Research Security FAQs

What is the purpose of the University of Iowa’s Research Security Program?

The program aims to safeguard research data, intellectual property, and critical technologies while promoting principled collaboration and compliance with federal and institutional policies.

Who is subject to the Research Security Program?

All UI-affiliated individuals involved in research, including faculty, staff, students, postdocs, visitors, and collaborators.

What are the core components of the Research Security Program?
  • Research Security Training
  • International Travel Security
  • Export Controls
  • Cybersecurity
What is the role of the Research Security Officer (RSO)?

The RSO manages the Research Security Program, conducts risk assessments, oversees training, and handles reported concerns.

What happens if someone violates the Research Security Program?

Consequences of violating research security program standards may result in the loss of valuable intellectual property and/or critical technology.  Violations may result in institutional disciplinary actions and could be reported to federal funding agencies, potentially leading to suspension or termination of federal funding.

Foreign Talent Recruitment Programs (FTRPs)

What is a Foreign Talent Recruitment Program (FTRP)?

Any program offering incentives from a foreign entity to individuals for research-related activities, including cash, travel, or career advancement.

What is a Malign Foreign Talent Recruitment Program (MFTRP)?

A program that involves unethical or illegal activities such as sharing proprietary information, violating U.S. funding rules, or concealing foreign affiliations.

Can UI researchers participate in FTRPs?

Yes, but only if the program is legitimate and does not meet the criteria of an MFTRP.  Participation must be transparent and disclosed.

What are researchers required to do before joining an FTRP?

Conduct due diligence, assess risk, and consult with relevant UI offices.  Disclosure of participation in a FTRP is mandatory.

What are the consequences of participating in an MFTRP?

Participating in a MFTRP is strictly prohibited under UI policies and may result in disciplinary action, including termination.

Visitors Engaged in Research

Who qualifies as a “visitor” under UI policy?

Anyone not employed by the UI, including visiting scholars, students, faculty, and professional colleagues, whether domestic or foreign.

What is an “international visitor”?

A visitor holding a non-immigrant visa (e.g., H1B, J1, F1) who is not a permanent resident employed by the UI.

When is a visitor considered “engaged in research”?

When they contribute meaningfully to the development or execution of a research project and spend 30+ days engaged in the research project.

What forms must be completed for visitors engaged in research?
  • HR Complimentary Appointment Workflow form
  • Campus Visitor Engaged in Research (CVER) Workflow form
What information is required in the CVER form?

Visitors identify, visa status, visit purpose, funding source, research involvement, visit duration, office/lab location on UI campus, hosting UI department or lab, and data protection measures.

Training and Compliance

What training is required for covered individuals?

Training on research security, ethical conduct, export controls, cybersecurity, and other research compliance areas.

Who provides the required training?

The University of Iowa Research Integrity and Security Office (RISO) coordinates training in line with federal and institutional requirements.

Is international travel for research subject to special protocols?

Yes.  Pre-travel briefings are required annually, and post-travel briefings may be mandated by the RSO or sponsor.

What are the responsibilities regarding export controls?

Researchers must comply with all export control laws and complete relevant training through the UI Division of Sponsored Programs.

How should concerns about research security be reported?

Concerns should be reported to the RSO, who may escalate them to the Vice President for Research or other appropriate UI leadership.

How do I enroll in the required CITI course, Research Security Training (Combined)?
  1. On the CITI home page (https://about.citiprogram.org/), click the “Login” button on in the top right hand corned of the page.
  2. Click the link: “Log in through my organization”.
  3. Click the link: “See our full list of SSO-enabled organizations”
  4. Click on the link for the “University of Iowa”
  5. Enter in your Hawk ID and password, then click “Login”.
  6. Scroll to the bottom of the landing page and click “Add a course”
  7. Check the box for “I am required to complete Research Security Training (Combined) training, then click “Next”
  8. Check the box “yes” to the question, “Would you like to take the combined Research Security Training”, then Click ”Next”
  9. Choose the “Research Security Training (Combined” course by clicking “Start Now”

International Travel and Research Security

What is the purpose of the Research Security Pre-Travel Briefing?

The briefing educates UI researchers on how to protect research data, intellectual property, and/or critical technology in order to comply with federal and institutional policies while traveling internationally.  It is a required component of the international travel approval process.

What are some cybersecurity best practices for international travel?
  • Use a “loaner” laptop that contains only minimally approved UI software/hardware and essential fundamental research data.
  • Change UI passwords before leaving and upon return.
  • Update all devices with the latest security patches.
  • Avoid public Wi-Fi and disconnect from the internet when not in use.
  • Assume devices may be monitored or compromised.
  • Perform malware scans upon return.
What should I consider when meeting with international collaborators?

You must ensure that your collaborators are not on restricted party lists.  The UI Export Control Office can assist with screenings and help determine if conversations or shared materials are subject to export control laws.

What documentation should I carry when traveling with research materials?

Carry institutional “hand carry” letters, export licenses (if applicable), and any documentation required by U.S. or host country laws.  Even temporary exports (e.g., laptops) may require documentation.

What should I do upon returning from international research travel?
  • Conduct malware scans on all electronic devices.
  • Change all passwords.
  • Review and report any suspicious incidents.
  • Ensure compliance with U.S. import laws for any items brought back.
  • Contact the Research Security Office if you encountered any issues.

Contacts

Mike Andrews

Mike Andrews

Title/Position
Director of Research Integrity and Security
Research Security Officer
Research Integrity Officer
photo of Shelly Campo

Shelly Campo, PhD

Title/Position
Assistant Research Integrity Officer (ARIO) and Graduate College Associate Dean for Administrative Affairs
Kevin Zihlman portrait

Kevin Zihlman

Title/Position
Research Integrity and Security Specialist

Allegations of research misconduct are serious in nature and confidentiality for all parties involved must be and will be maintained.

Reports can be made to the individuals listed above, the Vice President for Research, or the Provost.