic Dummy Data**: Dummy data should mimic the real data in terms of format, structure, and complexity. It should include various scenarios (e.g., missing data, outliers, data entry errors) to test the system's error-handling capabilities.
+- **Simulating the Full Data Handling Workflow**: The process should involve every stage of data handling, from data collection and entry to storage, cleaning, analysis, and reporting. This comprehensive simulation helps identify potential issues early, such as data loss, security vulnerabilities, or errors in data processing algorithms.
+- **Refining and Optimizing Data Handling Methods**: Based on the findings from dummy data tests, researchers can refine their data handling protocols, adjust tools and settings, and optimize workflows to ensure smooth operations when real data is introduced.
+
+Testing with dummy data provides an additional layer of quality assurance and helps build confidence in the data handling process before the clinical trial begins.
+
+### Conclusion
+
+Effective clinical data handling is fundamental to the success of clinical trials and studies. Selecting the right tools requires careful consideration of privacy, regulatory compliance, open-source versus proprietary options, and the specific needs of the study. Understanding the difference between data quality and data handling is crucial, as both are essential for ensuring the validity and reliability of research outcomes. Running preliminary tests using dummy data is a critical step in validating data handling methods, ensuring that the chosen tools and processes are robust, secure, and efficient. By following these guidelines, researchers can enhance data management practices, protect patient privacy, and achieve meaningful and reliable clinical research outcomes.
+
+## Privacy considerations for clinical data
+
+Privacy is a fundamental consideration in clinical data management, given the sensitive nature of the information involved. Clinical data often contains personally identifiable information (PII) or personal health information (PHI), which must be protected to comply with privacy regulations such as the [Health Insurance Portability and Accountability Act](https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html) (HIPAA) in the United States, the [General Data Protection Regulation](https://gdpr.eu/what-is-gdpr/) (GDPR) in the European Union, and other regional laws. More information about PII and PHI can be found in [this course](https://hutchdatascience.org/Ethical_Data_Handling_for_Cancer_Research/data-privacy.html) about ethical data handling.
+
+- **Data Anonymization and De-identification**: One of the primary methods to protect privacy is to anonymize or de-identify data, removing or encrypting any information that could directly or indirectly identify an individual.
+- **Privacy-Preserving Record Linkages**: In scenarios where data from multiple sources need to be linked without compromising individual privacy, privacy-preserving record linkage techniques are essential. These methods enable the integration of datasets by matching records in a way that minimizes the risk of re-identification. Techniques such as secure multi-party computation, homomorphic encryption, and differential privacy can be employed to ensure that the linkage process itself does not expose sensitive information.
+- **Access Control and Encryption**: Tools should support robust access controls, ensuring that only authorized users have access to the data. Encryption should be used for both data at rest and data in transit to prevent unauthorized access.
+- **Compliance and Auditing**: Tools should facilitate compliance with regulatory standards and provide auditing capabilities to track data access and usage.
+
+When selecting data handling tools, it is crucial to prioritize those that offer comprehensive privacy features to safeguard sensitive information and maintain public trust in clinical research.
## Government regulators
+Clinical data is governed by several different types of regulations. In this section, we will review some of the major regulatory frameworks and organizations.
+
+### Health Insurance Portability and Accountability Act (HIPAA)
+
+The [Health Insurance Portability and Accountability Act](https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html) (HIPAA), regulated by the U.S. Department of Health and Human Services (HHS), establishes national standards to protect individuals’ medical records and other personal health information. It applies to health plans, healthcare clearinghouses, and healthcare providers that conduct certain healthcare transactions electronically. The HIPAA Privacy Rule requires appropriate safeguards to protect the privacy of protected health information (PHI) and sets limits on the uses and disclosures of such information without patient authorization.
+
+### Food and Drug Administration (FDA)
+
+The U.S. [Food and Drug Administration](https://www.fda.gov/regulatory-information/fda-rules-and-regulations) (FDA) regulates the safety, efficacy, and security of human and veterinary drugs, biological products, medical devices, food, cosmetics, and products that emit radiation. The FDA’s regulations ensure that clinical trials are conducted ethically and that data collected is reliable and accurate. This includes oversight of clinical trial protocols, informed consent, and reporting of adverse events.
+
+### General Data Protection Regulation (GDPR)
+
+The [General Data Protection Regulation](https://gdpr.eu/what-is-gdpr/) (GDPR), governed by the European Union (EU), is a comprehensive data protection law that governs the collection, processing, storage, and transfer of personal data within the EU. It aims to enhance individuals’ control over their personal data and simplify the regulatory environment for international business. GDPR applies to any organization that processes the personal data of EU residents, regardless of where the organization is based. Key provisions include the right to be forgotten, data portability, and mandatory breach notifications.
