We're unable to sign you in at this time. Please try again in a few minutes.
We were able to sign you in, but your subscription(s) could not be found. Please try again in a few minutes.
There may be a problem with your account. Please contact the AMA Service Center to resolve this issue.
Contact the AMA Service Center:
Telephone: 1 (800) 262-2350 or 1 (312) 670-7827  *   Email: subscriptions@jamanetwork.com
Error Message ......
JAMA NetSight |

Use of a Secure Internet Web Site for Collaborative Medical Research

W. Wesley Marshall, MD; Robert W. Haley, MD
JAMA. 2000;284(14):1843-1849. doi:10.1001/jama.284.14.1843.
Text Size: A A A
Published online

Researchers who collaborate on clinical research studies from diffuse locations need a convenient, inexpensive, secure way to record and manage data. The Internet, with its World Wide Web, provides a vast network that enables researchers with diverse types of computers and operating systems anywhere in the world to log data through a common interface. Development of a Web site for scientific data collection can be organized into 10 steps, including planning the scientific database, choosing a database management software system, setting up database tables for each collaborator's variables, developing the Web site's screen layout, choosing a middleware software system to tie the database software to the Web site interface, embedding data editing and calculation routines, setting up the database on the central server computer, obtaining a unique Internet address and name for the Web site, applying security measures to the site, and training staff who enter data. Ensuring the security of an Internet database requires limiting the number of people who have access to the server, setting up the server on a stand-alone computer, requiring user-name and password authentication for server and Web site access, installing a firewall computer to prevent break-ins and block bogus information from reaching the server, verifying the identity of the server and client computers with certification from a certificate authority, encrypting information sent between server and client computers to avoid eavesdropping, establishing audit trails to record all accesses into the Web site, and educating Web site users about security techniques. When these measures are carefully undertaken, in our experience, information for scientific studies can be collected and maintained on Internet databases more efficiently and securely than through conventional systems of paper records protected by filing cabinets and locked doors.

Figures in this Article

Sign in

Purchase Options

• Buy this article
• Subscribe to the journal
• Rent this article ?


Figure 1. Client-Server Model for a Secure Internet Web Site
Graphic Jump Location
The hosting system for the scientific database and Web site resides on the central server computer. The firewall device and software provide security by filtering out illegitimate information packets and preventing unauthorized access. Scientists at collaborating laboratories and clinics enter and edit data in the central scientific database using Web browser software installed on their client computers.
Figure 2. Middleware Connecting Fields in Database Tables With Data Entry Items on Web Page
Graphic Jump Location
Table 1 in this example database contains input variables and Table 2 contains derived variables calculated by JavaScript code that is embedded in the Web page.
Figure 3. Encryption of Data for Secure Transmission Over the Internet Using the Public Key Cryptography System
Graphic Jump Location
In the server computer, an information packet conveying part of a Web page is encrypted with that client computer's public key. After attaching an address label for the destination client computer (A), the server computer sends the encrypted information packet across the Internet to the client computer, which recognizes it, strips off the address label, decrypts the information packet using its own private key, and displays the part of the Web page that is conveyed. The same process is used when information travels from a client computer to a server computer.



Also Meets CME requirements for:
Browse CME for all U.S. States
Accreditation Information
The American Medical Association is accredited by the Accreditation Council for Continuing Medical Education to provide continuing medical education for physicians. The AMA designates this journal-based CME activity for a maximum of 1 AMA PRA Category 1 CreditTM per course. Physicians should claim only the credit commensurate with the extent of their participation in the activity. Physicians who complete the CME course and score at least 80% correct on the quiz are eligible for AMA PRA Category 1 CreditTM.
Note: You must get at least of the answers correct to pass this quiz.
Please click the checkbox indicating that you have read the full article in order to submit your answers.
Your answers have been saved for later.
You have not filled in all the answers to complete this quiz
The following questions were not answered:
Sorry, you have unsuccessfully completed this CME quiz with a score of
The following questions were not answered correctly:
Commitment to Change (optional):
Indicate what change(s) you will implement in your practice, if any, based on this CME course.
Your quiz results:
The filled radio buttons indicate your responses. The preferred responses are highlighted
For CME Course: A Proposed Model for Initial Assessment and Management of Acute Heart Failure Syndromes
Indicate what changes(s) you will implement in your practice, if any, based on this CME course.


Some tools below are only available to our subscribers or users with an online account.

0 Citations

Sign in

Purchase Options

• Buy this article
• Subscribe to the journal
• Rent this article ?

Related Content

Customize your page view by dragging & repositioning the boxes below.

Articles Related By Topic
Related Collections
PubMed Articles

Users' Guides to the Medical Literature: A Manual for Evidence-Based Clinical Practice, 3rd ed
How Serious Is the Risk of Bias?

Users' Guides to the Medical Literature: A Manual for Evidence-Based Clinical Practice, 3rd ed
In a Case-Control Study, Did the Cases and Control Group Have the Same Risk (Chance) for Being Exposed in the Past?