Skip to main content

University Policies

University Policies

407 MTSU Research Security

Effective Date: December 13, 2024
Responsible Division: Academic Affairs
Responsible Office:  Vice Provost for Research
Responsible Officer:  Vice Provost for Research

I. Purpose

To safeguard academic research from foreign adversaries by promoting a security culture that furthers national security interests and mitigates threats to the integrity and conduct of Middle Tennessee State University’s (MTSU or University) research against foreign influence. 

II. Policy Development and Maintenance

This policy was drafted by the Office of Research and Sponsored Programs (ORSP) and shall be reviewed by the Research Compliance Officers in consultation with the Director of the Office of Research and Sponsored Programs and MTSU Chief Security Information Officer every three years. Revisions shall be forwarded to the Vice Provost for Research and Dean of the Graduate College for further review.

III. Definitions

Issue – suspected violation of data protection policies, processes, or procedures

Incident – confirmed violation of data protection policies, processes, or procedures

IV. Requirement

All research at MTSU must comply with applicable federal and state legal, regulatory, and contractual standards and requirements for securing and protecting the University’s academic research enterprise, including, as applicable, any research involving the institution, its campuses, and its applicable internal components.

V. Implementation

The ORSP will promote the University’s research security policy consistent with federal regulations to ensure that the institution maintains eligibility for federal funding, including, as applicable, federal risk mitigation requirements pertaining to standardized disclosures, cybersecurity, foreign travel security, insider threats, and export controls.

The ORSP website will include a section for research security. This website will host the contact information for research compliance, MTSU Information Security and MTSU Chief Information Security Officer (CISO), links to the export control policy, and details on how to report security issues or noncompliance to the Research Compliance Team. The website will be updated with applicable communications regarding state and federal research security matters concerning MTSU’s academic research enterprise, including, as applicable, any research involving the University, its campuses, institutes, and its applicable internal components.

Any issues related to research security reported to the Research Compliance Team will immediately be reported to the CISO for review. If, upon review of the reported issue, the CISO determines an incident has occurred, the CISO will follow the MTSU Cyber Incident Response Plan (CIRP). If no incident has occurred the CISO and Research Compliance Team may choose to appoint an investigative committee comprised of three (3) faculty and/or staff from outside the department of the reported issue and the Research Compliance Team to investigate and propose preventative processes to address the future occurrence of the issue.

VI. Applicable University Policies

Affected employees and students must be familiar with the following policies and comply with all requirements specified in these policies.

910 Information Technology Resources

920 Information Security

80 Export Control

Export Compliance Guidelines

Forms:  none

Revisions: none.

Last Reviewed: December 13, 2024.

References: T.C.A. § 49-7-188; MTSU Policies 80 Export Control; 910 Information Technology Resources; 920 Information Security; and Export Compliance Guidelines.