A theme for 2020: grow

Society nudges (or shoves) us to reflect on the past at this time of year. And then we are to turn our attention to the future, to set goals for the year ahead. Of course this transition has been even more profound, prompting recollections of the last 10 years of life and, no doubt for many, pondering of the next decade of life.

I have vague recollections of setting resolutions at points in my life. But it’s not something I’ve really done for at least a few years. Problems/opportunities/goals often emerge out of sync with the 12-month cycle we focus on. Nonetheless I do find myself meditating on the past and future at this time of year. Two years ago, I tried an approach of selecting a theme or a word for the year. In 2018, the word was build. For 2019, I decided on thrive

For 2020: grow.


2020 is bringing some big projects, professionally and personally. I’m taking on additional responsibilities at work and moving deeper into management (of the project and people varieties). I’m finishing a project management certificate program and maybe (probably) sitting for the exam to qualify for professional accreditation.

Oh and I’m training for a 50 mile foot race in June. Maybe you wonder, Why the heck would should sign up for an event that demands so much time and energy training when there’s so much else going on?!

I started 2019 with a mantra to “progress from striving to thriving.” It’s challenging to achieve that transition when the environment around you is changing. It doesn’t have to be bad to be different and require adjustments. Several months ago, this quote arrived in a newsletter (The Morning Shakeout) in my inbox:

Shit does not get less complicated. (Mike Wolfe)

I wrote it on a Post-It that went under my computer monitor. And on another that I stuck to my big whiteboard. It’s easy to get caught up in things, to become overwhelmed by how things are changing, especially when there’s some lack of communication. It’s easy to delay activities or decisions until “things settle down”, to wait for some sort of clarity. And there are reasons, often very valid ones, to do that.

But I also can’t let the storm of ambiguity, complexity, and anxiety keep me from moving forward and taking opportunities to (im)prove myself.


Stress carries a very negative connotation in our culture, but achievement and improvement often comes from going outside our comfort zone. But we can (and do frequently) overdo it. It may come from a sense of pressure or responsibility (I think especially prevalent in work and relationships). “This must be done. Now. And only I can do it.” Other times we slip easily into the more-must-be-better mindset. “If <x> hours of exercise is good, then <xy> must be better.” “I’ve been so productive today! If I stay just another hour or two..”

Go down that road far enough and stress becomes unproductive, recovery inadequate. Keep going and it can lead to burnout, injury, illness, etc. Been there, done that—and would prefer not to visit again.

This “formula” has popped in a few places (I think it may have originated with Peak Performance), and it’s stuck with me.

stress + rest = growth

Rest and recovery are key to keeping stress productive. I see some incredible opportunities for personal and professional growth in the next year.

But I have to be intentional about making time and space for rest. Running and exercise are a big part of how I manage stress, and training for a race helps encourage commitment. I’ll plan to keep one day a week free of work and classwork, as I’ve done the last few months. I’ll take time to go into the mountains with Gene. I’ll take vacation. I’ll keep my morning time for reading and coffee. To reach key goals this year, I need to recharge regularly, and that won’t by accident.


I’m both excited and terrified by the things that 2020 has in store for me. There will be some long hours in the office and on the trails. There will be stress and anxiety and frustration. There’s a lot of work to get done. But there will also be fun and relief and celebration. Setting “grow” as my theme for the year will, I hope, help me remember to rest, with intention, so that I can continue forward and achieve my goals.

Happiness is the joy you experience while pursuing your potential. (Neil Pasricha)

Posted in Uncategorized | 3 Comments

W2FA?! Two-factor authentication on the way to eRA Common

Earlier this month I attended the NIH Regional Seminar, a meeting focused on grants administration and related policy. As I usually do at meetings, I tweeted—and a short tweet prompted an immediate and frustrated response:

A little background for the uninitiated: “electronic research administration” or eRA Commons is a portal that supports several aspects of NIH grants adminstration. Principal investigators (PIs), grants administrators, and others need accounts to enter profile information, enter data for NIH grant applications and reporting, and track status of applications.

