More than 300 years ago, Antonie van Leeuwenhoek constructed a primitive microscope and made the first detailed descriptions of microorganisms. More than 200 years ago, Edward Jenner carried out the first experimental vaccination, using cow pox virus to build immunity in humans against the deadly smallpox virus. More than 100 years ago, Robert Koch isolated the Bacillus anthracis bacterium and postulated a causal relationship between specific microorganisms and disease.
From these early discoveries, scientists have built more than a century of research on microorganisms and infectious disease, including research on some of the most dangerous pathogens. Enormous advances have resulted in the development of vaccines and other treatments that have greatly diminished the risks posed by infectious disease agents. It is not an exaggeration to attribute increased lifespan and better human health to the research of legions of microbiologists and other biomedical researchers on the biology of bacteria and viruses and the toxins they produce. At the same time, these researchers have maintained safety and responsibility in the laboratory. Notwithstanding the enormous volume of infectious disease research that has been accomplished, there have been few incidents of pathogenic organisms being released into the environment by accident, negligence, or deliberate action. Moreover, scientific research is safer than it has ever been because of increasing concern for safety and security and implementation of protective measures that minimize risk.
Among the large group of pathogenic materials is a smaller set of organisms and chemicals that pose not only a severe threat to the health of humans, plants, and animals, but also have the potential to be used deliberately to cause disease, prompt fear, or destroy agricultural or animal products. More than 80
of these most dangerous bacteria, viruses, toxins, and fungi have been officially listed by the U.S. government as biological select agents and toxins (BSAT) and are subject to special security requirements.
Whether deliberately deployed as a biological weapon or the result of a natural outbreak, the potential for mass human casualty or potentially catastrophic impact on plants or animals as a direct or indirect result of select agents is omnipresent. This report focuses on how to secure access to these dangerous pathogens to diminish their potential for use by terrorists as a biothreat agent. Discussion includes consideration of the physical security of facilities that work with these materials and steps to ensure that personnel with access to select agents and toxins can be trusted.
The Current Select Agent Program
Since the list of select agents and toxins was first introduced in 1997, the U.S. government has created a formal regulatory structure to oversee BSAT research and to decide who could possess microorganisms and toxins that could be used as weapons and how facilities that did possess them would be protected. The scope of the program is determined by a formal list of select agents and toxins; the Department of Health and Human Services’ Centers for Disease Control and Prevention (CDC) maintains the list for human pathogens, while the U.S. Department of Agriculture’s Animal and Plant Health Inspection Service (APHIS) maintains the list for plant and animal pathogens.
As of September 2009, 388 entities were registered and 13,609 individuals—administrators, research scientists, students and postdoctoral researchers, technical staff, and maintenance and animal care workers—were cleared to have access to BSAT materials.
Origin and Charge to the Committee
Concerns about whether the regulations in place for BSAT research in U.S. laboratories were adequate to address the risks of theft, misuse, or diversion of materials grew after the Federal Bureau of Investigation (FBI) announced in August 2008 that it had concluded that a researcher at the U.S. Army Medical Research Institute of Infectious Diseases was the perpetrator of the anthrax letter attacks in October 2001. There were also other concerns about whether the growth in the number of high containment laboratories as part of expanded funding for biodefense research after 2001 was increasing the risks of laboratory accidents as well as providing more targets for those who could pose security threats from either outside or inside the facilities.
An interagency process was initiated to consider the efficiency and effectiveness of all laws, regulations, guidance, and practices related to physical, facility, and personnel security and assurance for BSAT research. As part of that
process, a government Working Group, created by an Executive Order (EO) issued by President George W. Bush, delivered its assessment to the President in July 2009. The Homeland Security Council staff requested additional input from the National Science Advisory Board for Biosecurity (NSABB) and the National Research Council (NRC).1 This NRC report considers the efficacy of regulations, procedures, and oversight that have been instituted to safeguard the public and national security against the deliberate use of BSAT and addresses both physical security and personnel reliability. The committee was also asked to consider the impact of biosecurity policies and regulations on the ability of the scientific community to conduct BSAT research.2
GUIDING PRINCIPLES FOR SCIENCE AND SECURITY
In considering its task, the committee developed a set of principles that should guide how research with biological select agents and toxins should be viewed and conducted. These principles also provide the lens through which the committee addressed the specific concerns of laboratory security and personnel reliability.
