Plan for Administrative Oversight for Pathogens and Toxins in a Research Setting - Required Elements and Guidance

Section 3 of the Human Pathogens and Toxins Regulations states:

If the applicant for a licence is a person who intends to carry out scientific research, the Minister must, before issuing the licence, determine that the person has developed a plan that sets out administrative measures for managing and controlling biosafety and biosecurity risks during the period in which the licence is in effect.

Where scientific research is defined as:

"scientific research" means the following types of systematic investigation or research that are carried out in a field of science or technology by means of controlled activities:

1. basic research, when the controlled activities are conducted for the advancement of scientific knowledge without a specific practical application;
2. applied research, when the controlled activities are conducted for the advancement of scientific knowledge with a specific practical application; and
3. experimental development, when the controlled activities are conducted to achieve scientific or technological advancement for the purpose of creating new -- or improving existing -- materials, products, processes or devices.

Background and Overview of the Plan for Administrative Oversight requirement in the Human Pathogen and Toxins Regulations

The Public Health Agency of Canada (the Agency) has identified a public health risk that emerging and re-emerging infectious diseases will continue to create the potential for epidemics and pandemics that can result in considerable health, social and economic impacts. As one level of control to manage this risk, the Centre for Biosecurity (the Centre) is committed to designing and developing a risk-based program and regulatory framework under the authority of the Human Pathogens and Toxins Act (HPTA) that is informed by the intent of the HPTA, national and international best practices, and input received from stakeholders through broad consultations.

During the development of the proposed policy elements for the HPTA program and regulations, the Agency has considered characteristics of the research environment that create a tension between the need for innovation, and the regulatory framework intended to protect the health and safety of the public from risks posed by human pathogens and toxins. A risk mitigation approach has been developed to balance the public health and safety concerns with the importance of promoting vibrant and innovative Canadian research with human pathogens and toxins.

The Centre acknowledges that the research sector faces additional risk factors that other sectors (e.g., diagnostic and private industry) normally do not. These factors include but are not limited to: autonomous research and researchers, perceived diffuse accountabilities, and complex reporting and governance structures. The overall risk management framework used by research institutions and the governance structures within may or may not be in place or be inclusive of the risks posed by human pathogens and toxins. Additionally, some research institutions utilized the federal importation permits as an internal control mechanism, and with their impending removal there will be a need for an internal accountability system to mitigate the biological risks. Through discussions with multiple research institutions across Canada, the Agency developed the Plan for Administrative Oversight (the Plan) to facilitate the development of internal accountability structures or support accountability structures that currently exist by bridging gaps in the oversight of pathogens at an institutional level. The Plan is composed of ten common administrative elements that are required to be included in the Plan submissions.

These Plans are intended to be very high level and are not intended to include or repeat any regulatory elements already captured through other means (e.g., Canadian Biosafety Standard (CBS) requirements). The Agency has provided the required elements for inclusion and guidance information for each element of a Plan for Administrative Oversight submission to facilitate the compliance with this regulatory requirement. A licence will not be issued without the submission of a Plan for Administrative Oversight for areas where scientific research is undertaken. The quality and completeness of the Plan submissions will not delay the issuance of the licences, as the Agency will work with the applicants to finalize their plans as needed.

Elements to be included in Plans for Administrative Oversight for Pathogens and Toxins in a Research Setting

The Plan for Administrative Oversight submissions are intended to be high level and provide an overview of the mechanisms that are in place in an institution or organization to administratively manage and control biosafety and biosecurity risks.