+
+### Honest brokers
+
+Honest brokers act as neutral intermediaries between the data source and researchers, typically regulated by Institutional Review Boards (IRBs) or equivalent bodies. They are responsible for de-identifying data to ensure that researchers cannot trace the data back to individual patients. Honest brokers must complete specific training, such as Collaborative Institutional Training Initiative (CITI) Research Ethics and HIPAA training, before accessing data. They play a crucial role in maintaining the confidentiality and integrity of clinical data.
+
## Documentation
+In data management, several types of documentation are frequently encountered, each serving a specific purpose throughout the lifecycle of a research project. These documents are crucial for ensuring data integrity, regulatory compliance, and effective project management.
+
+### Data Management Plan
+
+A Data Management Plan (DMP) outlines how data will be handled during and after a research project. Typically created at the beginning of a project, it is stored in project documentation repositories or institutional databases. Often required by funding agencies, a DMP may include plans for testing with dummy data to ensure data integrity. The importance of a DMP lies in its role in planning and managing data throughout the project, ensuring that data is handled consistently and [responsibly](https://www.tableau.com/learn/articles/what-is-data-management).
+
+### Statistical Analysis Plan
+
+The Statistical Analysis Plan (SAP) details the statistical methods and analyses to be performed on the collected data. Developed before data analysis begins, it is stored with project documentation or in electronic lab notebooks. Essential for clinical trials and other research requiring rigorous statistical analysis, the SAP may involve testing statistical methods on dummy data. The SAP is crucial for maintaining the integrity and reproducibility of statistical [analyses](https://www.questionpro.com/blog/data-documentation/).
+
+### Standard Operating Procedures
+
+Standard Operating Procedures (SOPs) provide detailed instructions on how to perform specific tasks or processes. Used throughout the project lifecycle, they are stored in organizational repositories or document management systems. SOPs are often required for regulatory compliance and may include procedures for testing with dummy data. The importance of SOPs lies in their ability to standardize processes, ensuring consistency and compliance with regulatory [requirements](https://managing-qualitative-data.org/modules/2/a/).
+
+### Data Use Agreements
+
+Data Use Agreements (DUAs) define the terms and conditions for data sharing and use. Encountered before data is shared with external parties, they are stored in legal or administrative offices. DUAs are required when sharing data with external collaborators but are typically not directly related to dummy data. DUAs are important for protecting data privacy and ensuring that data is used [appropriately](https://www.ibm.com/topics/data-compliance).
+
+### Data Sharing Agreements
+
+Data Sharing Agreements (DSAs) specify the terms for sharing data between organizations. Encountered prior to data sharing, they are stored in legal or administrative offices. DSAs are necessary for formalizing data sharing arrangements and generally do not relate to dummy data. The importance of DSAs lies in their role in facilitating collaboration while protecting data integrity and compliance with legal [requirements](https://atlan.com/know/data-governance/data-compliance-management/).
+
+### Documentation across the span of a project
+
+These documents are encountered at various stages of a project, from planning (DMP, SAP) to execution (SOP) and data sharing (DUA, DSA). They are typically stored in project documentation repositories, institutional databases, or document management systems, with access restricted to authorized personnel. Not all documents are required for every project; their necessity depends on the project’s scope, regulatory requirements, and institutional policies. Some documents, like the DMP, SAP, and SOP, may include provisions for testing with dummy data to ensure data integrity and validate processes.
+
+To ensure compliance with these documents, organizations should implement robust data governance frameworks that include regular audits, training programs, and clear policies and [procedures](https://teamhub.com/blog/document-management-compliance-2/). Standardized templates for these documents are often available from funding agencies, regulatory bodies, or institutional guidelines, helping to ensure consistency and compliance with best practices. It’s best to ask before starting any document to ensure the correct format is used.
+
+For further reading, consider the following resources:
+
+- Guide to Clinical Data Management Procedures (GCDMP): GCDMP
+- Books by Suzanne Prokscha: Writing and Managing SOPs for GCP and Practical Guide to Clinical Data Management
+
+Additionally, remember the insightful quote by [Damian Conway](https://www.questionpro.com/blog/data-documentation/): “Documentation is a love letter that you write to your future self.” This is an invaluable tidbit to keep in mind throughout the lifecycle of a study.
