Example Text for Describing Fitabase in IRB applications
We recommend speaking with your IRB office prior to submitting an application and describing your study and use of Fitabase. The following text should be used only as an example. We cannot guarantee that the following example descriptions will be considered acceptable by all IRBs.
This section can be used when the research study controls the Fitbit.com user account associated with the Fitbit Device.
Manual Connection and Pre-Authorization: Prior to consenting the participant, a research staff member will create a unique email and password combination in order to create an account on Fitbit.com.
During the account creation process the following information will be entered:
- First Name: A de-identified placeholder name will be entered
- Last Name: A de-identified placeholder name will be entered
- Date of Birth: The first day of the month of birth will be entered OR The first day of the year of birth will be entered.
- Gender/Sex: The participant's gender will be entered.
- Height: The participant's height will be entered.
- Weight: The participant's weight will be entered.
It is important to note that the personal demographic details - date of birth, gender, height, and weight - are required for accurate estimation of data captured by the Fitbit Device.
The Fitbit account will be connected to a research device. Once the device is connected to the study-generated and study-controlled Fitbit account it will be manually connected to the Fitabase platform and assigned a unique study ID so that data will be synced and available for viewing and downloading by research staff. All data associated with the Fitbit device will be linked to the chosen unique study ID in the Fitabase platform.
These two sections can be used when the participant controls the Fitbit.com user account (uses their own email/password) associated with the Fitbit device.
Participants will be asked to authorize the Fitabase system to access their Fitbit data and make it available for download for analysis participants. This will be completed either in person or online.
Description of access to participant produced data via Fitabase.
Study Access to Fitbit Data. The PI has set up a study project within the Fitabase system for generating unique identifiers and connecting participants’ Fitbit devices to the Fitabase system. When the PI logs into the Fitabase system they will be able to see all currently connected devices and the associated study IDs. Each study identifier has a profile that includes the Fitbit data described in the consent documents. Upon authorization by the PI or participant the Fitabase system will be granted access data gathered by the participant as they use the Fitbit device during the data collection timeframe as described in the consent documents as they have used their Fitbit device(s). When the data has been downloaded to Fitabase the PI will navigate to the participant’s profile and download CSV (comma separated value) files that contain the physical activity and sleep data to the secure lab server. No other data will be downloaded. Once the study has been completed and the data has been downloaded and scanned for errors, the participant’s profile will be deleted and the authorization will be removed.
Participant Withdrawal & Data Access. There are two instances when the PI will revoke access to data associated with participants in this study. First, if a participant chooses to withdraw from the study at any time, even after they have authorized their Fitbit data to be accessed and downloaded, the PI will remove the participant from the study platform (Fitabase) and data will be removed from the study. The PI will first confirm that the participant’s authorization is no longer valid. If the authorization is still valid (in the case of long download times) it will be deleted by the PI. Second, 90 days after the completion of data collection Fitabase will remove the project from their data management system, disassociate the data from the project, and begin remove access to the data by deleting it from its servers and backup systems.