Research Security

 

What is Research Security?

Research security is a broad term that refers to national security concerns surrounding research involving certain types of sensitive information, intellectual property, export-controlled information and other risks, such as Foreign Influence. Recently, the Office of Science and Technology Policy (OSTP) released guidelines for Research Security Programs at Covered Institutions.  Simply stated, a “Covered Institution” is an institution of higher education, a federally funded research and development center (FFRDC), or a nonprofit research institution that receives in excess of $50 million per year in Federal R&D obligations.  Because Oklahoma State University surpasses this level of Federal R&D funding we are required to comply with these new regulations.

 

As pointed out by OSTP, the overarching purpose of the federal research security efforts “is to make sure that institution of higher education (IHE) and other research institutions recognize the altered global landscape and fulfill their responsibilities as the first line of defense against improper or illicit activity.”  Moreover, OSTP points out that “actions that researchers were encouraged to take a decade ago, including collaborations with the People’s Republic of China (PRC) are now recognized as presenting risks.”

 

Research security has emerged as a top priority for US institutions receiving sponsored project funds from federal sponsors. The NSPM-33 Implementation Guidance, released in January 2022, requires any institution receiving over $50 million in federal research funding to establish a Research Security Program touching on four main areas of focus: research security training, cybersecurity, foreign travel security and export control training. In response to this guidance, the Division of the Vice President for Research, in collaboration with several other campus units, including the Office of Information Technology Services, has established this page as a starting point in the development of our own Research Security Program.

 

Why is Research Security Important?

Due to our land grant mission, Oklahoma State University supports, and encourages, Open scientific and scholarly collaborations between scholars for all over the world as such collaboration is one of the cornerstones of innovation, technological advancement and creation of knowledge. While the vast majority of international affiliations do not present a security risk, the Federal government has increased its attention on research in foreign countries or/and with foreign entities. There have been cases at some universities in the United States where researchers have violated laws and policies aimed at preventing lapses in research security. Thus, it is critical for all faculty, staff, and students conducting scholarly activities to understand the changing global landscape and their role in defending against improper or illicit activities.

 

With the implementation of National Security Memorandum 33 (NSPM-33) and the Chips and Science Act, the Federal Government has placed considerable emphasis on protecting the security of U.S. research through the disclosure of Conflicts of Interest and Conflicts of Commitment, including relationships, collaborations, or affiliations with foreign entities and research support provided by those entities. Due to the increased scrutiny the Federal government is placing on Conflict of Interest and Conflict of Commitment, NSPM-33 requires the use of  Digital Persistent Identifiers and more detailed disclosure information.

---

What Has OSU Done to Comply with These New Regulations?

In fulfillment of the research security measures incorporated in the CHIPS and Science Act, the Division of the Vice President for Research conducted a review of campus practices and policies pertaining to foreign talent recruitment programs. As part of this review, policies have been updated to incorporate a prohibition from Oklahoma State University affiliated individuals from participating in a malign foreign talent recruitment program (MFTRP). A MFTRP is broadly defined as a foreign program, position or activity that includes compensation (defined broadly to include compensation, honorific titles, research funding, etc.) in return for certain actions (e.g. unauthorized transfer of intellectual property, recruitment of other to the programs, establishing a laboratory or a company in the foreign country, etc.) sponsored by or based in a country of concern.

 

In response to the new federal mandates surrounding Research Security, Oklahoma State University acquired the services of an outside entity to evaluate our current Research Security program and assist us in developing a road map to maturing our Research Security Program.  Based on this road map we:

• Constituted a Research Security Working group to evaluate and update policies and procedures related to the new regulations regarding Research Security. The Research Security Working Group has representation from the Office of the Vice President for Research, Provost Office, Academic Affairs, Graduate College, Human Resources, Office of Legal Counsel, OSU Police Department, Faculty Council, IT Security, GCFA, Library, International/Global Studies, College of Engineering, Architecture, and Technology, Division of Agriculture and Natural Resources, and The Innovation Foundation. This group will also bring in other relevant parties on campus to discuss Policies and Procedures, when relevant,
• Established the Research Security Office under the direction of the Assistant Vice President for Research Security.
• Hired an Assistant Vice President for Research Security. This individual will Chair the Research Security Working Group. Moreover, this individual’s primary responsibility is Regulatory Trade Compliance (Export Controls) for the OSU Stillwater campus.
• Requiring the use of ORCID as a Digital Persistent Identifier at the time of proposal submission to any external entity.
• Have updated questions asked on the Financial Conflict of Interest for Sponsored Programs Disclosure form; have centralized these disclosures under the Office of University Research Compliance; and have transitioned the Financial Conflict of Interest for Sponsored Program questionnaire to an electronic platform for great ease of use, updating and correcting this information.

---

Research Security Program at Oklahoma State University

By federal mandate through NSPM-33 and the Chips and Science Act, all universities receiving $50,000,000 or more in federal R&D funding must establish a research security program covering the following components: 

 

• Foreign Travel Security

• Cybersecurity

• Research Security Training

• Export Control Training

The Research Security Program defines Countries of Concern as:

Burma

China

Cuba

Eritrea

Iran

North Korea

Pakistan

Russia

Saudi Arabia

Tajikistan

Turkmenistan

 

The CHIPS and Science Act (2022) defined Countries of Concern⁽¹⁾ as China, Iran, North Korea and Russia. The Secretary of Commerce can determine if additional countries fit into that definition. As noted in CHIPS, entities owned, controlled, or subject to the jurisdiction of a Country of Concern may also be subject to restriction.

 

For Research Security reviews, Countries of Concern also include the Countries of Particular Concerns, as designated by the Secretary of State. In addition to the above countries, those countries include: Burma, People’s Republic of China, Cuba, Eritrea, Iran, the Democratic People’s Republic of Korea, Nicaragua, Pakistan, Russia, Saudi Arabia, Tajikistan, and Turkmenistan.

 

Designation as a Country of Concern assists the Research Security Program when reviewing requests for collaborations with individuals, visiting scholars, and/or prospective students from such countries. This designation is used by federal agencies and the Research Security Program as a risk indicator.

 

1. Source: 42 USC § 19221(a)(1)