+
## Conclusion
diff --git a/docs/03-data_management_files/figure-html/1ivDTcLjb2078O0GemkSeCgC1jmxk4fMsiFQaPaer9mQ_g3edc229d226_1_0.png b/docs/03-data_management_files/figure-html/1ivDTcLjb2078O0GemkSeCgC1jmxk4fMsiFQaPaer9mQ_g3edc229d226_1_0.png
new file mode 100644
index 0000000..7110e24
Binary files /dev/null and b/docs/03-data_management_files/figure-html/1ivDTcLjb2078O0GemkSeCgC1jmxk4fMsiFQaPaer9mQ_g3edc229d226_1_0.png differ
diff --git a/docs/404.html b/docs/404.html
index 34285ba..1a78c50 100644
--- a/docs/404.html
+++ b/docs/404.html
@@ -4,18 +4,18 @@
-
Clinical research relies heavily on the collection, processing, analysis, and management of data. Efficient and effective data handling is crucial to ensure the integrity, reliability, and validity of clinical trials and studies. Selecting the right tools for handling clinical data is a critical step in the research process. This section defines data handling in the context of clinical research and contrasts it with data quality, discusses the importance of privacy, provides a comprehensive guide on how to find suitable clinical data handling tools with a focus on open-source options, and emphasizes the importance of testing data handling methods using dummy data in the preliminary phases of a clinical trial.
+Clinical data handling involves the processes and tools used to collect, manage, store, process, and share clinical data in a way that maintains its integrity, security, and usability. It encompasses a range of activities, including:
+The goal of effective data handling is to ensure that data is accurate, reliable, and available when needed, while also protecting patient privacy and complying with regulatory standards.
+Data quality and data handling are closely related but distinct concepts in clinical research.
+Both data quality and data handling are critical for ensuring the integrity of clinical research. Data handling tools must support high data quality standards through features like automated data validation checks, error reporting, and data cleaning functions.
+Choosing the right tools for clinical data handling depends on several factors, including the study’s size, complexity, data types, regulatory requirements, and budget. Key considerations include:
+Research teams should conduct thorough evaluations, including reading reviews, seeking recommendations, and conducting pilot tests, to identify the best tool for their specific needs.
+Open-source tools provide a cost-effective and flexible alternative to proprietary software for handling clinical data. These tools are often developed and maintained by vibrant communities and can be customized to fit specific research needs.
+Advantages of open-source tools include:
+Examples of popular open-source data handling tools include:
+tidyverse for R, and pandas and NumPy for Python) that support a wide range of data handling and analysis tasks.Each of these tools carries their own idiosyncratic pros and cons. For example, KNIME is a code-free analytical platform that may be ideal for students or new analysts to get comfortable with data processing and management. However, KNIME is not easily scalable, so it may not be ideal for large or multi-site projects. REDCap is a highly scalable and customizable survey and data collection platform that offers some basic statistical and data visualization tools, and offers APIs to allow the real-time analytics in other platforms (R, C#, cURL, etc.). However, REDCap licensing limits it to non-profit institutions (and other potentially limiting requirements), so this should be investigated before plans are made to use the environment. REDCap and R both allow for regulatory compliance. The FDA has issued guidance on using R for clinical trials. REDCap can be configured to support compliance with the FDA 21 CFR Part 11, HIPAA, and GDPR.
+While open-source tools are beneficial, it is essential to ensure they are secure, well-maintained, and compliant with relevant privacy and regulatory standards.
+When moving between multiple data handling tools, it is important to consider interoperability. As an example, REDCap and R play very nicely together via API tokens, but this may not be true of all electronic data capture systems or databases. The sharing, integration and redistribution of data between systems - whether internally or externally - needs to be carefully planned, tested and documented.
Before implementing data handling methods in an actual clinical trial, it is crucial to run tests using dummy data. This step ensures that the data handling process is robust, efficient, and free from errors across different conditions, without risking sensitive patient information.
+Testing with dummy data provides an additional layer of quality assurance and helps build confidence in the data handling process before the clinical trial begins.
+Effective clinical data handling is fundamental to the success of clinical trials and studies. Selecting the right tools requires careful consideration of privacy, regulatory compliance, open-source versus proprietary options, and the specific needs of the study. Understanding the difference between data quality and data handling is crucial, as both are essential for ensuring the validity and reliability of research outcomes. Running preliminary tests using dummy data is a critical step in validating data handling methods, ensuring that the chosen tools and processes are robust, secure, and efficient. By following these guidelines, researchers can enhance data management practices, protect patient privacy, and achieve meaningful and reliable clinical research outcomes.
+Privacy is a fundamental consideration in clinical data management, given the sensitive nature of the information involved. Clinical data often contains personally identifiable information (PII) or personal health information (PHI), which must be protected to comply with privacy regulations such as the Health Insurance Portability and Accountability Act (HIPAA) in the United States, the General Data Protection Regulation (GDPR) in the European Union, and other regional laws. More information about PII and PHI can be found in this course about ethical data handling.
+When selecting data handling tools, it is crucial to prioritize those that offer comprehensive privacy features to safeguard sensitive information and maintain public trust in clinical research.
