Holch,

I think I'll skip running a server on the tablet itself. There is a Ubuntu Installer for Android, but I'd need to get the data off of there and back it up/look at and to do this I'd presumably need to use my network - probably with less robust encryption options that I'd have with a host computer and a tablet.

So, I think you answered all of my questions and connecting the "server" to the router directly is easy and I assume the tablet can access the server via wifi?


Thanks so much. I really appreciate everyone's time.

brainpsych wrote: Jelo - what does "local OC" mean?

Sorry, I hit O instead of the P key.
I meant local PC.

brainpsych wrote: Holch - The distinction between SAS and SaaS is not something that I am understanding from the link. Sorry.

You can safely ignore the content of the link for your problem.

brainpsych wrote: Also, I assume a tablet could be on the same wireless network as the host computer - it doesn't need to be connected via ethernet?

Yes, correct.

brainpsych wrote: Also, I assume there would be something easily done to make an Ipad only allow the individual to access one program - i.e., the browser pointed at the survey?

It depends on the App you will use as browser. Search and watch out for "kiosk mode" which describes a mode where everything is locked to a certain application so that the tablet or pc cannot be misused.

E.g. www.webascender.com/Blog/ID/447/How-to-S...iPad-to-Just-One-App
or support.apple.com/HT5509

As Jelo said: Ignore the differences between SAS and SaaS. Let's go for SaaS - Software as a service. This means that the provider doesn't sell you a software that you install on your computer or your server. Actually today you might associate this with "cloud".

Installing Limesurvey on a tablet: I have done it with an Android tablet already. There are apps that install the webserver and then you just need to install Limesurvey on that webserver, just as you would for a hosted service.

But I think the best solution is to have it running on a "server" (can be an ordinary computer) at your office. The tablet can access the "server" easily via WIFI through the router.

For the possibility to only allow one application (the browser) on the tablet, as Jelo said, search for kiosk mode.

Never used it, but you should find a solution there.

I think brainpsych might have already found his/her solution, but I thought I'd add my two cents for the discussion re:Limesurvey & HIPAA.

Based on my understanding (by no means am I an expert!!), to be HIPAA compliant the data must be secured/encrypted. That is the "easy" part especially when dealing with local data/PHI (Protected Health Information). However, most people are connected to the internet, and SaaS providers are becoming increasingly popular. Using SaaS providers increases risks. This increased risk is related to the transmission of PHI across servers that a service provider like brainpsych (assuming he/she is a health care provider of some sort) have no control over. Reputable SaaS providers will offer a Business Associates Agreement (BAA) which makes them liable for any security breaches. Basically, a BAA typically states that the SaaS provider will make sure PHI is safe/secure AND will inform the end user of any breaches. So in sum, to be HIPAA compliant PHI needs to be secured, and when using the internet there needs to be an audit trail should anything go awry.

So to circle back to brainpsych's original question, something else to consider is the type of information he/she is soliciting. If it is unidentifiable data, a SaaS provider like limeservice.com might be an option.

jelo wrote: Search and watch out for "kiosk mode" which describes a mode where everything is locked to a certain application so that the tablet or pc cannot be misused

For mac users I recommend Icab a very great and stable browser allowing kiosk mode...

There is also a similar IOS app (I've never tested)

Hey,

Thank you all very much for your thoughts. Often times software that has all support done via forums can be a frustration for new users, but I have been very pleasantly surprised by this community.

Yours,
Colin

Just discovered:
Plugin for limesurvey that enables asymmetric response encryption.

Ben_V wrote:

jelo wrote: Search and watch out for "kiosk mode" which describes a mode where everything is locked to a certain application so that the tablet or pc cannot be misused

For mac users I recommend Icab a very great and stable browser allowing kiosk mode...

You can now use the new Limesurvey Android app "OfflineSurveys" to run any Limesurvey survey in kiosk mode at any Android device, see www.offlinesurveys.com

Hi there, this is a great thread for me.