The Plan can adequately serve as an accountability system to also mitigate the potential biosafety and biosecurity risks from gain-of-function research conducted by institutions or organizations, which include activities that could result in the creation of a pathogen with increased virulence, pathogenicity, or communicability, that is resistant to preventative or therapeutic treatments, or produces a toxin with increased toxicity. This type of activity must be reported to the licence holder and the biological safety officer, as per section 5 of the Human Pathogens and Toxins Regulations. Accordingly, the Plan will demonstrate how institutions or organizations identify, assess and manage research activities with dual-use potential, including gain-of-function research. As defined in the Canadian Biosafety Standard (CBS), 2^nd Edition, 2015, dual-use potential pertains to the qualities of a pathogen or toxin that allow it to be either used for legitimate scientific applications (e.g., commercial, medical, or research purposes), or intentionally misused as a biological weapon to cause disease (e.g., bioterrorism). Dual-use potential also encompasses knowledge, technology and products that could be used for nefarious purposes.

The Plans are not intended to include or repeat any regulatory elements already captured through other means (e.g., CBS requirements). The Plans can and will likely include references to other institutional documents and/or policies since most research institutions have this information posted on an external or internal website. The intent is not to re-write these existing documents. The elements to be included in the Plan are provided below and followed by guidance and examples to help support development of the Plans.

The Plans are to include an overview of HOW the following elements are managed or represented:

Elements to be covered within the Plan

1. Commitment from Senior Management to manage and control biosafety and biosecurity risks at the institution/organization
2. Delineation of the roles and responsibilities for committees, individuals, departments etc., that have a role in the control/management of biosafety and biosecurity risks.
3. Establishment of a single point of contact to provide guidance on the Plan and a senior level 'champion' who can represent biosafety issues at a senior level on his/her behalf.
4. Overview of how biosafety and biosecurity risks, including those from research with dual-use potential, are identified at the institution/organization.
5. Overview of how biosafety and biosecurity risks, including those from research with dual-use potential, are assessed once they have been identified at an institutional/ organizational level.
6. Overview of how the biosafety and biosecurity risks, including those from research with dual-use potential, are managed and controlled at an institutional/organizational level.
7. Description of all work areas covered by the Plan (research areas, teaching, off-site etc.).
8. Description of all individuals covered by the Plan (researchers, faculty, students etc.).
9. Summary of how the Plan is communicated.
10. Overview of the procedures to review and monitor the Plan.

Guidance to Support the Development of Plan Submissions

Element #1 - Commitment from Senior Management to manage and control biosafety and biosecurity risks at the institution/organization.

Guidance/ Additional Info

Inclusion of a reference to an existing high level institutional/organizational document (if available) that highlights the commitment of senior management to the implementation and ongoing performance of the system in place which has been approved/ signed by senior management.

If there isn't an existing document that can be adapted or used for this purpose, then the plan should reference a statement by senior management highlighting their commitment and indicate how it will be communicated to all impacted individuals.

Helpful Tips/ Examples

This element could:

• be in the form of a Policy, Code, Strategy or any other commitment mechanism commonly utilized within the institution/organization;
• encompass other safety areas (i.e., Health and Safety Code that includes chemical and radiological safety as well as biosafety; or
• be a part of the Enterprise Risk Management documents (if applicable).

Element #2 - Delineation of the roles and responsibilities for committees, individuals, departments etc., that have a role in the control/management of biosafety and biosecurity risks.

Guidance/ Additional Info

This element is intended to include: the associated reporting structures of personnel and committees; areas of expertise of the committee members, their appointment process and terms of memberships; boundaries/limits of authorities (i.e., who has authority to do what); accountabilities; approval mechanisms; management of potential conflict of interest; and financial budgetary resources (if applicable) for the personnel and committees who have a role in the control/management of biosafety and biosecurity risks. For example, indicate how the BSO gets access to resources for biosafety enhancements when required.

Helpful Tips/ Examples

This element could be demonstrated using a variety of methods (e.g., diagrams, flow charts, work descriptions of key personnel, Terms of Reference for Institutional Biosafety committees (IBC) (if applicable), etc.

Element #3 - Establishment of a single point of contact to provide guidance on the Plan and a senior level 'champion' who can represent biosafety issues at a senior level on his/her behalf.

Guidance/ Additional Info

Include information as to who is responsible to provide guidance on the Plan elements (e.g., BSO), and the linkage that is used to transfer the pertinent biosafety and biosecurity information to senior management and back to the working level.

