You, the user, are entering data into a mobile device. While the data resides on the mobile device, you own all data that you have created or modified. Your data is sent to the project’s server. When data is sent to the server, the project administrator owns the data. Any non-user data retrieved from the server, such as configuration information, is owned by the project administrator.
Your data is treated as private. All attempts are made to secure the data from outside interception. Data is sent via a SSL connection to the MyCap server from which the project originated.
The project configuration and (optionally) some user data are downloaded from a MyCap server via a SSL connection. The configuration and any data are stored in one or more encrypted databases on the mobile device. If a user is participating in multiple projects then there will be multiple encrypted databases. Each project has a siloed database.
Allocation of Software and Data
The parent MyCap server hosts the project and the final copy of the data. This resides at the host institution/organization that is running the MyCap REDCap external module. The mobile device hosts the project configuration and any temporary study data. The data does not become authoritative until sent to the MyCap server.