Research Security

Research Security – what PIs need to know and why

According to the National Science Foundation’s Office of the Chief of Research Security Strategy and Policy, “Organizations receiving federal funding should demonstrate robust leadership and oversight; establish and administer policies to promote transparency and guard against conflicts of interest and commitment; provide training and information on research security; ensure effective mechanisms for compliance with organizational policies; and implement processes to assess and manage potential risks associated with collaborations and data.”

This site is intended to help PIs learn about research security, why it is important to them and to LMU, and what they need to do. There are four major areas of research security that PIs should know about – foreign collaboration, malign foreign talent recruitment programs, export controls, and data security.

Foreign Collaboration/Influence/Partnerships

• LMU values and supports international activities, including in research and sponsored projects. We are also committed to being responsible stewards of external funding and to complying with regulations concerning sponsored projects. This website demonstrates our efforts to fulfill our obligations to federal funders and to educate PIs about changing regulations.
• This brief (3 minute) video from the UC system has a helpful summary for faculty.
• All of these federal agencies and regulations have information and requirements about foreign collaborations: CHIPS and Science Act, National Security Presidential Memo-33, Director of National Intelligence, NSF’s research security page, National Defense Authorization Act 2019, National Defense Authorization Act 2021
• In addition, NASA has long had restrictions on engagement with the People’s Republic of China and has additional requirements.
• If I’m a PI, what do I need to do? Completely and accurately disclose all funded and non-funded international collaborations when required in grant applications and annual reports. Consult ORSP whenever you have questions.

Malign Foreign Talent Recruitment Program (MFTRP)

• What is it? NSPM-33 briefly defines a MFTRP as “an effort organized, managed, or funded by a foreign government, or a foreign government instrumentality or entity, to recruit science and technology professionals or students. The CHIPS & Science Act contains a fuller explanation that may be found here. These regulations prohibit federal agencies from funding PIs and senior/key personnel who participate in MFTRPs.
• This short (3 minute) video from the UC system has a helpful summary for faculty.
• Beginning in May 2024, senior personnel applying for and receiving funding from the National Science Foundation will need to certify that they do not participate in MFTRPs. Other agencies will begin having similar requirements.
• If I’m a PI, what do I need to do? Consult ORSP if you are approached by any program in another country but especially in a country of concern (China, Iran, Russia, N. Korea). And disclose any and all international collaborations as required in federal grant applications.

Export Controls

• What is it? Export controls are a range of federal laws restricting the transfer of goods and technology to and the performance of services for persons and entities outside the United States and foreign nationals within the United States. These laws are currently implemented through three federal departments – Commerce, State, and Treasury.
• Export controls may apply to all interactions with foreign persons and entities, not just to sponsored projects.
• Learn more at the S. Department of State’s site.
• If I’m a PI, what do I need to do? Because of the complexity of export controls, ORSP and other LMU offices will work with PIs to determine what regulations may apply to their activities and what actions should be taken. Contact ORSP about the screening process and consult Global-Local Affairs and OISS where appropriate.

Data Security

• What is it? NIST defines data security as “the process of maintaining the confidentiality, integrity, and availability of an organization’s data in a manner consistent with the organization’s risk strategy.” Data security is an important element of research security for all research, whether externally sponsored or not.
• This brief (3 minute) video from the UC system has a helpful summary for faculty.
• If I’m a PI, what do I need to do? Be sure to use the resources from ITS, including those found on their information security ITS also has helpful guidance on traveling with technology anywhere beyond campus.

Also note that if you have National Science Foundation funding, beginning in 2025 you will be required to take training in research security either on NSF’s research security site or elsewhere. The videos on NSF’s site are a great resource for anyone, and we encourage you to watch them. The four modules cover what research security is, what needs to be disclosed and why, how to manage and mitigate risk, and international collaboration.

Questions? Contact orsp@lmu.edu