PXE & LIFE FAQ

Why should I register for the PXE&LIFE survey?

  • Research without all PXEers is like a puzzle with missing pieces – you can’t see the whole picture. You have something unique to contribute. If everyone fills out the survey, we may find new connections that could help us figure out what is happening in PXE!

Who should sign up for the registry?

  • Anyone who is diagnosed with PXE should have a profile in our PXE&LIFE survey. You may create an account with a profile for yourself, if you are diagnosed with PXE. Or you may create an account with a profile for a parent, child, or spouse diagnosed with PXE. Completing the survey will compile data regarding diagnosis, symptoms, and quality of life for someone with PXE. 

What is the difference between creating an account and creating a profile?

  • Account: You are creating an account for YOU.  The account is password protected.
  • Profile: Once you have created your account, you are creating a profile for someone with PXE, who can be yourself, a spouse, a parent, or a child; and, for whom you will be completing the health data surveys.

When should I signup or login?

  • Right now! If you have not created a profile for yourself, a parent, a child, or a spouse with PXE, then now is the time! Log back in when you have time to complete another survey (you only need about 10 spare minutes to complete a survey!) Account holders will receive periodic emails when new surveys are added for you to complete.

Where can the survey be taken?

  • This survey is 100% online. Unfortunately, the survey is not equipped to work on a cell phone, and must be taken in a computer browser. The registry works best with Google Chrome, Mozilla Firefox, Safari, and Microsoft Edge.

How do I signup or login?

  • Signup or login by clicking “sign up” on the right side of the registry homepage. Watch our webinar on how to sign up and how to log back in for more detailed instructions.

How is my health information protected?

  • PXE International has been working with Genetic Alliance and Private Access to protect participant’s health information. You will be directed to set up your privacy settings once signing up. Please see our Security page for more information.

How do I authorize someone else to help complete the survey?

  • Click on the “Authorization” option in the profile menu (located on the top left quadrant of the photo below)

  • This feature allows users to authorize others to help with the account, like the Navigators at PXE International, or a friend or family member. Once on the authorization screen, click “Add Another Authorization” and they will be prompted to provide the name and email.

  • Someone with authorization has the ability to edit or enter profile information and health information (survey data), but they are NOT authorized to assist with the privacy settings for sharing data. Once the authorization has been successfully added, the authorized person will receive an email inviting you to create an account with Private Access, the technology provider for the registry. Make a new account, then start taking the authorized person can start taking the survey for you!

Who are Navigators?

  • Navigators are people waiting to help you through the PXE & Life survey. Whether by phone call, email, skype, or FaceTime, navigators are here for you! We know it’s sometimes easier to 'talk it through' with someone who is familiar with the survey and the website. Let us help! Set up an appointment by emailing pxelife@pxe.org or calling 1.202.362.9599, x252 and a navigator will set up a time to walk you through the PXE & Life survey and to make it as easy as possible.

How long does the survey take?

  • Depending on how much information you submit, the survey will take approximately 2 hours to complete in one sitting. However, PXE&LIFE is on the Platform for Engaging Everyone Responsibly (PEER), which allows participants to take the survey in multiple settings. Each individual survey takes between 10-15 minutes on average. You may also complete half of one survey, and come back to it at another time.

How do I know when I’m finished with the survey or series of surveys?

  • Your dashboard should give you an idea of where you are in relation to the series of surveys. Once you have completed the “About My PXE” (the longest section), the remaining surveys can be found on your dashboard. If a survey needs to be initiatated or completed, it will remain on your dashboard with a “resume” or a “start” button.

How do I change an answer to a question?

  • If you are in the process of completing a survey, you can scroll back through the topics and questions to find the question you want to edit. Edit the question and click “save”. If you have already completed the survey, you can click on “My Data” on the top left section of your dashboard and search or select the question and response you want to edit. When you edit and click “SAVE”, you will be presented with two options

    • Revisit All Questions assumes you want to restart your survey from the question where you are editing and re-answer all questions following. Clicking Revisit All Questions will delete all responses to all the questions that follow the one you are editing. The advantage is if your answer change impacts the questions that come after. This is the best option if you need to edit all questions.
    • Keep Answers will save your new response and keep all other answers. This is the best option if you want to update a single or a couple questions.

How do I return to a skipped question?

  • Click on “My Data” on the top left section of your dashboard and search for the keyword “skipped” in the response column. Enter and save your new response. Once completed, you will be directed to click “survey complete” and you will be returned to your dashboard.

Please direct any other questions to pxelife@pxe.org and we will get back to you as soon as possible.

 

PEER (Platform for Engaging Everyone Responsibly) is the platform used for PXE & LIFE.

What is the security level of the servers and how is the data encrypted?

  • All of data in the system is encrypted when in transit and while at rest. We use Secure Sockets Layer encryption of the site, and nationally-recognized cloud services.  A more detailed description of the security measures in place is provided below.

 

  • The production systems of the registry are hosted in the S3 Elastic Web service of the Amazon Web Services (AWS). Physical access to these data centers is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. For additional information about AWS' security, see http://aws.amazon.com/security.