Helpful Tips/ Examples

This element could include information on the utilization of an already well-established system (e.g., BSO linkage to an OHS Director who represents safety at senior level meetings, or higher).

Element #4 - Overview of how biosafety and biosecurity risks, including those from research with dual-use potential, are identified at the institution/ organization.

Guidance/ Additional Info

Include information as to how risks are identified at the institution/organization; who is involved at various levels; how often is the risk identification process done; and how modifications/updates to the overall work areas/activities (e.g., addition of in vivo work) are made.

Provide an overview of how research is reviewed for its potential for dual use (i.e., what tools or series of steps are used to identify potential dual-use), throughout the entire research life cycle. For guidance on how to identify potential dual-use research, refer to the Decision Tree: Identification of Dual-Use Potential in Life Sciences Research, provided on page 8 of the guidance document.

Helpful Tips/ Examples

This element could reference CBS requirements (e.g., An Overarching Risk Assessment is utilized at the institutional level to identify the hazards... etc.), or explain the approach taken if an all hazards approach is used (i.e., chemicals, radiological, biologicals etc.) and mechanisms used for the identification process (e.g., inspections, review of manufacturer's manuals, questionnaires, brainstorming sessions, etc.).

Element #5 - Overview of how biosafety and biosecurity risks, including those from research with dual-use potential, are assessed once they have been identified at an institutional/ organizational level.

Guidance/ Additional Info

Provide an overview of how the biosafety and biosecurity risks are assessed once they have been identified; as to the approach used and who is involved at the various levels. Provide information on how often risk assessments are reviewed, who is involved and what triggers the review.

Provide an overview of how the risks are assessed when dual-use has been identified and who is involved. For considerations on how to assess the risks related to dual-use research, refer to the Considerations for Risk Assessment and Mitigation of Research with Dual-Use Potentialon page 9 of this document.

Helpful Tips/ Examples

This element should include examples of how risks are assessed as they emerge and how multiple levels might be involved in the assessment (if applicable) (i.e., institutional, departmental, etc.).

Element #6 - Overview of how the biosafety and biosecurity risks, including those from research with dual-use potential, are managed and controlled at an institutional/ organizational level.

Guidance/ Additional Info

Provide a brief overview of the mechanisms in place to manage and control the biosafety and biosecurity risks as part of daily oversight. For example, how the determination was made as to which biosafety and biosecurity risks can be eliminated or substituted for a lower risk (e.g., in a teaching lab), versus those that have to be managed and controlled (e.g. pathogens that are integral to the research), and how they are controlled. For guidance on how to assess the risks related to the dual-use research, refer to the Considerations for Risk Assessment and Mitigation of Research with Dual-Use Potential on page 9 of this document.

Helpful Tips/ Examples

This element could include reference to mechanisms in place such as: internal permit systems, off-site control mechanisms, internal inspections, release of research grants (funds) based on compliance, IBC role, incident/accident reporting (this is not specifically a 'control' but it is a mechanism that facilitates reporting LAIs to the federal and provincial agencies as required. It also provides an indicator of the areas where more safety training or equipment may be required.), etc.

Element #7 - Description of all work areas covered by the Plan (research areas, teaching, off-site etc.).

Guidance/ Additional Info

Indicate which work areas are included in the licence (i.e., all areas where controlled activities are taking place, including research, teaching, off-site areas, etc.); provide information as to the mechanism that is in place to cover all of these areas (i.e., 'how' are these areas covered); and how this information is updated when new work areas are added.

Helpful Tips/ Examples

This element could:

• explain how all of the work areas are linked into the internal permitting system (if applicable), how different areas have special permits (i.e., teaching areas), and how researchers who work off-site are captured, etc.
• Indicate how areas are assessed for containment requirements and how the institution/ organization assigns appropriate space for work being done.

Element #8 - Description of all individuals covered by the Plan (researchers, faculty, students etc.).

