The Role of Research Integrity Officers (RIOs) in Research Security

The Changing Landscape of Research Integrity

Research Integrity Officers (RIOs) today work in an evolving environment shaped by new policies on both misconduct and security. The Office of Research Integrity (ORI) recently issued a final rule updating Public Health Service Policies on Research Misconduct, aimed at addressing challenges such as managing multi-institutional cases [1].

At the same time, federal directives like National Security Presidential Memorandum 33 (NSPM-33)[2] and the CHIPS and Science Act [3] reflect a broader effort to safeguard federally funded research and strengthen U.S. competitiveness in science and technology. Together, these developments highlight the multifaceted responsibilities of RIOs, who must investigate misconduct while also navigating emerging research security requirements.

Courtney Karmelita, Chief of Staff for the Office for Research Protections and Research Integrity Officer at Penn State University, has seen this role evolve firsthand. In our interview, she emphasized that the principles of responsible conduct of research (RCR) remain the foundation.

“The way I see it, if you act with the RCR principles, you’ll avoid research security issues and you’ll avoid research misconduct,” she explained. “It is more about being proactive than reactive.”

Trust as the Foundation of Integrity and Security

A recurring theme throughout our conversation was the importance of trust. For a RIO, building trust with researchers and faculty is not optional. It is the bedrock that makes reporting possible and ensures that concerns are surfaced before they escalate into full misconduct cases.

Courtney emphasized that transparency and consistency are essential. Researchers must know what to expect when they bring forward a question or a concern. “If they’re not reporting it, it doesn’t mean it’s not happening. I would rather have the questions,” she said. This philosophy frames trust as both a process and a practice. Trust takes time to earn, but it can be quickly eroded if investigators perceive mixed signals or a lack of follow-through.

At Penn State, Courtney has invested in visibility. She gives presentations, participates in outreach events, and surveys graduate students and postdocs about their perceptions of the research culture. Each of these steps reinforces the message that the RIO office is accessible, credible, and engaged.

Communication: Turning Policy into Buy-In

Communication is not just about relaying policies. It is about turning requirements into shared commitments. Courtney underscored that faculty and students respond best when they see the RIO as more than a rule enforcer. To build credibility, she has partnered with faculty on small research projects, conducted culture surveys, and shared positive recognition when audits are successful.

Her office is also working toward new ways of making integrity visible. One example is Penn State’s plans for a Research Ethics Day, which will include awards for faculty who exemplify responsible conduct. Recently, Courtney was awarded a grant from the Office of Research Integrity (ORI) to support this initiative, underscoring its importance as a national model for recognition and education. Even simple “shout-outs” to college leadership after a clean quality assurance audit help reinforce a culture of recognition rather than fear.

Communication, in this context, is also about framing research integrity and security as supportive measures. Researchers are more likely to buy in when they see that policies are meant to protect their work, their teams, and the credibility of science as a whole.

The Data Challenge: From Terabytes to Transparency

One of the most concrete challenges RIOs face today is data management. Allegations of misconduct often require sequestration of research data, and digital storage has made this task exponentially more difficult [4].

Courtney shared a recent example. “We had a case with over 50 terabytes, and it cost hundreds of dollars a month just for us to store during the case,” she said. What was once a matter of seizing paper files or a single hard drive is now a logistical and financial challenge that requires IT support, secure infrastructure, and ongoing oversight.

Remote and hybrid work models compound the complexity. Many RIOs, including Courtney, operate outside of campus offices and rely on strong partnerships with on-site staff to manage sequestration. Multi-institutional collaborations also create questions of jurisdiction, parallel investigations, and even time zone differences that complicate case management [5].

These issues tie directly into broader research security concerns. In an era of artificial intelligence, even data thought to be de-identified may not remain anonymous. Metadata can be reassembled to trace back to individuals, raising new questions about privacy, ethics, and national security.

Collaboration Without Compromise

Collaboration is another domain where RIOs play a critical role. For researchers, successful collaboration means setting clear expectations from the start. Who qualifies for authorship? How will data be stored and shared? What happens when the project concludes and future publications arise? If unanswered, these questions can sow conflict and eventually trigger integrity concerns.

