Supporting Statement A
Possession, Use, and Transfer of Select Agents and Toxins (42 CFR Part 73)
(OMB Control No. 0920-0576)
Revision
Centers for Disease Control and Prevention
Office of Public Health Preparedness and Response
Division of Select Agents and Toxins
Lori Bane
(404) 718-2006
(404) 718-2097 FAX
July 23, 2015
Table of Content
1. Circumstances Making the Collection of Information Necessary 3
2. Purpose and Use of Information Collection 5
3. Use of Improved Technology and Burden Reduction 5
4. Efforts to Identify Duplication and Use of Similar Information 5
5. Impact on Small Businesses or Other Small Entities 6
6. Consequences of Collecting the Information Less Frequently 6
7. Special Circumstances Relating to the Guidelines of 5 CFR 1320.5 6
8. Comments in Response to the Federal Register Notice and Efforts to Consult Outside the Agency 6
9. Explanation of Any Payment or Gift to Respondents 7
10. Assurance of Confidentiality Provided to Respondents 7
11. Justification of Sensitive Questions 9
12. Estimates of Annualized Burden Hours and Costs 9
13. Estimates of Other Total Annual Cost Burden to Respondents or Record keepers 11
14. Annualized Cost to the Government 11
15. Explanation for Program Changes or Adjustments 12
16. Plans for Tabulation and Publication and Project Time Schedule 12
17. Reason(s) Display of OMB Expiration Date is Inappropriate 12
18. Exceptions to Certification for Paperwork Reduction Act Submission 12
Supporting Statement A
The goal of the study is to support the Public Health Safety and
Bioterrorism Preparedness and Response Act of 2002 and ensure
select agents or toxins are managed appropriately to prevent any
threats to human health or safety.
The intended use of the study is to fulfill the requirements
promulgated by HHS under this part and also subject to
corresponding regulations promulgated by USDA at 9 CFR Part 121 and
7 CFR Part 331.
The method used to collect data/information is an electronic data
collection system that uses electronic forms, which are available
on the Federal Select Agent Program website at
http://www.selectagents.gov/forms.html in a pdf-fillable format for
electronic submission.
The subpopulation to be studied are those individuals or entities
requesting the possession and use of select agents and toxins or
any changes to the entity’s registration, transfer of select
agents and toxins, report the theft, loss or release of a select
agent or toxin and report the identification of a select agent or
toxin contained in a specimen presented for diagnosis,
verification, or proficiency testing.
This collection of information does not employ statistical methods.
The data collection is mandated by 42 CFR 73.
This is request for revision to OMB Control No. 0920-0576: Possession, Use, and Transfer of Select Agents and Toxins; Final Rule. The data collection and reporting requirements are required under 42 CFR Part 73 (Attachment 1). This request reflects revisions to the forms since Office of Management and Budget (OMB)’s approval in November 2012. The revisions to the data collection are primarily changes to the forms to clarify instructions, correct editorial errors from previous submission, and reformat the structure of the forms based on the day-to-day processing of these forms. Changes were made to the following forms: Report of Identification of a Select Agent or Toxin, Request of Exemption, Application for Registration, Request to Transfer Select Agents and Toxins, and Administrative Review. The Centers for Disease Control and Prevention (CDC) is requesting a 3-year approval for this data collection. CDC in conjunction with U.S. Department of Agriculture (USDA)/ Animal and Plant Health Inspection Service (APHIS) will be using the same forms for this data collection.
Subtitle A of the Public Health Security and Bioterrorism Preparedness and Response Act of 2002, (42 U.S.C. 262a), requires the United States Department of Health and Human Services (HHS) to regulate the possession, use, and transfer of biological agents or toxins that have the potential to pose a severe threat to public health and safety (select agents and toxins). Subtitle B of the Public Health Security and Bioterrorism Preparedness and Response Act of 2002 (which may be cited as the Agricultural Bioterrorism Protection Act of 2002), (7 U.S.C. 8401), requires the USDA to regulate the possession, use, and transfer of biological agents or toxins that have the potential to pose a severe threat to animal or plant health, or animal or plant products (select agents and toxins). Accordingly, HHS and USDA have promulgated regulations requiring individuals or entities that possess, use, or transfer select agents and toxins to register with the CDC or APHIS. See 42 C.F.R. Part 73, 7 C.F.R. Part 331, and 9 C.F.R. Part 121 (the select agent regulations). The Federal Select Agent Program (FSAP) is the collaboration of the CDC, Division of Select Agents and Toxins (DSAT) and the APHIS Agriculture Select Agent Services (AgSAS) to administer the select agent regulations in a manner to minimize the administrative burden on persons subject to the select agent regulations. The FSAP administers the select agent regulations in close coordination with the Federal Bureau of Investigation’s Criminal Justice Information Services (CJIS). Accordingly, CDC and APHIS have adopted an identical system to collect information for the possession, use, and transfer of select agents and toxins.
The agents and toxins subject to the HHS data collection are those that pose a serious threat to public health and safety. These agents and toxins are further identified as non-overlap or overlap agents or toxins. These agents and toxins are subject to requirements promulgated by HHS under this part and also subject to corresponding regulations promulgated by USDA at 9 CFR Part 121 and 7 CFR Part 331. This information will assist with meeting the goals of the Public Health Safety and Bioterrorism Preparedness and Response Act of 2002 and ensure select agents or toxins are managed appropriately to prevent any threats to human health or safety.