Research on biological select agents and toxins is essential to the national interest.
Research with biological select agents and toxins introduces potential security and safety concerns.
The Select Agent Program should focus on those biological agents and toxins that might be used as biothreat agents.
Policies and practices for work with biological select agents and toxins should promote both science and security.
Not all laboratories and not all agents are the same.
Misuse of biological materials is taboo in every scientific community.
For those concerned about the security of laboratories conducting BSAT research, personnel issues are among the most difficult and controversial.
The leadership of the National Interagency Biodefense Campus was also involved in requesting this study, which was conducted through a contract with the National Institute of Allergy and Infectious Diseases.
See Box 1-2 for the full statement of task.
The numbering of recommendations follows the order in the Executive Summary.
Personnel reliability programs incorporate screening, that is identifying whether or not someone should be eligible to have access to BSAT; monitoring employee behavior and performance; and managing the workplace to reduce the risk of an insider either carrying out theft or sabotage or acting to assist others.
Personnel screening seeks to identify individuals who may pose a potential security risk as early as possible, ideally prior to hiring. The proportion of the population of job candidates who represent true security risks is unknown, but likely to be very small. Efforts at screening for rare individuals or behaviors will therefore inevitably struggle with concerns about either failing to identify someone who has the disqualifying behavior or identifying someone as having disqualifying background or behavior when s/he does not. And the more one tries to avoid letting a security risk get through the screening, the more one increases the number of innocent individuals who will “fail” the test.
The Current Process The current screening process to select individuals to work in facilities conducting BSAT research is based on the search for a set of disqualifying behaviors and activities that automatically and permanently deny a person access. This Security Risk Assessment (SRA) relies on the standard criminal, immigration, and terrorist databases maintained by the FBI and Department of Homeland Security (DHS) for these purposes and used to conduct routine suitability or security screening for other federal agencies. The committee concluded that the databases being used in the SRA are consistent with current U.S. government practices in determining the eligibility of persons to have access to classified and proprietary information and sensitive sites and are adequate for assessing whether applicants possess disqualifying background/activities.
The committee also considered several potential additions to the screening process. The committee concluded that there was insufficient information to say that routine or random drug testing would significantly reduce the risk of an insider threat. The committee noted, however, that use of illegal drugs provides insight into a person’s judgment and reliability, which are critical attributes for those with access to highly pathogenic infectious agents. An obvious omission from the current SRA is querying an applicant’s financial and credit history. At least some consideration of credit history is common in many sectors as part of pre-employment screening and is standard practice in federal security clearance and suitability investigations. In most cases, however, the issue is not one of an individual’s level of debt per se, but whether spending patterns provide a means to assess judgment and reliability and possible vulnerabilities. The committee concluded that the difficulties in establishing a meaningful baseline make adding credit or financial history to the SRA
screening process too challenging. In any event, signs of sudden, unexplained affluence or evidence of irresponsible financial behavior would be appropriate to consider as part of the process of monitoring employees’ behavior, which is discussed below.
The committee also considered the issue of how determination of eligibility is made. In the current SRA, any discovery or admission of disqualifying factors or behavior automatically and permanently denies access for that individual. The current SRA system has no statute of limitations on disqualification: it does not matter how long ago the offense was committed. There is also no consideration of extenuating circumstances. The only appeal is to permit correction of factual errors. By contrast, information collected under other current federal suitability and security screening is subject to an adjudication process, whereby issues such as how long ago the offense occurred, whether recent behavior shows positive or negative trends, and mitigating circumstances are taken into account to determine whether to grant access to protected information. The committee concluded that the questions raised about the current automatic and permanent disqualifications were sufficiently serious that it would be worthwhile to change the system to incorporate a broader appeal process more aligned with personnel security practices already in place across the government.