I am also a just a doctor looking into anonymous collection of patient responses in an outpatient psychiatry centre with two teams providing service.

Considering HIPAA/DPA requirements I would think it would be best to err on the side of caution and not have any patient identifiable information there. I would go for the following setup:

*** Hardware:
1) XAMPP server without a LAN connection (much less opportunity for remote hacking)
2) computer physically secured - as much as reasonable (no easy access + cable-locked)
3) HDD is encrypted (probably just home directory)

*** Software:
1) Patients have their unique PINs - at first they only see a screen with request to enter their PIN in kiosk mode browser
2) PIN lets computer know which service survey to present to the user
3) Patient does a quick survey with 3 mandatory slider type questions AND has an option to enter free text in the box below
4) The idea here is to let people respond in as easy and hassle-free way as possible

*** Data analysis - cyclical:
1) Once a week I connect to the computer with my laptop via ethernet crossover cable
2) I log into the admin interface and download data in R format from web admin interface
3) On my laptop I run a weekly report analysis script on the data in R
4) Analysis script is done in such a way as to provide printable graphs for the whole period and printable text responses for the last week. These are used to provide feedback to the teams and the patients.

### Question:
What I am most thinking about at this stage is - how to connect the PIN and the survey. I do not think that Limesurvey would support such a PIN kind of authentication. I think that probably I need to set up a website (maybe a static one) which compares the PIN entered to the list it has and then displays the survey page. I am wondering also if the PIN might be passed to Limesurvey and used as a token? How to best do it is a bit unclear to me at this stage. Effectively I want the same people (patients) use the same survey to track their response change over time (typically over 2 years).

I thought that alternatively I might set up a two-page survey where the first page just asks for the PIN and the next page is the rest of the survey. However I am not sure how I would error-check the PIN entry; the only way I imagine would be perhaps if the first page PIN entry was a conditional question, but this sounds a bit awkward, especially if numbers got high. The max population expected over 2 year window would perhaps be about 300.

Your thoughts would be very much appreciated

Rob

What is the difference between a token and the PIN you are suggesting?

You could increase the number of "uses" by increasing "uses left" of the token. This means someone with this specific token could fill in the survey as many times as you give them "uses" for this token.

From my understanding I think r0bis is saying PIN which translated into Lime terminology is token.

I have several follow up questions:
When you say anonymous, do you mean anonymous or confidential? If you mean anonymous, Lime does a great job with that so much so that tracking responses over time is near impossible. The fact that you mention tracking, I'm going to assume you want to know who said what and thus want responses to be confidential.

What type of info do you want to track? From my experience tracking change overtime is a little tricky and requires some planning. In an overly simple nutshell and assuming you are administering this in your doctor's office, I would:

• use the Lime token system
• upon check in give patient a token
• enter token to complete the survey (you can reduce the string to something more manageable than the default of 15)
• at some point move the data to a separate DB to track change and run analyses

PM me if you want more details on how we use Lime in a health care environment.

Thank you both for clarifying things for me. I think token is the way to go then, because I could have it to be at manageable length (say 4 or 5 symbols). I suppose it should be possible for me to implement a simple survey box so that:

• Screen always is at survey start page as I set up that page to be the HTTP server index page
• I set up the survey page to also be the exit page from survey (after pressing 'Submit'), so after one submit the system is ready for the next submission.
• I suppose I can customise the start page freely through templates so that it looks the way I want it to look.
• to facilitate one entry per week I could use a weekly cron job to reset 'uses left' in mysql database every weekend, that might be an alternative to setting 1000 uses left right from the start.

With respect to anonymity vs confidentiality I would prefer anonymous (so token and response cannot be linked), but I would like to be able to aggregate data over the day and track aggregate responses over time. I understood from my earlier experience with limesurvey that anonymised surveys would record the submission date, but not the time, but maybe I am wrong - it was a few years ago.

If not - would it be possible for me to modify survey mechanism so that date is recorded, but not the time. Or possibly I could use a hidden survey field filled with Expression Manager where I could record via php function?