42 CFR 73.11 - Security.
(a) An individual or entity required to register under this part must develop and implement a written security plan. The security plan must be sufficient to safeguard the select agent or toxin against unauthorized access, theft, loss, or release.
(b) The security plan must be designed according to a site-specific risk assessment and must provide graded protection in accordance with the risk of the select agent or toxin, given its intended use. The security plan must be submitted upon request.
(5) Describe procedures for addressing loss or compromise of keys, passwords, combinations, etc. and protocols for changing access numbers or locks following staff changes,
(6) Contain procedures for reporting unauthorized or suspicious persons or activities, loss or theft of select agents or toxins, release of select agents or toxins, or alteration of inventory records, and
(7) Contain provisions for ensuring that all individuals with access approval from the HHS Secretary or Administrator understand and comply with the security procedures.
(d) An individual or entity must adhere to the following security requirements or implement measures to achieve an equivalent or greater level of security:
(2) Allow individuals not approved for access from the HHS Secretary or Administrator to conduct routine cleaning, maintenance, repairs, or other activities not related to select agents or toxins only when continuously escorted by an approved individual,
(3) Provide for the control of select agents and toxins by requiring freezers, refrigerators, cabinets, and other containers where select agents or toxins are stored to be secured against unauthorized access (e.g., card access system, lock boxes),
(4) Inspect all suspicious packages before they are brought into or removed from the area where select agents or toxins are used or stored,
(5) Establish a protocol for intra-entity transfers under the supervision of an individual with access approval from the HHS Secretary or Administrator, including chain-of-custody documents and provisions for safeguarding against theft, loss, or release,
(6) Require that individuals with access approval from the HHS Secretary or Administrator refrain from sharing with any other person their unique means of accessing a select agent or toxin (e.g., keycards or passwords),
(7) Require that individuals with access approval from the HHS Secretary or Administrator immediately report any of the following to the Responsible Official:
(v) Any sign that inventory or use records for select agents or toxins have been altered or otherwise compromised, and
(8) Separate areas where select agents and toxins are stored or used from the public areas of the building.
(e) In developing a security plan, an entity or individual should consider, the document entitled “Laboratory Security and Emergency Response Guidance for Laboratories Working with Select Agents. Morbidity and Mortality Weekly Report December 6, 2002; 51:RR-19:1-6.” The document is available on the Internet at: http://www.cdc.gov/mmwr.
Title 42 published on 2013-10-01
no entries appear in the Federal Register after this date.