Research Security Framework

I. POLICY AND GENERAL STATEMENT

The University of Texas Health Science Center at Houston (“University”) strives to create a research climate that promotes integrity in research and fosters innovation.  Use of advanced specialized technologies and interdisciplinary approaches have significantly amplified the need for and significance of collaborative research. Increase in collaborative research has presented challenges in ensuring research integrity in the conception and execution of research projects and in safeguarding research from unwarranted foreign influence.

Recognizing, comprehending, and addressing these challenges and related matters through the implementation of a comprehensive research security program is crucial to ensure responsible, efficient, and productive research collaborations. The University's research security program is firmly grounded in core values such as honesty, transparency, accountability, objectivity, inclusivity, fairness, and stewardship. The research security program is intended to ensure that the University complies with State of Texas and US Government requirements for research security, such as the National Security Presidential Memorandum 33 guidelines and Texas Education Code Sec. 51.956. The research security program is intended to ensure that the University complies with applicable federal and state laws and regulations and University of Texas System (UT System) requirements.   All participants in the research enterprise bear the responsibility of upholding these values to promote research integrity, properly protect research technologies, and cultivate public trust in the outcomes of our research endeavors.

II. DEFINITIONS

Research Security: Safeguarding the research enterprise against the misappropriation of research and development to the detriment of national or economic security, related violations of research integrity and foreign government interference.

Secure Collaborative Research: Collaboration that ensures secure channels for data and communication, and includes using administrative, technical and physical security safeguards such as encrypted communication, secure file sharing platforms, and guidelines for any research that is coordinated between or among researchers, institutions, organizations, and/or communities.

III. PROCEDURE

This policy provides an overview of the University’s research security framework and links to other policies implementing portions of that framework. The overall aim is to create a secure and responsible research environment that upholds the integrity of scientific and scholarly work while addressing security challenges.

A. Core Components of the Research Security Program

1. Conflict of interest and conflict of commitment disclosure and management: The University has robust procedures and workflows to solicit and review disclosures from faculty and staff and new hires including questions about foreign contracts, affiliations, and involvement with foreign talent recruitment programs. (HOOP 20, Conflict of Interest, Conflict of Commitment and Outside Activities, HOOP 94, Research Conflicts of Interest, HOOP 221, Institutional Conflicts of Interest.)
2. Cybersecurity protections: The University has policies and procedures, including data encryption, access controls, and secure storage practices, designed to protect research data, including sensitive and confidential information, from unauthorized access, loss, or breach. (HOOP 175, Roles and Responsibilities for University Information Resources and University Data, HOOP 180, Acceptable Use of University Information Resources).
3. Disclosures to federal funding agencies: The University has policies and procedures governing the research enterprise, including requirements that all current and pending ”other support” be disclosed in federal grant applications. (HOOP 64, Applications/Proposals or Contracts for Sponsored Projects, HOOP 93, Effort Certification, HOOP 168, Conduct of Research)
4. Export compliance: The University has policies and procedures to promote compliance with relevant laws, regulations, and funding agency guidelines. This includes export control regulations and other legal requirements related to research activities. (UTS 173, Export Controls and HOOP [to come])
5. Foreign travel security:  The University has policies and procedures to promote safety and security of its students, faculty, staff, and other members of its community when traveling abroad for educational, research, or work-related purposes and to minimize risks of foreign interference and intellectual property theft. (UTS 190, International Travel Policy, UTS 173, Export Controls, International Travel Mandates). 
6. Oversight of foreign visitors and collaborators: The University maintains a robust Visiting Scholars Program to help structure associations with visiting scholars and to protect the interests of the University and the Visiting Scholars.  (HOOP 125, Visiting Scholars)
7. Protecting intellectual property: The University has policies and procedures designed to safeguard valuable research findings, technologies, and intellectual property against theft, unauthorized access, and foreign influence in order to preserve the rights and interests of the researchers and their institutions. (HOOP 201, Intellectual Property, HOOP 180, Acceptable Use of University Information Resources)
8. Research security training and insider threat awareness: The University provides training and awareness programs to researchers, staff, and students to increase their understanding of research security principles and best practices and to promote a culture of responsibility and awareness regarding research security. (HOOP 95, Research Training)
9. Research integrity: The University strives to create a research climate that promotes faithful adherence to high ethical standards in the conduct of research. (HOOP 202, Research Misconduct)
10. Auditing and risk-based monitoring of University research activities:  The University has a risk management framework including audit, assessment, control, communication, and monitoring including risk assessments to identify vulnerabilities in research projects, assess their potential impact, and develop strategies to mitigate risks effectively. (HOOP 66, Internal Audits)

B. Program Governance

The University has established a Research Security Officer (RSO) who will be responsible for ensuring that the research security program continues to meet all required federal, state, and UT System standards as described in more detail below.  The Senior Vice President for Academic and Faculty Affairs serves in this role.   

A Research Security Workgroup has been established, which may include representatives from the following areas:

1. Conflict of Interest Program
2. Information Technology Security
3. Sponsored Projects Administration
4. Legal Affairs
5. Visiting Scholar Program
6. Technology Management
7. Institutional Compliance
8. Research Compliance
9. Safety, Health, Environment and Risk Management
10. Graduate education and mentorship
11. Faculty
12. UT Police Houston

C. Responsibilities

Research Security Officer

The RSO will be responsible for:

1. Overseeing policies, procedures, and research security training programs designed to promote compliance with federal and state regulations and UT System policies pertaining to research security.
2. Providing researchers with up-to-date information on the dynamic international landscape and research security.
3. Assessing risks and taking measures to mitigate institutional vulnerabilities.

Research Security Workgroup

The Research Security Workgroup will be responsible for:

1. Providing guidance to the RSO on research security issues.
2. Continuously monitoring applicable laws, regulations, and federal funding agency research security requirements and guidance and ensuring University policies are in compliance with these requirements.
3. Evaluating the effectiveness of existing initiatives and proposing changes when necessary.
4. Providing information about research security training options for the research community.
5. Managing internal monitoring and reporting incidents to the RSO, who will report these incidents to the UT System Chief Research Security Officer (CRSO) as required.

University Faculty and Researchers

All researchers at the University are expected to adhere to research security related policies and procedures of funding agencies and the University to mitigate risks to critical research data and intellectual property.  Researchers must ensure that all information provided to the University and funding agencies is thorough and accurate.

Research Security incidents will be managed according to the relevant HOOP policy.

IV. CONTACTS

• • Office of the Senior Vice President for Academic and Faculty Affairs
  • research@uth.tmc.edu

---