From the RIO perspective, collaboration requires a balance between openness and adherence to institutional policy. At Penn State, Courtney explained, the preferred model is parallel but separate proceedings when cases span multiple institutions. This allows information to be shared as appropriate without undermining the process or creating exceptions that could weaken standards.

“You can’t let complexities allow for exceptions that undermine the entire process,” she said. That discipline ensures consistency and fairness, even in challenging collaborative environments.

Education and Outreach as Preventive Tools

Education and outreach are preventive measures as much as they are compliance functions. Courtney has seen that the more she presents and engages, the more questions and concerns surface. Many of these concerns are not misconduct but rather issues that, if left unaddressed, could escalate.

Preventive strategies include embedding RCR principles into promotion and tenure considerations, recognizing integrity in visible ways, and creating space for faculty and students to discuss challenges. Internationally, Courtney pointed to the United Kingdom as an example, where institutions are rethinking promotion metrics to emphasize mentorship and ethical conduct rather than sheer publication counts.

Positive recognition is key. By celebrating faculty and students who demonstrate integrity, institutions communicate that compliance is not just about avoiding punishment but advancing quality research.

Institutional Support: What RIOs Need Most

RIOs cannot succeed in a vacuum. Leadership support is critical. Courtney stressed that when concerns reach senior administrators, those leaders must reinforce the process rather than undermine it. “Let the process play out,” she noted. Allegations should not be dismissed or redirected based on pressure or complaints.

Institutional support also means providing resources. Staff assistance, IT infrastructure for data sequestration, and clear processes for professional misconduct are all essential. Courtney estimated that as much as 60 percent of the concerns she receives fall outside of research misconduct and into the category of professional misconduct. Without strong parallel processes, RIOs risk being overburdened with cases that do not belong in their scope.

The Future Outlook: AI, Bias, and Multidisciplinary Teams

Looking ahead, Courtney identified artificial intelligence and large data as major challenges. AI introduces both opportunities and risks. While it can help researchers refine ideas and structure projects, it cannot replace human responsibility. “Just like a calculator or a word processor, you are still responsible for verifying the work and ensuring it reflects your own understanding,” she said.

Bias in AI models is another concern. Publicly available data often reflects existing inequities, which can then be reproduced in AI-generated outputs. Without careful oversight, these biases may be amplified rather than corrected.

At the same time, multidisciplinary research is expanding. While collaboration across disciplines is essential, it also makes verification more difficult. Authors cannot reasonably speak to every aspect of a highly complex project, which complicates both accountability and committee reviews. RIOs will need to adapt by building committees with broad expertise and by encouraging researchers to maintain clear records of their contributions.

Key Takeaways

Courtney’s perspective highlights the evolving responsibilities of RIOs as research security becomes more prominent. A few core lessons stand out:

• RCR principles remain the foundation: following them helps prevent both misconduct and security breaches.
• Trust and communication are critical: transparency, credibility, and recognition encourage reporting and accountability.
• Data and AI amplify oversight needs: sequestration costs, de-identification limits, and algorithmic bias all complicate the landscape.
• Institutional support makes or breaks success: leadership backing, staff and IT resources, and separate processes for professional misconduct are essential.

In a world where research is increasingly digital, global, and interdisciplinary, RIOs serve as guardians of integrity and partners in research security. Their work ensures that science remains credible, collaborative, and resilient despite emerging challenges.

References

1. Office of Research Integrity (ORI). 2024. “Final Rule: Public Health Service Policies on Research Misconduct.” Federal Register, September 17.
2. The White House. 2021. “National Security Presidential Memorandum – 33.” Accessed September 29, 2025.
3. CHIPS Act of 2022, Public Law No. 117-167 (2022).
4. National Institutes of Health (NIH). 2025. “Data Management and Sharing Policy.” Accessed September 25, 2025.
5. U.S. Department of Health and Human Services, Office of Research Integrity (ORI). 2025. “Sample Policies and Procedures for Addressing Allegations of Research Misconduct.” Accessed September 25, 2025.