 

  • PEER's approach to security protocols has been to design, express, and enforce security as bounded architectural attributes, shared technical services, and redundant platform operations that occur as multiple occurrences throughout the service, both procedurally (user prompted) and systemically (automatically), and not merely as single points of occurrence (such as standard user name and password authentication and/or authorization techniques).

 

  • The system is encrypted and monitored at each level, and uses secured HTTPS internally, as well as externally. The architecture secures data at a data persistence level, by encrypting all transported data between web servers and web browsers, including incorporating cryptographically randomized pseudonyms, secure API calls for all internal and external web services, and the use of decoupled Identity Provider (IdP) and Identity verification (IdV) systems. All internal and external API calls within the PEER registry utilize secure API calls. The API security enforces message authenticity, integrity, and confidentiality.

 

  • Survey responses and other de-identified data are held separate from the personally-identifying information and retained on behalf of Genetic Alliance by Private Access. Any columns in the Private Access database table for a PEER participant that could conceivably contain individually identifiable health information are encrypted using an encryption algorithm approved in Annex A of FIPS 140-2. This expressly includes (i) the randomly-generated foreign user ID that is provided by Private Access for the participant to whom said data pertains; (ii) the identity of the host for said foreign_user_id; (iii) the "source" from which an answer came (e.g., the embed_id that identifies the website where the iFrame containing the PEER Survey Toolkit survey widget is contained; and (iv) any answers provided by PEER participants in free-text fields, as and when used in the PEER Survey Toolkit questionnaire. 

 

  • PEER works in conjunction with the consent management systems described below to provide accessibility for individual account profiles via the customized PEER system. The security attributes built into Private Access augment the network, system and platform security designed into AWS' environment. This architecture secures data at a data persistence level, so that: (i) all personally identifiable data (PII) is encrypted using symmetric cryptography algorithms; (ii) all data is encrypted within data backups and redundant data services; (iii) no PII is logged, nor maintained, within application audit logs as a measure of security; and (iv) no personal information is ever emailed or sent in any notifications.

 

Who can access my data and how?

  • PEER enables individuals to make their own health information available to researchers and support groups, in accordance with each individual's granular permissions. Using PEER's access controls, for example, one participant can say that absolutely no one has any right to access any of their information (including de-identified data and/or identifying information), while another participant can say all of their information is available to anyone who either has IRB approval, or has been approved by a trusted organization. The system assumes most people will not be at one extreme or the other, but will have different attitudes about how much, and how broadly, they wish to share information -- and that this will be dictated based on (i) the type of information (i.e., de-identified information versus personally identifying information), (ii) the level of trust in the proposed recipient or the process by which the proposed recipient is selected, and (iii) the purpose for which the information might be used. Accordingly, the system provides highly granular and dynamic access controls to empower individuals with this level of oversight, and has a strict Privacy Policy that indicates that the only access to the data will be based on the express wishes of the individual themselves.

 

  • PEER has been designed by Private Access (a privacy technology expert) and Genetic Alliance (a nonprofit organization committed to developing new and safer ways of supporting community engagement in research). Genetic Alliance’s BioTrust Ethics Board, as well as various Institutional Review Boards (discussed below) who have reviewed the PEER system have helped to establish categories for data access options. Depending on how individual users employ these tools, they may “Allow” or “Deny” access, or set a control called "Ask Me". “Ask Me” requires potential data users to provide participants with more details about the intended data use, and the party seeking such access, before participants decide whether to allow or deny access. By using the controls, it is possible for individuals to restrict access to their information to a single researcher; just to researchers approved by this organization’s medical advisory board; to IRB-approved researchers working on a study that addresses one or more of the conditions affecting the individual; or to all researchers with IRB approval. 

 

Is there an IRB approval for this registry, and if so by what board?

  • Yes – actually there are several! The overall PEER Platform was reviewed and approved by Western Institutional Review Board (WIRB) in June 2014, with a renewal granted in June 2015, and another in June 2016. The WIRB approval is explicitly referenced in a Prospective Participant Informational Notice that accompanies the verification email that is sent to anyone signing up for the registry. In addition to WIRB, the Genetic Alliance IRB has reviewed the questionnaire and marketing materials for this registry, as well as other case-specific details. The BioTrust Ethics Committee of the Genetic Alliance is also actively overseeing this work, and has been instrumental in creating the PEER platform and its approach for empowering individuals to set granular and dynamic access levels. 

 

How does one remove health data from the Registry?

  • If you would like to remove your information from the registry for any reason, you may do so by first deleting all health profiles from your account, then deleting the account itself. To delete a profile, click on “delete this profile” in the profile menu (which you can access through the profile picture or icon in the top right corner of the registry screen). Once all profiles have been removed, click on the “My Account” link in the profile menu, and follow the instructions at the bottom of the screen to completely delete your account.

 

Where can I find the Privacy policy and security guidelines on the Registry site?

  • Most of these are available in the public links to the Privacy Policy or Terms of Service located in the bottom right hand corner of the registry screens. You can also read them using the links provided here.