These conclusions with regard to potential changes are conditional because the committee believes the appropriateness of additional measures, in some cases, depends on whether or not the select agent list is stratified, as recommended below.
RECOMMENDATION 5: The current Security Risk Assessment screening process should be maintained, but the appeal process should be expanded beyond the simple check for factual errors to include an opportunity to consider the circumstances surrounding otherwise disqualifying factors.
Identifying Potential Threats through Testing Current policy discussions have included questions about whether to require more extensive testing and evaluation of applicants to work with BSAT materials, perhaps as part of a formal Personnel Reliability Program. Some government agencies and private entities, including academic institutions, have considered undertaking additional screening using psychological or psychophysiological tests.
At least two different types of problems need to be addressed when individuals are screened to identify those who potentially pose a threat. One arises in determining the normal range of adult personality; persons outside of this range would be identified as those who either might attempt deliberate deception or those who might be susceptible to corruption or recruitment to aid in the theft of materials or acts of sabotage. Another involves identifying
individuals suffering from a range of serious personality disorders that might lead to their using BSAT materials to deliberately cause harm or assist others in doing so. Polygraph and integrity tests and personality assessment tools are among the instruments used to assess related factors and conduct screening.
The committee concluded that there is no “silver bullet,” that is, no single assessment tool that can offer the prospect of effectively screening out every potential terrorist. Although it can be appropriate for organizations to employ integrity testing and clinical personality assessments as part of screening to serve other purposes, the committee reached the same conclusion concerning polygraph testing as was reached by a 2003 NRC committee that applies even more broadly, namely to its use in security screening: “Polygraph testing yields an unacceptable choice for…employee security screening between too many loyal employees falsely judged deceptive and too many major security threats left undetected. Its accuracy in distinguishing actual or potential security violators from innocent test takers is insufficient to justify reliance on its use in employee security screening in federal agencies.”
Monitoring and Management to Achieve a Safe and Secure Research Environment
Once an individual is cleared by the SRA, certification is in effect for five years. However, the FBI continues to monitor cleared individuals using selected databases; the FBI also receives automatic notices in some instances, for example, when an individual is arrested and fingerprinted. But this process cannot be expected to address all disqualifying factors or, more importantly, all significant issues and personal changes that could occur in an individual’s life during the five-year period of certification, including those that could potentially result in his or her becoming a security risk. Efforts to ensure personnel reliability will have to come from those laboratories where BSAT research is conducted and specifically from increased engagement by managers and staff.
A goal in any organization where safety is a central challenge should be to foster a culture where individuals watch out for each other and take responsibility for both their own performance and that of others. When this works well, the environment and culture reinforce a positive and inclusive ethic that promotes excellent performance. Security then becomes an additional goal, although many of the components of a safety-oriented culture serve security goals as well. A key component in a culture of trust and responsibility relevant to personnel reliability is a climate inducing self- and peer-reporting and providing mechanisms for such reporting. Management plays an essential role and has important responsibilities, not the least of which is to provide mechanisms for people to self-report problems and relay concerns about others via a safe mechanism (e.g., ombuds offices, hotlines, confidential reporting systems) and to enable individuals to obtain help in dealing with concerns proactively (e.g.,
employee assistance programs). Although often focused on safety concerns, these processes can serve security as well.
Research on preventing a wide range of types of insider threats suggests that, even in circumstances where one might assume an individual would attempt to conceal his or her malevolent intent in order to escape detection, in many cases there will be signs or signals that something is wrong prior to an event. Those cases in which an individual’s action is genuinely spontaneous are rare. While no system can guarantee success in preventing an illegal act, the warning signs occur often enough that it is reasonable to believe that active, sustained monitoring and management could detect many of them and provide the basis for prevention. The research also suggests that training people to watch for and recognize the warning signs is essential and that, in the absence of such training, these signs are likely to be missed.
RECOMMENDATION 1: Laboratory leadership and the Select Agent Program should encourage and support the implementation of programs and practices aimed at fostering a culture of trust and responsibility within BSAT entities. These programs and practices should be designed to minimize potential security and safety risks by identifying and responding to potential personnel issues. These programs should have a number of common elements, tailored to reflect the diversity of facilities conducting BSAT research:
Consideration should be given to including discussion of personnel monitoring during (1) the initial training required for all personnel prior to gaining access to BSAT materials and annual refresher updates and (2) safety inspections to obtain a more complete assessment of the laboratory’s ability to provide a safe and secure research environment.
