SBU Research Community

SBU research community must minimize risk to themselves and the institution by ensuring they understand their role and responsibilities in research security:

• Understand and comply with relevant research security and export control regulations, policies and procedures.
• Protect sensitive research data from unauthorized disclosure.
• Properly classify research data to appropriate sensitivity levels.
• Utilize appropriate data storage and access controls.
• Implement appropriate safeguards.
• Report potential vulnerabilities.
• Submit full, accurate and timely disclosures of outside professional activities.
• Remain vigilant about malign foreign influence.
• Recognize and report suspicious activities and behaviors.
• Practice safe online behaviors.
• Complete required training and maintain appropriate records.
• Communicate with the ORS when you have questions. When in doubt, err on the side of caution and ask.

  ---

What is Research Security? 

There are four main areas of importance related to research security.   Each area is briefly discussed below - review the information on each area's website for assistance with risks, guidance, and best practices. 

University and Sponsor Disclosure Requirements

• Disclosure of external relationship, both domestic and international. These relationships must be transparent and disclosed in accordance with applicable federal sponsor agency guidance/policies and SBU policy/procedures.

The University and Sponsor Disclosure Requirements webpage includes information on SBU's disclosure requirements and processes,  sponsor disclosure requirements (what needs to be in a biosketch, current & pending, and other support documents, receipt of gifts, and sponsor requirements for organizational conflict of interest. 

Research Data Protection and Security  

• Protection of intellectual property, research data, and materials, i.e., cybersecurity, physical security, review of international relationships and higher risk activities, use of appropriate agreements (e.g., material transfer, confidentiality, collaboration, data-use, visitor scientists).    

The Research Data Protection and Security  webpage includes information on security (based on the type and source of data), management, protection (rights in data), U.S. government prohibitions on IT related equipment 

International Engagements 

• Identification and mitigation of potential undue foreign influence  when engaging in international research activities.  

The International Engagements webpage includes information on what the U.S. government considers high-risk activities (Restricted Parties, Countries of Concern, Foreign Talent Recruitment Programs, Emerging & Critical Technologies) when engaging with international colleagues, partners, collaborators, sponsors, etc.

Export Control Regulations & Sanctions/Embargoes

• Compliance with export controls and sanctions/embargoes regulations. 

The Export Control Regulations webpage includes information about  disclosure, shipment, use, transfer, or transmission of any export controlled item, commodity, material, technical information, technology, software, or encrypted software for the benefit of a foreign person or foreign entity anywhere (including the transfer of controlled information within the U.S. “deemed export”) and transaction and the provision of services involving prohibited countries, persons or entities based on trade sanctions.

---

Research Security Training 

Research security training is required for:

• All faculty involved in externally and internally funded research activities, and
• Any non-faculty that meet the definition of “covered individual” (42 USC § 19237(1)).

Research security training is highly recommended for:

• All faculty, staff, students, and others that are involved in any international engagements.

More information is available on the Research Security Training Website

---