Guidance/ Additional Info

Indicate 'how' individuals (researchers, faculty, staff and anyone at off-site areas) are captured into the Plan (e.g., how do new researchers know that they have to comply with an institutional biosafety program) and how they are made aware of their need for compliance in the system. If any individual (a student or employee, etc.) of your institution/organization is not covered under the institutional licence, indicate which licence that individual is covered under.

Provide an overview of the training that is required for the different types of positions.

Helpful Tips/ Examples

This element could:

• indicate linkages to the HR system within departments (e.g., when someone is hired, they are notified of the Biosafety/Biosecurity institutional/ organizational requirements--training, internal permits etc.)
• reference mechanisms such as internal permit systems that capture all impacted individuals and special off-site permit systems for individuals working off-site.

Element #9 - Summary of how the Plan is communicated.

Guidance/ Additional Info

Indicate how the information contained within the Plan is communicated to impacted individuals.

Helpful Tips/ Examples

This element could reflect how regular communication at the interfaces between entities responsible for oversight of biosafety and biosecurity risks (e.g., individuals and committees) and between institutional functions (e.g., research vs. academic vs. administration) is achieved and mechanisms used (e.g., official annual reports, lists of biosafety certificates, meetings with senior management, continual interaction/communication from the BSO to the PIs, staff and students, newsletters, social media, etc.).

Element #10 - Overview of the procedures to review and monitor the Plan.

Guidance/ Additional Info

Indicate how or what mechanisms are in place to continually review and monitor the Plan for improvements, efficiencies, or gaps, and what triggers will be used to update and communicate the Plan.

Helpful Tips/ Examples

This element could:

• include a chart to indicate the timeline for continual review/ modifications;
• include indicators/factors that will be utilized as triggers to update and communicate the plan (i.e., a change in procedure for the release in funding, an incident that resulted in a change in the administrative controls, trends in non-compliances that may trigger changes to the biosafety training, application process, inspection frequency, inclusion of specific info sessions or newsletters, etc.)

 

Decision Tree: Identification of Dual-Use Potential in Life Sciences Research

Considerations for Risk Assessment and Mitigation of Research with Dual-Use Potential

Once the dual-use potential has been confirmed, a risk assessment should be performed to assess the ways in which pathogens, knowledge, technology or products (e.g., toxin) could be misused, the ease with which they may be misused, and the scope and magnitude of the potential consequences of misuse.

Considerations of the following questions can help when performing the risk assessment^{Footnote 1}:

• What types of pathogens, knowledge, technology, or products are anticipated to be generated through the research?
• How could pathogens, knowledge, technology, or products resulting from the research be misused to pose harm to public health and safety or national security?
• What type of technical skills will be required to repeat the experiment?
• Are the materials, tools and equipment expensive or difficult to acquire?
• If released outside the laboratory, will the pathogen affect humans and/or animals?
• What is the likelihood that the knowledge, information, technology, or products from the research will be used to harm public health and safety, the environment (including animals) or national security?
• What is the scope and magnitude of the potential risk(s) identified?

An effective oversight system is based on identifying and managing the risks associated with the potential of misuse or misapplication of organisms, knowledge, technology, and products of research resulting in the harm to the public health and safety, animals, or national security. Therefore, risk mitigation plans should be created and measures implemented to address the identified risks.

Considerations of the following questions can help in creating an effective risk mitigation plan^{Footnote 1}

• What is the strategy or strategies being implemented by the institution/organization to address the risks (e.g., applying specific biosafety and biosecurity measures or modifying experimental design or methodology such that an attenuated strain is used or strain's ability to proliferate outside of the lab or within different hosts is limited by using a different technique)?
• Are there currently any countermeasures (e.g., treatments) to help mitigate the potential consequences? Are they readily available?
• How will the results or products of the research be shared or distributed (i.e., will the results or products be shared openly or remain within the laboratory or institutions)?
• How readily available are these results?
• Who will have access to the knowledge, information, technology, or final products?
• Will the risk change if specific information is redacted for publication?

Footnotes