More broadly, personnel with access to select agents and toxins should receive training in scientific ethics and dual-use research. Training should be designed to foster community responsibility and raise awareness of all personnel of available institutional support and medical resources.
Federal agencies overseeing and sponsoring BSAT research and professional societies should provide educational and training resources to accomplish these goals.
Managing BSAT Research and the Select Agent Program
In addition to issues of personnel reliability, the committee addressed other issues related to physical security and to operation of the Select Agent Program, which led to several additional recommendations.
Facilitating Stakeholder Input by Formation of a BSAT Advisory Committee
One of the frequent themes that emerged from the public consultations held by the EO Working Group and the NSABB and in the committee’s own public sessions and site visits was the need for increased and more systematic communication among those agencies funding BSAT research, those agencies administering the Select Agent Program, and those entities conducting BSAT research. The creation of the National Select Agent Registry as a single point of contact for agents regulated by both CDC and APHIS has been almost universally applauded for simplifying the regulatory environment and providing coordinated guidance. But because BSAT research is carried out and supported by several federal agencies, the committee believes a more formal structure is needed to engage the community of stakeholders in the continued operation of the program.
RECOMMENDATION 2: To provide continued engagement of stakeholders in oversight of the Select Agent Program, a Biological Select Agents and Toxins Advisory Committee (BSATAC) should be established. The members, who should be drawn from academic/research institutions and the private sector, should include microbiologists and other infectious disease researchers (including select agent researchers), directors of BSAT laboratories, and those with experience in biosecurity, animal care and use, compliance, biosafety, and operations. Representatives from the federal agencies with a responsibility for funding, conducting, or overseeing select agent research would serve in an ex officio capacity. Among the responsibilities of this advisory committee should be the following:
Promulgate guidance on the implementation of the Select Agent Program;
Facilitate exchange of information across institutions and sectors;
Promote sharing of successful practices across institutions and sectors;
Provide oversight for evaluation of the Select Agent Program;
Provide advice on composition/stratification of the list of select agents and toxins;
Convene regular meetings of key constituency groups; and
Promote harmonization of regulatory policies and practices.
Stratification of the List of Select Agents and Toxins
The current list of select agents and toxins represents a diversity of pathogenic microorganisms and toxins with a wide range of potential for use as biothreat agents. Does this single list, all of which are subject to the same security procedures, represent the optimal solution?
The committee concluded that the present all-encompassing model for the list of select agents and toxins does not address appropriately the range of risks and vulnerabilities. Moreover, a list of more than 80 agents of varying risks dilutes attention from those that pose the greatest degree of concern, which may, in the process, render the nation less secure. It would be more effective to focus the highest scrutiny on those agents that are, indeed, of greatest concern and on those facilities with the equipment that enables weaponizing biological agents—and to offer a graded series of security procedures and policies for agents that pose less risk. For these reasons, the committee recommends reconsideration of both the purpose and composition of the list of select agents and toxins to reflect actual security concerns that merit inclusion on the list.
Although consideration of which specific agents and toxins should be on such a list is beyond the charge of the committee, we believe that stratification of the list of select agents and toxins is warranted. Stratification should be consistent with the original purpose of creating the list, namely to catalogue those agents posing a risk for use as a significant biothreat agent. Further, we believe that it is important to develop mechanisms for adding or removing agents from the list without unwarranted delay to ensure that the list remains reflective of legitimate concern. A procedure is needed to assess the risk posed by a biological agent that would initiate a formal process to add it to the list—or, equally important, to determine that an earlier estimation of threat has diminished and an agent should be taken off the list. Critical in consideration of adding or removing an agent from the list is the opportunity for significant information and input from external stakeholders, beyond the usual formal commenting process to government officials.