It’s been around a while and comes with a particular set of quirks and bugs/features. You have to reset your password every 120 days. The password has atypical restrictions, like you can’t end with numbers. You can’t recycle a password for 8 years. When you’re updating your personal profile, you can’t save and leave the page until all the required fields are filled and errors have been resolved.

During an eRA Commons workshop, staff revealed that, in the not too distant future, eRA Commons login will go through two-factor authentication (2FA). 2FA adds in another layer of security to establish that you are indeed the user whose name and password you entered.

When I mentioned this on Twitter, there was much wailing and gnashing of teeth. PIs were resoundingly against 2FA. Great, one more thing to make the login process harder. Isn’t resetting their password every login enough? 2FA is such a pain. Who really wants to hack into their account and view their grant scores/statements? It’s going to create problems for sponsored programs helping with submissions. And more generalized, Aaaargh whyyyyyyyy?

Why 2FA?

First we need to recall that NIH is a federal agency and thus subject to a whole lot of federal regulations, rules, plans, and guidances.  Maybe protestations are right; maybe no one cares to hack into eRA Commons and 2FA is overkill. Nonetheless NIH has to address priorities and requirements to modernize systems and enhance cybersecurity. So on the surface, this is about NIH complying with federal requirements.

But let’s dig a little deeper. Why might external stakeholders want a little more security on eRA Commons? That portal provides access to several different NIH systems: ASSIST (creating, editing, and submitting applications), RPPR (progress reporting), xTrain (managing training grant appointments and terminations), Internet Assisted Review (critiquing and scoring applications as a reviewer)… In short, eRA Commons provides access to a lot of confidential information.

Of course that’s for just a select few applications and awards, right? People were primarily thinking of eRA Commons through their lens, what they see in a scientific role (e.g., as a PI). But other people are engaged in grant applications. Most critically, PIs can’t just submit an application on their own. An authorized organizational respresentative (AOR)/signing official (SO) “has institutional authority to legally bind the institution in grants administration matters.” They are cleared to provide signatory approval of submissions, and you can’t submit a grant without them. The SO is typically in the sponsored programs office (and there should be more than one). Within eRA Commons, an SO has access to every NIH grant application across the organization. The SO can not only submit but also reject grant applications. They can create, updated, and delete eRA Commons accounts for almost every individual at their institution and manage other people’s eRA Commons access. Maybe hacking a PI’s eRA Commons account provides a low return, but the implications of accessing an SO’s account carry much more weight.

What about implementation?

Some pushback in my stream was about how 2FA would be done and how administrative support would access applications to input information for PIs.

NIH isn’t building a new system for 2FA from scratch. It will leverage the existing login.gov system, which is already in use for Trusted Traveler Programs, USAJOBS, and SAM. Folks at eRA Commons will begin piloting with a subset of users next year and develop the interface with user input.

login.gov enables multiple methods for 2FA—text, phone, authentication app, security key, backup codes. One concern that popped up in my feed was access while traveling abroad, and a pre-generated list of backup codes could address cases where text or phone aren’t readily available.

Some people raised the issue of how 2FA would interfere with enabling others to access someone’s eRA Commons account. Indeed it will. And frankly I think that’s part of the point. As far as NIH is concerned, you shouldn’t be sharing your login credentials with others, even trusted individuals you want working on your application or reports. User credentials are assumed to represent accountability to said user for actions. “I didn’t do <x>!” isn’t a defense when you contact the helpdesk and they see that your account did indeed do <x>.

That doesn’t mean that PIs are left to handle grants administration activities on their own. The PI and/or SO can delegate other eRA Commons roles  to individuals within your organization, granting them access to edit RPPRs, initiate applications, administer training grants, etc. There are certain activities that can only be executed by specified roles. Only the SO or an ASSIST Access Manager (designated by the SO) can manage access to applications, which means contacting your sponsored programs office to add anyone other than PI and the person who initiated the application. Only the PI can route RPPRs to the SO, creating a stage of accountability for the PI in the reporting process. The advantage of delegations is that you can manage the level of access. It’s not all or nothing. Plus you don’t have to worry about one person changing your password and disrupting your (and maybe others’) access.

