← Back to home
RefWorks / Enterprise research platform

Designing for verifiable research integrity

Expert users weren’t resisting change. They were protecting years of citation data they were accountable for across institutional research workflows.

Core shift

From platform trust to independent verification

The challenge was not simply migrating references into a newer platform. Librarians and research specialists needed enough visibility, traceability, and control to independently verify system behavior before trusting outcomes tied to published research and institutional credibility.

Project Brief
Platform RefWorks / Clarivate enterprise research platform
Role Senior UX Designer — UX strategy + research
Users Librarians, research administrators, systematic review specialists
Stakes Published research validity · Institutional credibility
System focus Research integrity · Migration · Deduplication · Verification workflows
Core shift System promise → user-controlled proof

Expert users were accountable for research integrity, not just task completion

Users were not resisting change. They were protecting credibility.

RefWorks is a reference management platform used by academic institutions, librarians, research administrators, and systematic review specialists managing years of citation data.

For casual users, moving to a newer platform was mostly an adoption problem. For power users, it was an accountability problem. They were responsible for data quality across research workflows where missing, duplicated, or altered references could undermine confidence in the work.

The adoption problem

The adoption challenge was concentrated among the users with the most accountability. Casual users moved quickly. The users who controlled institutional purchasing decisions did not, because they could not independently verify what would happen to their data.

My role

I led UX strategy and research for migration and data-integrity workflows, translating expert trust failures into system requirements with product and engineering.

  • Reframed migration as verification infrastructure
  • Mapped systematic review and deduplication workflows
  • Defined checkpoint-based verification patterns
  • Shaped UX requirements under technical constraints
  • Supported WCAG AA delivery practices
Journey map showing an information specialist conducting a systematic review with steps for searching, exporting, importing, deduplicating, and handing off references
Systematic review workflow. Reference data moves through search, export, import, deduplication, and handoff. The product had to support accountability across the workflow, not just usability within individual screens.

The platform could claim integrity, but users could not independently verify it

Small inconsistencies became system-level trust failures

Librarians, research administrators, and systematic review specialists were accountable for data integrity. A duplicate reference, corrupted citation, or incorrect folder count could undermine published research or institutional credibility.

Legacy RefWorks was slow, but trusted. Users could see enough of the process to validate their work. The new platform was faster and more modern, but it removed visible checkpoints power users relied on to do their jobs confidently.

Shared folder counts sometimes differed between legacy and the new platform. Deduplication could return different results for the same dataset because the underlying algorithm differed from legacy, despite being assumed equivalent.

Observed behavior

"Users manually tracked reference counts on paper before migration — a workaround to account for data the system could not guarantee."

“Keep the data clean.”

Early research participant
Cake showing the legacy RefWorks interface with a tombstone illustration
Legacy RefWorks carried years of operational trust. Users were not resisting change. They were protecting a system whose quirks, risks, and workarounds they understood.

This was not a migration problem. It was a research integrity problem.

A typical migration redesign would focus on reducing friction through automation, progress indicators, or completion messaging. Those approaches describe what happened, but they do not allow expert users to independently verify whether the system behaved correctly.

The deeper issue extended beyond migration itself. Across migration, deduplication, reconciliation, and ongoing reference management, users needed enough evidence to apply expert judgment to the system’s behavior.

Trust could not come from simplification alone. It had to come from inspectability.

Core systems reframing

Design the platform as verification infrastructure, not invisible automation

Problem Users could detect discrepancies, but the system did not expose enough evidence to explain or validate them independently.

Decision Reframe migration, deduplication, and reconciliation as workflows supporting verifiable research integrity.

Tradeoff The interface needed to preserve complexity, checkpoints, and manual review instead of hiding them behind automation.

Impact Trust shifted from platform assurances to user-controlled verification.

Verifiable research integrity model. Trust depended on multiple visible signals: counts, deduplication behavior, migration visibility, and expert judgment.

Verification required exposing evidence at every critical decision point

Once the work was reframed around research integrity, each system decision needed to support independent verification. The platform could no longer optimize purely for speed or simplicity. It needed to expose enough evidence for expert users to evaluate, reconcile, and trust outcomes before committing changes to their data.

