Protection of Intellectual Property, Prepublication Data, and Information

As described in the University IP Policy, the University requires everyone who has technical responsibilities to the University or who participates in an internally or externally sponsored research program at the University to execute an Intellectual Property Agreement (IPA).

Intellectual property (IP) subject to University ownership should be disclosed to UR Ventures before any other disclosure, presentation, display, performance, or publication of the work to any sizable audience. Researchers should notify UR Ventures early in the process when their research may lead to potential new inventions. Once disclosed, such information is held on a confidential basis by UR Ventures. Researchers should also disclose IP as required by applicable research sponsors.

Please review the University IP Policy for specific issues relating to IP ownership and protection. Please also review the Guidance for University of Rochester Research Community on Significant Use of University Resources and Intellectual Property Ownership for more specific information regarding the University’s ownership of IP arising out of the use of significant University resources.

It’s also important to ensure that visiting collaborators and researchers understand the University’s IP Policy and limitations on their use of University owned resources and intellectual property after they have returned to their home institutions. Departments should ensure that visiting faculty and researchers undertaking significant research activities receive a formal appointment and sign a Visiting Scientist Agreement.

Federal agency concerns go beyond the loss of inventions that receive formal intellectual property protection. Just as important may be the loss or transfer of research pre-publication data or other pre-publication information to certain foreign entities prior to open publication.

As a general rule, federal awarding agencies do not require researchers to disclose pre-publication data to the awarding agency or publicly disseminate research pre-publication data. Most federal awards do not obligate the University or researchers to follow specific requirements if they choose to share pre-publication data, whether the sharing occurs internally or externally.

However, some awards may include specific restrictions on the sharing of data, and the University and researchers must adhere to the restrictions in those awards. Researchers are generally obligated by award agencies to publicly share research data resulting from an award that is of sufficient quality to validate and replicate research findings, though these data sharing requirements vary by funding agency.

Moderate risk data

The University has determined under its Research Data Security Classifications that preliminary or unpublished research data generally constitutes “Moderate risk data” and appropriate safeguards should be in place when researchers share such data outside of the University. Risks associated with sharing the data will vary depending on the nature of the work. As stewards of the data, researchers should assess the risks of sharing their unpublished research data prior to publication. Those risks include the potential for lost credit for the research data and subsequent publications, and lost opportunity to pursue intellectual property protection. Researchers should never disclose pre-publication data other pre-publication information to foreign entities as part of participation in a malign foreign talent recruitment program.

High risk data

Research data can also be categorized as “High risk data” where heightened data sharing restrictions apply. High risk data includes data that the University receives that are contractually restricted, are subject to confidentiality restrictions, or are regulated by export control laws. Generally, such data may not be shared outside the University. ORPA and UR Ventures can assist researchers to determine whether their information or data can be freely shared or should be shared under a Non-Disclosure Agreement, Data Use Agreement, or Material Transfer Agreement.

international visitors

Researchers should be mindful of the risk that international visitors pose to the security of unpublished research data. Subject to any applicable award requirements, compliance with export control laws, or specific conditions outlined by the University, researchers are free to involve international visiting researchers in their projects and are free to share pre-publication data and information that are relevant to the visitor’s activities. However, this sharing raises the risk that an international visitor may inappropriately transfer pre-publication data or confidential data or information to a foreign entity without appropriate approval. Researchers should consider such risks when assessing their collaborations and information sharing with international visiting researchers.

As described above, researchers may be participating in a research project where the applicable awarding agency has placed specific controls on the dissemination of information, such as where a federal award agency specifies that certain information is “Controlled Unclassified Information” (CUI). In those cases, the University and researchers are obligated to abide by the strict requirements to safeguard and avoid disclosure of the relevant controlled information.

Researchers should follow the guidance provided in the University’s Research Data Security Classifications, which classifies research data by risk categories and provides best practices in storing, sharing, and managing research data.

Researchers may become a target of cyber criminals who seek to gain access to valuable data or steal intellectual property. Cyber theft can arise when a third party obtains direct access to a researcher’s accounts or devices (even personal devices) and can arise when third party gains access to a researcher’s accounts that enables further access into the University’s systems.

Researchers should review and consider implementing the Top 10 Security Tips provided by University IT and should review the resources provided by University Information Security.

Researchers can contact University IT for assistance with information security issues. If you have concerns or have reason to believe that there has been a theft of University intellectual property, please contact the University’s Office of Counsel and report the incident through abuse@rochester.edu.