I’m not expecting people to embrace 2FA lovingly. I’ve dealt with it on different systems and experienced hassles and headaches it can produce. But perhaps a little context and knowledge about eRA Commons can promote some understanding, and maybe even grudging acceptance, of what’s to come. Either way, 2FA is on its way.

Posted in Uncategorized | Leave a comment

Valuation of Personal Lives

Postdoc pay is a perennial discussion. Last week, the topic popped into my Twitter feed once again with a question related to using family costs to justify a higher stipend.

It should be noted that there were a couple of bad (and IMO bad faith) takes in replies to this and/or an earlier related tweet. (PSA: If you find yourself about to dictate the incompatibility of being a good postdoc and a good parent, you should probably step away from Twitter.)

There’s a clear point about the tension between postdoc pay standards and what it costs to raise a family, especially in high cost-of-living locales. This is a longstanding discussion in the research community. This was emphasized in many of the replies. Even those who suggested that a one-off salary bump wasn’t the way to solve the issue acknowledged the very real challenges that postdocs with families face.

I am not faculty and have no plans to be, but from my perspective, the precedent is problematic. First it could disrupt trust and satisfaction among other didn’t try to negotiate a higher salary or did but with no effect. Second it creates an environment where, maybe even subconsciously, a PI is factoring in a postdoc’s family status into costs when they hire in the future.

But there was another thing simmering in the back of my mind, which someone else brought up:

Pay should be based on the job you’re hired to do and (at least to a degree) prior experience and qualifications. (At least that’s the aim, even though that’s not how it plays out entirely today.)

But the issue for me isn’t just about establishing different pay scales for different work. It’s about the reason for doing so.

There’s this embedded expectation that single or married but childless postdocs can “get by” on less than those with kids. Perhaps for the majorities in each category that’s true. But as Liz Wayne pointed out, postdocs can have significant care/family or related costs beyond kids. Some may have chronic illnesses with associated healthcare costs. They might be helping to care for a spouse or parent with an illness or disability. They might be trying to provide financial support for other family members. And circumstances change over time too.

I’m deeply uncomfortable with the idea that anyone should have to disclose information from their personal lives to justify their pay. (Note: No one suggested this specifically, but in my view, it’s an extension of the premise. Also this is not a criticism of the hypothetical candidate.)

Can you imagine needing to tell a prospective boss, “Sorry, I’m going to need a higher stipend I can afford medical care for <condition x>”? Or going to a current boss and saying, “Um I need a raise so I can afford to leave my abusive partner”? First of all, no one should have to disclose that sort of information to their supervisor unless they want to. Second, who wants to be making those valuations of what life events and circumstances “justify” more money—and which don’t?

No doubt the struggle for postdocs with children is real. But they’re not the only ones facing financial challenges. Creating a two-tiered system based on familial status isn’t the way to solve those issues though.

Posted in Uncategorized | Leave a comment

Lost in Data

I like data. I tend to put a lot of stock in it. For scientists, data* is a key part of our lives and work. Data is how we learn, which enables us to progress.

But we have to acknowledge something very important about data. Data does not materialize out of vacuum. It doesn’t just appear on a computer drive somewhere. It’s gathered, processed, and analyzed.

Even when elements are automated, along the way humans designed the automation. They made decisions about which things to measure, how and when and where to measure them, which data points and metadata to record or retain, how to categorize or cluster data or deal with outliers…

These are human activities, meaning there are opportunities for our biases and agendas to influence the processes. Many strive to minimize the effects of bias, applying methods and strategies to design the questions, data collection processes, and analyses to get to an accurate answer in an appropriate and ethical way. They acknowledge the limitations of their approaches and data too. It can take great awareness and care to avoid biasing data.