RECOMMENDATION 3: The list of select agents and toxins should be stratified in risk groups according to the potential use of the material as a biothreat agent, with regulatory requirements and procedures calibrated against such stratification. Importantly, mechanisms for timely inclusion or removal of an agent or toxin from the list are necessary and should be developed.
The BSATAC should advise the Select Agent Program on the implications that stratification of the list of select agents and toxins has on implementation of personnel screening, physical security requirements, and other procedures.
Accounting for Materials
It is prudent and appropriate for entities with the responsibility for BSAT laboratories to know what types of select agents and toxins are present in their facilities. In addition to maintaining records of materials in a facility for security purposes, such listings serve an important safety function in detailing
materials of concern for laboratory personnel, as well as for first responders in emergencies. Current regulations provide highly specific guidance with respect to information to be collected. While the committee believes that it is useful and important to know which agents are present and where they are located, we question the value of measuring the quantity for living microorganisms, except for the amounts when acquired by a facility or transferred out to another facility. Because a new culture can be prepared with as little as a single microorganism, an individual would need only a miniscule—and undetectable—amount from a single vial to establish a new culture and grow up large volumes of the agent in a matter of hours or a day. Therefore, determining that the number of vials is the same from one moment to another provides no guarantee that agents have not been removed from the laboratory since the original number of vials or tubes could remain the same while the agent itself has been removed. The committee, therefore, concluded that undue reliance on accounting practices, including counting vials, leads to false security and is counter-productive.
RECOMMENDATION 4: Because biological agents have an ability to replicate, accountability is best achieved by controlling access to archived stocks and working materials. Requirements for counting the number of vials or other such measures of the quantity of biological select agents (other than when an agent is transported from one laboratory site to another) should not be employed because they are both unreliable and counter-productive, yielding a false sense of security. A registered entity should record the identity of all biological select agents and toxins within that entity, where such materials are stored, who has access and when that access is available, and the intended use(s) of the materials.
It should be noted that this recommendation makes a distinction between select agents—which have the capacity to replicate—and toxins—which do not. This recommendation, therefore, does not change the requirement to keep records on the amount of a toxin but does recommend that inventories for both select agents and toxins should include information about who has access to these materials, when, and for what intended purpose.
With regard to another aspect of accounting for materials, the committee concluded that, when specifically indicated by a risk assessment, a rule that “no one works alone”—defined as one person conducting work while being in direct communication with a second person who can affect a rescue—should be in place. Since this is a safety measure with only indirect security benefits, security is best maintained by regulating access—namely, requiring log entry and exit systems and electronic identification cards for all personnel.
Security Based on Risk Assessments
Physical security is required of all facilities registered with the Select Agent Program. Each facility must develop and implement a written security plan, which is reviewed by either CDC or APHIS as part of the initial and ongoing facility registration process. Because each facility is different in design, different physical security methods are required to address site-specific security requirements. Determination of which physical security measures to include in a plan is made based on “a site-specific risk assessment and must provide graded protection in accordance with the risk of the select agent or toxin, given its intended use.”
These select agent regulations provide overall guidelines for the content of site-specific security plans; however, they are sufficiently broad to allow for variation in their implementation. While this variation has benefits, it also creates inconsistencies and confusion as facility operators, contractors, and inspectors attempt to determine whether specific security measures at individual facilities sufficiently adhere to these guidelines. Moreover, many additional regulations have been separately imposed by different federal agencies, leading to inconsistencies in their application for a variety of reasons, in part because facilities and regulations differ. Addressing these inconsistencies and the problems they create would be highly beneficial both for security and cost-benefit, allowing cost-effective and consistent compliance with security needs and regulations.
RECOMMENDATION 6: The Select Agent Program should define minimum cross-agency physical security requirements, which recognize that facilities have unique risk-based security needs and associated design components, to assist facilities in meeting their regulatory obligations.
The Select Agent Program can further assist institutions in interpreting physical security requirements by establishing a hotline or other mechanism for rapid response in answering questions about interpretation of the standards.
