Designing for verifiable research integrity
Expert users weren’t resisting change. They were protecting years of citation data they were accountable for across institutional research workflows.
Core shift
From platform trust to independent verification
The challenge was not simply migrating references into a newer platform. Librarians and research specialists needed enough visibility, traceability, and control to independently verify system behavior before trusting outcomes tied to published research and institutional credibility.
Expert users were accountable for research integrity, not just task completion
Users were not resisting change. They were protecting credibility.
RefWorks is a reference management platform used by academic institutions, librarians, research administrators, and systematic review specialists managing years of citation data.
For casual users, moving to a newer platform was mostly an adoption problem. For power users, it was an accountability problem. They were responsible for data quality across research workflows where missing, duplicated, or altered references could undermine confidence in the work.
The adoption challenge was concentrated among the users with the most accountability. Casual users moved quickly. The users who controlled institutional purchasing decisions did not, because they could not independently verify what would happen to their data.
I led UX strategy and research for migration and data-integrity workflows, translating expert trust failures into system requirements with product and engineering.
- Reframed migration as verification infrastructure
- Mapped systematic review and deduplication workflows
- Defined checkpoint-based verification patterns
- Shaped UX requirements under technical constraints
- Supported WCAG AA delivery practices
The platform could claim integrity, but users could not independently verify it
Small inconsistencies became system-level trust failures
Librarians, research administrators, and systematic review specialists were accountable for data integrity. A duplicate reference, corrupted citation, or incorrect folder count could undermine published research or institutional credibility.
Legacy RefWorks was slow, but trusted. Users could see enough of the process to validate their work. The new platform was faster and more modern, but it removed visible checkpoints power users relied on to do their jobs confidently.
Shared folder counts sometimes differed between legacy and the new platform. Deduplication could return different results for the same dataset because the underlying algorithm differed from legacy, despite being assumed equivalent.
"Users manually tracked reference counts on paper before migration — a workaround to account for data the system could not guarantee."
“Keep the data clean.”
Early research participant
This was not a migration problem. It was a research integrity problem.
A typical migration redesign would focus on reducing friction through automation, progress indicators, or completion messaging. Those approaches describe what happened, but they do not allow expert users to independently verify whether the system behaved correctly.
The deeper issue extended beyond migration itself. Across migration, deduplication, reconciliation, and ongoing reference management, users needed enough evidence to apply expert judgment to the system’s behavior.
Trust could not come from simplification alone. It had to come from inspectability.
Design the platform as verification infrastructure, not invisible automation
Problem Users could detect discrepancies, but the system did not expose enough evidence to explain or validate them independently.
Decision Reframe migration, deduplication, and reconciliation as workflows supporting verifiable research integrity.
Tradeoff The interface needed to preserve complexity, checkpoints, and manual review instead of hiding them behind automation.
Impact Trust shifted from platform assurances to user-controlled verification.
Reference counts
Can users account for every item?
research integrity
Deduplication logic
Can users explain differences?
Migration visibility
Can users inspect before committing?
Expert judgment
Can users make the final call?
Verification required exposing evidence at every critical decision point
Once the work was reframed around research integrity, each system decision needed to support independent verification. The platform could no longer optimize purely for speed or simplicity. It needed to expose enough evidence for expert users to evaluate, reconcile, and trust outcomes before committing changes to their data.
Expose evidence
Replace completion messaging with visible signals users could inspect.
Preserve checkpoints
Make critical states visible so users could trace what changed.
Support manual review
Avoid hidden automation where expert interpretation still mattered.
Delay commitment
Keep irreversible actions downstream of verification, not before it.
Make migration inspectable before commitment, not just visible during execution
Problem Migration ran in the background, leaving users unable to verify outcomes before committing data to the new system.
Decision Shift migration toward a pre-commit inspection model.
Tradeoff The flow became slower and more complex than one-click migration.
Impact Migration became a controlled decision instead of a blind action.
Use checkpoint-based verification instead of full dataset comparison
Problem Users needed confidence that migrated data matched the source system, but full record-by-record comparison was not feasible within product and technical constraints.
Decision Define visible verification checkpoints at the moments users needed to account for data.
Tradeoff Users could not inspect every record simultaneously.
Impact Verification became feasible while preserving the trust signal users needed.
Support external reconciliation when system guarantees were insufficient
Problem Users needed to account for every reference, but the platform could not guarantee every comparison users wanted inside the interface.
Decision Support exportable datasets so users could reconcile legacy and new data externally.
Tradeoff Verification relied partially on external tools and manual effort.
Impact Users gained a fallback mechanism to validate outcomes when the system could not guarantee completeness.
Optimize deduplication for assisted judgment, not automated cleanup
Problem Automation could hide differences that mattered to expert users, including author ambiguity, source credibility, and metadata completeness.
Decision Prioritize visible comparison and manual review over speed of resolution.
Tradeoff Users spent more time reviewing duplicate candidates manually.
Impact Experts could apply domain judgment while maintaining confidence in the system.
Trust was constructed before commitment, not claimed after completion
Confidence became operationally scalable through verification
Verification reduced resistance among high-accountability users
Institutional users moved once they could independently verify outcomes before committing data to the new platform.
Legacy infrastructure could be responsibly retired
The organization could sunset a long-trusted legacy platform only after users had enough evidence to trust the replacement system operationally.
Verification patterns extended beyond migration
The same principles shaped deduplication, reconciliation, and integrity-sensitive workflows where expert judgment remained essential.
The important behavior change was not adoption alone. Users proceeded when the system gave them enough evidence to account for their data and enough control to decide when an outcome was safe. Verification turned trust from a promise into an operational condition.
Trust improved when users could inspect the system, not when the interface hid complexity
What changed in my thinking
I initially approached the problem through the lens of adoption and usability. The work revealed that the deeper issue was accountability. Expert users were willing to tolerate additional complexity when it helped them independently verify outcomes they were responsible for.
That shifted how I think about trust in high-stakes systems. Simplification alone does not create confidence. In environments where users are accountable for operational or institutional outcomes, systems need to expose enough evidence for experts to evaluate behavior on their own terms.
Decision-level lesson: In high-accountability systems, trust is not created by reducing visible complexity. It is created by exposing the right signals, checkpoints, and evidence at the moments users need to independently verify the system’s behavior.