Users needed proof

Expose evidence

Replace completion messaging with visible signals users could inspect.

Users needed accountability

Preserve checkpoints

Make critical states visible so users could trace what changed.

Users needed judgment

Support manual review

Avoid hidden automation where expert interpretation still mattered.

Users needed confidence

Delay commitment

Keep irreversible actions downstream of verification, not before it.

Decision 1

Make migration inspectable before commitment, not just visible during execution

Problem Migration ran in the background, leaving users unable to verify outcomes before committing data to the new system.

Decision Shift migration toward a pre-commit inspection model.

Tradeoff The flow became slower and more complex than one-click migration.

Impact Migration became a controlled decision instead of a blind action.

Decision 2

Use checkpoint-based verification instead of full dataset comparison

Problem Users needed confidence that migrated data matched the source system, but full record-by-record comparison was not feasible within product and technical constraints.

Decision Define visible verification checkpoints at the moments users needed to account for data.

Tradeoff Users could not inspect every record simultaneously.

Impact Verification became feasible while preserving the trust signal users needed.

Decision 3

Support external reconciliation when system guarantees were insufficient

Problem Users needed to account for every reference, but the platform could not guarantee every comparison users wanted inside the interface.

Decision Support exportable datasets so users could reconcile legacy and new data externally.

Tradeoff Verification relied partially on external tools and manual effort.

Impact Users gained a fallback mechanism to validate outcomes when the system could not guarantee completeness.

Decision 4

Optimize deduplication for assisted judgment, not automated cleanup

Problem Automation could hide differences that mattered to expert users, including author ambiguity, source credibility, and metadata completeness.

Decision Prioritize visible comparison and manual review over speed of resolution.

Tradeoff Users spent more time reviewing duplicate candidates manually.

Impact Experts could apply domain judgment while maintaining confidence in the system.

Journey map showing the duplicate reference workflow, including organizing references, searching duplicates, evaluating results, resolving duplicates, and resolving broken citations
Deduplication journey map. Users were not trying to remove duplicates as quickly as possible. They needed to evaluate differences, protect reference counts, and preserve research credibility.
RefWorks deduplication interface showing exact matches, reference counts, selected duplicate references, and metadata columns
Deduplication comparison interface. The interface exposed counts, metadata differences, duplicate states, and folder context so users could independently evaluate ambiguous references instead of relying on hidden automation to resolve them.

Trust was constructed before commitment, not claimed after completion

Migration verification flow Diagram showing migration moving from legacy export to preview, checkpoint review, external reconciliation, and commit. Legacy data Preview Checkpoint Reconcile Commit Source of truth Inspect changes Verify counts Resolve gaps User decides Trust is constructed before commitment, not claimed after completion
Staged migration verification flow. The flow makes migration inspectable, reviewable, and user-controlled before final commitment.

Confidence became operationally scalable through verification

Verification reduced resistance among high-accountability users

Institutional users moved once they could independently verify outcomes before committing data to the new platform.

Legacy infrastructure could be responsibly retired

The organization could sunset a long-trusted legacy platform only after users had enough evidence to trust the replacement system operationally.

Verification patterns extended beyond migration

The same principles shaped deduplication, reconciliation, and integrity-sensitive workflows where expert judgment remained essential.

The important behavior change was not adoption alone. Users proceeded when the system gave them enough evidence to account for their data and enough control to decide when an outcome was safe. Verification turned trust from a promise into an operational condition.

Trust improved when users could inspect the system, not when the interface hid complexity

What changed in my thinking

I initially approached the problem through the lens of adoption and usability. The work revealed that the deeper issue was accountability. Expert users were willing to tolerate additional complexity when it helped them independently verify outcomes they were responsible for.

That shifted how I think about trust in high-stakes systems. Simplification alone does not create confidence. In environments where users are accountable for operational or institutional outcomes, systems need to expose enough evidence for experts to evaluate behavior on their own terms.

Decision-level lesson: In high-accountability systems, trust is not created by reducing visible complexity. It is created by exposing the right signals, checkpoints, and evidence at the moments users need to independently verify the system’s behavior.