wiki:LEGACY - Northampton Recruitment into BRICCS

BRICCS Multi-site recruitment

The information on this page is provided for historical reference. Starting in September 2014, BRICCS Study recruitment began at additional external sites, and switched to using REDCap rather than Onyx for data collection. The technical requirements of this approach are documented at LEGACY - BRICCS External Site Rollout, and that page should be consulted for all current information on multi-site recruitment.

SUPERCEDED - BRICCS Study: Northampton recruitment

After much deliberation and discussion, there will be BRICCS Study recruitment in Northampton soon.

We had a fruitful and positive telephone discussion around the IT issues on 24th January which Sanjiv (Sanjiv.Lal@…) arranged. As I understand it, the output from this is that:

  1. Neil Baker will be the IT point of contact in Northampton for us, and will involve colleagues as required.
  1. We will configure our existing instance of CaTissue to recognise Northampton as an additional site, with its own storage hierarchy, and all study staff at Northampton will have logins for CaTissue. CaTissue is web-based, contains no patient identifiable information and can be accessed from any standard browser.
  1. We will work with colleagues in IT at Northampton and Leicester to establish Virtual Private Network (VPN) access from designated terminals in Northampton to an Onyx server within the Leicester datacentre. Northampton patients will be recruited to this Onyx which will run in parallel to the Leicester instance already running. Recruitment staff at each site will not have access to the other site's data.
  1. Northampton IT staff will install and configure, with our help, the Mozilla Labs' PRISM browser, to install a webapp accessing Onyx. This is the same set-up we are using in Leicester.
  1. Northampton IT staff will assist in installing the driver software for the 2d barcode reader device which Leicester BRU is supplying to Northampton for the logging of recruitment and sample barcodes.
  1. The Onyx configuration will NOT be set up to access the Northampton PMI. Patient details will therefore need to be manually entered into Onyx, via the 'walk-in' function. In the event that recruitment exceeds expectations and this becomes onerous we will revisit the approach.

Northampton Personnel: Jane O'Callaghan - Cardiology Research Co-ordinator David Sprigings - Cardiologist Sanjiv Lal - Service Delivery Manager, IT Strategy and Partnerships Neil Baker - Senior Systems Administrator, IT Strategy and Partnerships David Jennings - IT Strategy and Partnerships (later involvement)

Plan now:

  • Get Onyx working on the uhlbriccsext01 server, including test/training deployment, with manual patient entry


  • Add participant attribute for 'local site unique identifier' for NGH patient ID.
  • Establish VPN or tunnel access between client machines and server - Neil Baker and Steve Wenlock working on this
  • Visit Northampton to:
    • Verify access to CaTissue - DONE
    • Verify access to Onyx
    • Install Prism webapp on appropriate desktop machines - DONE
    • Install and test the 2d barcode reader and associated software - DONE
  • Define access control list - names, email addresses, requirements for access
  • Train all Northampton staff in use of Onyx and CaTissue
  • Confirm ethics, data sharing agreement and other requirements in place
  • Begin recruiting


Steve Wenlock and Neil Baker have discussed this. VPN is 'overkill' for the level of complexity involved. Steve suggests a more straightforward approach of ensuring the server runs over SSL and then opening the necessary port in the UHL firewall and forwarding it explicitly to the server - with a DNS entry being made in N3 to route the connection.

OBiBa's wiki does describe the deployment of Onyx over SSL:

Tomcat over SSL uses port 8443. I've installed a self-signed test certificate on the server, for testing purposes, and that works satisfactorily.

In Onyx config, make the following changes: WEB-INF/config/ needs a line to add "pat_local_id= Local patient ID" and WEB-INF/config/participant-attributes.xml needs a stanza to define pat_local_id as assignable at enrollment, editable, but not mandatory.

sudo %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA

Password: justfortesting

However, for production purposes, until a UHL provided certificate is in place, the connection will be by means of a VPN.


The first export from Onyx (Northampton) was run on 30 December 2013. 100 participants were exported, out of 102 recruited to that point.


A similar arrangement will be needed for Kettering recruitment. Again, two onyx deployments, and two new databases, one live and one test.


Switch to REDCap and SSL

Following continued difficulties getting the VPN approach configured we have discussed with UHL and IBM the need to implement the SSL solution. NH spoke with Chris Drabble from the 'Design Authority' on 4th June 2014, and we agreed the outlines of a solution:

Need a DNS entry for the server from N3 Will need to supply IP ranges for whitelisting in the firewall Need a SSL certificate, NH to install and configure the server itself Where does the certificate come from - as the UHL root cert will not be available to the clients? Does it need a different hostname?

Chris will speak with Steve Wenlock and report back.

Error: Macro BackLinks(None) failed
'Environment' object has no attribute 'get_db_cnx'

Last modified 7 years ago Last modified on 09/25/15 12:02:39
Note: See TracWiki for help on using the wiki.