CDC Generally Met Its Inspection Goals for the Federal Select Agent Program; However, Opportunities Exist To Strengthen Oversight

WHY WE DID THIS STUDY

Biosafety and biosecurity incidents at laboratories involving select agents and toxins have raised concerns regarding how CDC's Division of Select Agents and Toxins (DSAT) oversees entities that handle select agents and toxins, as well as the potential impact to public health and safety. For instance, in May 2015, the Department of Defense acknowledged that one of its laboratories inadvertently shipped live anthrax-causing bacteria. This event helped spur a July 2015 congressional hearing on oversight concerns related to the Federal Select Agents Program (FSAP). This data brief will help strengthen the FSAP by providing new analyses that DSAT can use to enhance its oversight. It is intended to complement the 2015 Annual Report of the Federal Select Agent Program, which was issued in June 2016, as well as the forthcoming 2016 annual report, which is expected to be issued in June 2017.

HOW WE DID THIS STUDY

We analyzed FSAP regulations, DSAT documents, and DSAT data to calculate the numbers and types of inspections; observations; Theft, Loss, and Release (TLR) events; and compliance actions from 2013 through 2015. We also interviewed DSAT staff and obtained draft DSAT and FSAP policies to learn about current and planned program policies, goals, and oversight activities.

WHAT WE FOUND

We found that CDC met its goal to perform a Registration Renewal inspection at least once at nearly all entities in our review from 2013 through 2015. Additionally, CDC identified at least one observation (i.e., an instance of regulatory noncompliance) per entity, and the majority of these observations were associated with two areas: Biosafety and Security. In 2015, CDC exceeded its annual goal for 30 percent of its inspections to be unannounced; in 2013 and 2014, CDC did not meet this goal and focused instead on announced inspections for training purposes. We also found that while 74 entities reported 341 TLR events to DSAT from 2013 through 2015, nearly 75 percent of entities had not reported a TLR event during the timeframe we reviewed. CDC officials expressed concern that entities could be underreporting these events. Of the entities that did report TLR events during this period, most were Releases but only one resulted in occupational illness. CDC also initiated compliance actions for 14 percent of entities, most of which were Referrals to enforcement agencies for further review. DSAT has several draft policies that, when finalized, are intended to provide information on how DSAT assesses and mitigates risk in the select agent program; however, DSAT may wish to consider additional factors, such as TLR events and compliance actions over time, when integrating these risk management activities into a broader profile of the risks that entities pose to public health and safety.