The committee believes that it is both appropriate and necessary to apply rigorous analytical methods to assess the mix of policies that promote both high-quality science and appropriate security. But assessing how and whether a program or programs achieve desired goals presents a particular evaluation challenge. If the policies are successful, nothing bad will happen. Following from the difficulty in assessing the effectiveness of programs that will be successful if there is no obvious effect—other than the absence of another action—it is likewise difficult to assess whether the various costs associated with the program are appropriate.
Independent evaluation can provide useful information on how the Select Agent Program is implemented and can identify important intended or unintended consequences of the program upon the research enterprise. The committee believes that new policies intended to improve physical security and personnel reliability should be carefully evaluated, along with the operation of the program overall. Relying on “dueling anecdotes” is not acceptable for establishing policy. The committee emphasizes that formal evaluation of the Select Agent Program is more than accumulation of metrics and demographic data.
RECOMMENDATION 7: Independent evaluation of the Select Agent Program should be undertaken to assess the relative benefits for achieving security, to consider the consequences of the program (intended and unintended) on the research enterprise, and to provide useful data about the Select Agent Program. Such evaluation, which may be coordinated through the BSAT Advisory Committee, should be provided with dedicated funding.
Training of Inspectors
All select agent laboratories undergo regular inspections by CDC or APHIS, whether academic, commercial, or government and whether for research or public health. In addition to these inspections by agencies with statutory responsibility for the Select Agent Program, many funding agencies—including the Department of Defense and Department of Homeland Security—conduct their own inspections of research and facilities they support. Other federal agencies also may have responsibility for overseeing aspects of the facility and may conduct inspections. Finally, some state and local authorities inspect facilities within their jurisdiction.
Close coordination between CDC and APHIS in the Select Agent Program has served the research community well and should be expanded to include other government agencies with an involvement in BSAT research. Specifically, the committee encourages coordination and consolidation so that entities with select agent programs sponsored and/or regulated by different federal agencies are not subject to very different and possibly conflicting guidance and regulations or to duplicative inspections. In addition, it is critical to ensure that the requirements of multiple agencies are not contradictory; otherwise, the resulting confusion and uncertainty results in excess time and cost and increased difficulty of compliance.
Complaints about the nature of some inspections have arisen. Members of the community have cited the increasingly bureaucratic nature of some inspections, with expanding focus on the technical letter of the regulation without regard to the spirit of the regulation and its intended objective, and have expressed their concern that some inspectors have not had the technical
knowledge needed to understand the specific nature of various risks. Much of this concern may stem from inspectors not sufficiently familiar with the nature of BSAT research. These challenges are even more severe for those government agencies that do not focus on select agent facilities but have a responsibility for inspecting them.
RECOMMENDATION 8: Inspectors of select agent laboratories should have scientific and laboratory knowledge and experience, as well as appropriate training in conducting inspections specific to BSAT research. Inspector training and practice should be harmonized across federal, state, local, and other agencies.
Funding Facility and Compliance Costs
Security and compliance procedures called for under the Select Agent Program can be significant, with costs substantially higher than for similar laboratory facilities. Security guards, cameras, access card readers, biometric identification technologies, alarms, lockable freezers and incubators, and other security measures all add to the cost of operating a select agent laboratory.
Construction of secure laboratories where select agent research will be conducted is often funded by grants specific for that purpose. But select agent laboratories have significant ongoing security and safety sustainment costs that far exceed the indirect costs that grantee institutions receive to cover the costs of facilities, maintenance, and operations.
The implications of sustainable funding required to conduct select agent research are troubling. It is not acceptable, either for the institution or for safety and security, to diminish appropriate and necessary risk-based security procedures and resources, regardless of the availability of funding for the facility. The committee urges federal agencies that fund BSAT research to establish dedicated funding for ongoing security and compliance responsibilities associated with this type of research. This is an essential obligation, and no facility should operate without appropriate security measures in place. Although this type of funding structure may be unusual for biomedical research laboratories, it is not uncommon for funding those areas of science where central infrastructure plays an important role.
RECOMMENDATION 9: Because of considerable security and compliance costs associated with research on biological select agents and toxins, federal agencies funding BSAT research should establish a separate category of funding to ensure sustained support for facilities where such research is conducted.