Frequently Asked Questions
See the User Guide for questions about the MindLogger app.
See the Admin Guide for administering applets.
See the Software Guide to learn more about the software.
Contents
General questions
- Are my data secure?
- How do I log in?
- I clicked “Forgot Password” and submitted my email address. Where is my reset password email message?
- What if I find a bug or have a suggestion?
- What license does MindLogger have?
- How do I cite MindLogger?
User questions (from the User Guide)
Administrator questions (from the Admin Guide)
- What is an applet, activity, item,…?
- What features are supported by MindLogger?
- What permissions do people have in MindLogger?
- What can I do if I lose my applet password?
General questions
Are my data secure?
MindLogger is end-to-end encrypted, which means that only the creator/owner of a given applet can authorize access to any data. MindLogger stores all data in access-controlled, AES 256-bit-encrypted MongoDB document stores, which are hosted on a HIPAA-compliant instance on Amazon Web Services, and served with HTTPS protocols. Response data and personal information are stored and encrypted separately.
Below is a summary provided by a computer security firm we hired to conduct a security audit of the MindLogger platform:
How Does MindLogger Protect Data?
MindLogger makes extensive use of encryption to protect your data to the fullest extent possible while still providing users and applet owners access to required data. As with all secure Internet services, this protection starts with the use of SSL/TLS providing encrypted connections between users and the MindLogger server.
All user personal information is encrypted. To protect user privacy, the use of email addresses is limited in the application. These are encrypted using the one-way SSH224 hash algorithm. Personally identifiable information such as names are encrypted using AES 256-bit encryption. Only after being encrypted is any of this data stored in the MongoDB database. AES encryption keys are stored separate from the database, ensuring any potential database compromise will not reveal unencrypted personal information.
Applet response data is held to an even higher standard. This data is end-to-end encrypted, meaning it is encrypted before it leaves the user’s device, and remains encrypted until it is decrypted on the device of the user or applet owner. Interaction with the applet fields is done fully inside the user’s app or browser without sending any information to MindLogger systems. Only when a user submits the applet responses is their data encrypted within their device using AES 256-bit encryption and then sent to the MindLogger service to be stored in the secure MongoDB database. This architecture helps ensure that even an attacker that could see the data passed through the MindLogger systems or databases would only view encrypted data.
This end-to-end encryption is achieved using public-key encryption. Every user has a unique AES 256-bit encryption key for each applet. This is derived based on the user’s password and the applet password created by the applet owner, so the encrypted data can only be decrypted using one of these passwords. These are never transmitted outside of the user’s device and are not known to MindLogger. This is why MindLogger cannot retrieve data if an applet password is lost, and it is up to you to use a strong password to ensure your data is protected.
How do I log in?
Once you create an account on the app or admin panel, those credentials will allow you to log in anywhere MindLogger requires authentication.
I clicked “Forgot Password” and submitted my email address. Where is my reset password email message?
Check your spam or junk folder. If you still can’t find the message, email us.
What if I find a bug or have a suggestion?
Please go HERE to report a bug or request a feature.
What license does MindLogger have?
CPAL-1.0 open source license for user application software, and DOSA-1.0 delayed open source license for administrative software. Please go HERE to learn more.
How do I cite MindLogger?
Please cite our peer-reviewed JMIR article:
“Remote Digital Psychiatry for Mobile Mental Health Assessment and Therapy: MindLogger Platform Development Study”. Arno Klein, Jon Clucas, Anirudh Krishnakumar, Satrajit S Ghosh, Wilhelm Van Auken, Benjamin Thonet, Ihor Sabram, Nino Acuna, Anisha Keshavan, Henry Rossiter, Yao Xiao, Sergey Semenuta, Alessandra Badioli, Kseniia Konishcheva, Sanu Ann Abraham, Lindsay M Alexander, Kathleen R Merikangas, Joel Swendsen, Ariel B Lindner, Michael P Milham. Journal of Medical Internet Research (2021). doi:10.2196/22369
User questions
Why don’t I see my activity?
Please check the following:
- Have you been invited to the activity as a respondent?
- Have you signed in with a different account?
- Is the activity scheduled for a different time (and currently hidden from view)?
- Try refreshing by swiping down from the top of the screen within the app.
Can more than one person use the same app?
Currently, you would have to log out and log back in again as a different user on the same device.
Administrator questions
What is an applet, activity, item,…?
| Term | Description | |
|---|---|---|
| “Applet” | Collection of one or more activities that the end user will view or respond to. | |
| “Activity” | Collection of one or more items within an activity that the end user will view or respond to. | |
| “Item” | For the mobile app, this refers to a screen within an activity that the end user will view or respond to (see What features are supported by MindLogger?). | |
| “Applet name” | Name for an applet, displayed on the admin panel and app. | |
| “Applet description” | Description of an applet for the end user. | |
| “Activity name” | Name for an activity. | |
| “Activity description” | Description of an activity for the end user. | |
| “Secret ID” | An internal ID to refer to a specific end user. |
What features are supported by MindLogger?
Each screen in a MindLogger activity can include informational text, picture, or audio and one of the following:
| - Radio button | ||
| - Checkbox | ||
| - Slider | ||
| - Text box | ||
| - Time range selector | ||
| - Date selector | ||
| - Photo display/capture | ||
| - Video play/record | ||
| - Audio play/record | ||
| - Draw on canvas/picture | ||
| - Geolocation button | ||
| - Cognitive tasks |
Each screen can also have a delay, a timer, as well as conditional logic to determine where to go next.
As for sensors on a phone, MindLogger currently makes use of the touchscreen, camera, and microphone, and only actively, ie, when you use the app. Some activities may also present a special button for recording GPS at the moment you press that button.
What permissions do people have in MindLogger?
Below are the different roles and the access each has to your applet:
What can I do if I lose my applet password?
In order for MindLogger to keep your response data completely secure, we have designed the security around the user’s response data to be impenetrable, but that means that you cannot change or reset the applet password. If you have lost your applet password, you have lost all previously collected response data from your users.
You can duplicate your applet and create a new password to retain the applet content and begin to collect new user data, however. We suggest that all applet passwords be stored in a central location outside of MindLogger with tools like LastPass or 1password.
In order to access response data, you need to have the right role and applet password. If you grant access to an individual with a manager or reviewer role, that individual will also need the applet password to see any user data. Once that individual’s role is removed from the applet, that individual can no longer access user data.