Clinical data is governed by several different types of regulations. In this section, we will review some of the major regulatory frameworks and organizations.
+The Health Insurance Portability and Accountability Act (HIPAA), regulated by the U.S. Department of Health and Human Services (HHS), establishes national standards to protect individuals’ medical records and other personal health information. It applies to health plans, healthcare clearinghouses, and healthcare providers that conduct certain healthcare transactions electronically. The HIPAA Privacy Rule requires appropriate safeguards to protect the privacy of protected health information (PHI) and sets limits on the uses and disclosures of such information without patient authorization.
+The U.S. Food and Drug Administration (FDA) regulates the safety, efficacy, and security of human and veterinary drugs, biological products, medical devices, food, cosmetics, and products that emit radiation. The FDA’s regulations ensure that clinical trials are conducted ethically and that data collected is reliable and accurate. This includes oversight of clinical trial protocols, informed consent, and reporting of adverse events.
+The General Data Protection Regulation (GDPR), governed by the European Union (EU), is a comprehensive data protection law that governs the collection, processing, storage, and transfer of personal data within the EU. It aims to enhance individuals’ control over their personal data and simplify the regulatory environment for international business. GDPR applies to any organization that processes the personal data of EU residents, regardless of where the organization is based. Key provisions include the right to be forgotten, data portability, and mandatory breach notifications.
+Honest brokers act as neutral intermediaries between the data source and researchers, typically regulated by Institutional Review Boards (IRBs) or equivalent bodies. They are responsible for de-identifying data to ensure that researchers cannot trace the data back to individual patients. Honest brokers must complete specific training, such as Collaborative Institutional Training Initiative (CITI) Research Ethics and HIPAA training, before accessing data. They play a crucial role in maintaining the confidentiality and integrity of clinical data.
+In data management, several types of documentation are frequently encountered, each serving a specific purpose throughout the lifecycle of a research project. These documents are crucial for ensuring data integrity, regulatory compliance, and effective project management.
+A Data Management Plan (DMP) outlines how data will be handled during and after a research project. Typically created at the beginning of a project, it is stored in project documentation repositories or institutional databases. Often required by funding agencies, a DMP may include plans for testing with dummy data to ensure data integrity. The importance of a DMP lies in its role in planning and managing data throughout the project, ensuring that data is handled consistently and responsibly.
+The Statistical Analysis Plan (SAP) details the statistical methods and analyses to be performed on the collected data. Developed before data analysis begins, it is stored with project documentation or in electronic lab notebooks. Essential for clinical trials and other research requiring rigorous statistical analysis, the SAP may involve testing statistical methods on dummy data. The SAP is crucial for maintaining the integrity and reproducibility of statistical analyses.
+Standard Operating Procedures (SOPs) provide detailed instructions on how to perform specific tasks or processes. Used throughout the project lifecycle, they are stored in organizational repositories or document management systems. SOPs are often required for regulatory compliance and may include procedures for testing with dummy data. The importance of SOPs lies in their ability to standardize processes, ensuring consistency and compliance with regulatory requirements.
+Data Use Agreements (DUAs) define the terms and conditions for data sharing and use. Encountered before data is shared with external parties, they are stored in legal or administrative offices. DUAs are required when sharing data with external collaborators but are typically not directly related to dummy data. DUAs are important for protecting data privacy and ensuring that data is used appropriately.
+Data Sharing Agreements (DSAs) specify the terms for sharing data between organizations. Encountered prior to data sharing, they are stored in legal or administrative offices. DSAs are necessary for formalizing data sharing arrangements and generally do not relate to dummy data. The importance of DSAs lies in their role in facilitating collaboration while protecting data integrity and compliance with legal requirements.
+These documents are encountered at various stages of a project, from planning (DMP, SAP) to execution (SOP) and data sharing (DUA, DSA). They are typically stored in project documentation repositories, institutional databases, or document management systems, with access restricted to authorized personnel. Not all documents are required for every project; their necessity depends on the project’s scope, regulatory requirements, and institutional policies. Some documents, like the DMP, SAP, and SOP, may include provisions for testing with dummy data to ensure data integrity and validate processes.
+To ensure compliance with these documents, organizations should implement robust data governance frameworks that include regular audits, training programs, and clear policies and procedures. Standardized templates for these documents are often available from funding agencies, regulatory bodies, or institutional guidelines, helping to ensure consistency and compliance with best practices. It’s best to ask before starting any document to ensure the correct format is used.
+For further reading, consider the following resources:
+Additionally, remember the insightful quote by Damian Conway: “Documentation is a love letter that you write to your future self.” This is an invaluable tidbit to keep in mind throughout the lifecycle of a study.
+