But decisions about data collection and analysis can be driven by partisanship and chauvinism**. You don’t have to change data to manipulate it. You can modify it in the way you collect and analyze it.

The easiest is that to just stop collecting the data—or never collect it in the first place. You can’t report what you don’t measure. It can make for an incredibly useful stall tactic. We need data to know if an issue is persistent and widespread, “worthy” of investing precious time and dollars. Of course getting that data will take time and dollars.

A perhaps more sly way is to have a system in place but make the data difficult to report. You can to point to “data” and proclaim, See, no problem here! But the absence of reporting, especially for large organizations, doesn’t translate to the absence of incident.

Another approach is to change how you collect, categorize, or analyze the data. You influence who’s represented and in what way. You shift how a subset of data from one grouping to another. You modify the algorithm.

Without calling attention, you make changes (relative to how predecessors did it) to “close” the pesky gaps that groups have rallied around and worked to change. Look at the progress! Nothing more to worry about. Those groups still saying it’s an issue—well, they’re obsessed, fanatics. 

I’ve been reading Susan Faludi’s Backlash: The Undeclared War Against American Womenwhich looks at the backlash against women’s gains and feminism through the 1980s. I’ve been struck in the latter half of the book (which focuses on backlash as seen in politics, popular psychology, women at work, and reproductive rights) by how data was used to pushback against (legitimate) claims of persisting disparities. Much of this was driven by federal offices under the control of Reagan appointees, combined with budget cuts, reducing the data collected, failing to process cases/claims (which can become points of data), or changing the way data was categorized or analyzed. I can’t help but wonder how much of this is happening now.

Today, as a society, we’ve become more engrossed in data. We collect more data perhaps than ever before. Too often I see the sentiment that data is somehow “pure”, untouched by human dispositions. Critical information and trends can be lost in the data, and we may be none the wiser if we don’t engage critically with the data, processes, and agendas that generated it.

* Yes, technically data is plural (unless talking about Data, the android). I’m intentionally using singular verbs as I’m referring to data as a single concept, not a collection of data points here.

** Chauvinism used here in its broader meaning of “undue partiality or attachment to a group or place to which one belongs or has belonged.”

Posted in Uncategorized | Leave a comment

#januwordy: Authentic

Authentic. It’s a word that permeates the public life of social media. Newbies are advised to “be authentic.” Some established account holders talk about the imperative to be their “authentic selves.” But what does that mean?

Authenticity generally implies a certain level of openness and transparency. It’s the feeling that you have a good sense about the person from the words and actions that you see. To borrow another cliche, it’s “being true to yourself.”

But what does that look like in a world where put parts of our lives on display for acquaintances and strangers around the world? In spheres where engagement is measured in clicks and likes? There’s an underlying suggestion that authenticity will bring followers and connections, perhaps even attention and opportunities, maybe even financial gain one day.

Here I stumble. Do we really want authenticity? Or do we want performances of “authenticity”? #humble #blessed 

I can’t help but wonder about the many factors that contribute to our interpretations of authenticity.

How much of our expectations are driven by gendered, racial, ethnic, age, religious, and other stereotypes? She cares too much about money and power. He poses too hard as a feminist. She doesn’t post about this topic enough. They talk about that thing too much.

How much of our read of authenticity is about seeing trauma or pain? Certainly talking about struggles can be valuable, letting other people know they’re not alone and creating an opening for support from a virtual community. But there are pieces that many of us keep to small private circles, maybe even just to ourselves, at least for a while. That was true before the internet and remains true now. Failing to broadcast our anguish doesn’t make a person/a any less authentic, and may in fact be more so for a given individual.

True authenticity takes many forms, no matter which ‘verse we’re moving in. Some forms will resonate with us, as individuals, more clearly than others. And perhaps it’s worth a few moments of self-reflection to examine the ones that do and don’t.

Posted in Uncategorized | Leave a comment