Request for Exclusion: An attenuated strain of a select agent or a select toxin modified to be less potent or toxic may be excluded from the requirements of this part based upon a determination by the HHS Secretary that the attenuated strain or modified toxin does not pose a severe threat to public health and safety (42 CFR 73.3 and 4 (e)). CDC has not developed standardized forms to use in the above situation. Rather, the entity should provide the information as requested in the appropriate section of the regulation.
The Report of Identification of Select Agent or Toxin form (42 CFR 73.5(a) (b) and 73.6(a) (b)) is used by clinical or diagnostic laboratories and other entities to notify FSAP that a select agent or toxin identified as the result of diagnosis, verification, or proficiency testing have been disposed of in a proper manner.
The Request for Exemption form (42 CFR 73.5(d)(e) and 73.6(d)(e)) is used by entities that are using an investigational product that are, bear, or contain select agents or toxins.
The Application for Registration (42 CFR, 73.7(d)) is used by entities to register with FSAP. The Application for Registration requests facility information; a list of select agents or toxins in use, possession, or for transfer by the entity; characterization of the select agent or toxin; and laboratory information. This form is also used by the entity to amend their registration (42 CFR, 73.7(h) (1)) if any changes occur in the information submitted. When applying for an amendment to a certificate of registration, an entity must obtain the relevant portion of the application package and submit the information requested in the package to FSAP.
The Amendment to a Certificate of Registration Form is used to amend a Certificate of Registration.
Documentation of Self-Inspection: Prior to issuance of a certificate of registration, CDC inspects entities to ensure compliance with this regulation (42 CFR 73.18). As part of the inspection process, the entity may need to respond to written requests from CDC. CDC has not developed standardized forms to use in the above situation. Rather, the entity should provide the information as requested in the appropriate section of the regulation.
Request for Expedited Review: An entity may apply to the HHS Secretary for an expedited review of an individual by the Attorney General (42 CFR 73.10(e)). To apply for this expedited review, an entity must submit a request in writing to the HHS Secretary establishing the need for such action. CDC has not developed standardized forms to use in the above situation. Rather, the entity should provide the information as requested in the appropriate section of the regulation.
Security Plan: An individual or entity required to register under this part must develop and implement a written security plan. The security plan must be sufficient to safeguard the select agent or toxin against unauthorized access, theft, loss, or release (42 CFR 73.11(a)). CDC has not developed standardized forms to use in the above situation. Rather, the entity should provide the information as requested in the appropriate section of the regulation.
Biosafety Plan: An individual or entity required to register under this part must develop and implement a written biosafety plan that is commensurate with the risk of the select agent or toxin, given its intended use. The biosafety plan must contain sufficient information and documentation to describe the biosafety and containment procedures for the select agent or toxin, including any animals (including arthropods) or plants intentionally or accidentally exposed to or infected with a select agent (42 CFR 73.12(a)). CDC has not developed standardized forms to use in the above situation. Rather, the entity should provide the information as requested in the appropriate section of the regulation.
Request Regarding a Restricted Experiment: An individual or entity may not conduct, or possess products resulting from, the following experiments unless approved by and conducted in accordance with the conditions prescribed by the HHS Secretary:
(1) Experiments that involve the deliberate transfer of, or selection for, a drug resistance trait to select agents that are not known to acquire the trait naturally, if such acquisition could compromise the control of disease agents in humans, veterinary medicine, or agriculture.
(2) Experiments involving the deliberate formation of synthetic or recombinant DNA containing genes for the biosynthesis of select toxins lethal for vertebrates at an LD[50] < 100 ng/kg body weight (42 CFR 73.13 (a)). CDC has not developed standardized forms to use in the above situation. Rather, the entity should provide the information as requested in the appropriate section of the regulation.
Incident Response Plan: An individual or entity required to register under this part must develop and implement a written incident response plan based upon a site specific risk assessment. The incident response plan must be coordinated with any entity-wide plans, kept in the workplace, and available to employees for review (42 CFR 73.14 (a)). CDC has not developed standardized forms to use in the above situation. Rather, the entity should provide the information as requested in the appropriate section of the regulation.
Training: The Responsible Official must ensure a record of the training provided to each individual with access to select agents and toxins and each escorted individual (e.g., laboratory workers, visitors, etc.) is maintained. The record must include the name of the individual, the date of the training, a description of the training provided, and the means used to verify that the employee understood the training (42 CFR 73.16(d)). CDC has not developed standardized forms to use in the above situation. Rather, the entity should provide the information as requested in the appropriate section of the regulation.
The Request to Transfer Select Agent or Toxin form (42 CFR 73.16) is used by entities requesting pre-authorization from FSAP to receive or send a select agent or toxin.
Records: An individual or entity required to register under this part must maintain complete records relating to the activities covered by the select agent regulations (42 CFR 73.17 (a)). CDC has not developed standardized forms to use in the above situation. Rather, the entity should provide the information as requested in the appropriate section of the regulation.
The Report of Potential Theft, Loss, or Release of Select Agent or Toxin form (42 CFR 73.19(a) (b)) is completed by entities whenever there is theft, loss, or release of a select agent or toxin.
CDC/DSAT has implemented an electronic data collection system that uses electronic forms which are available on the Federal Select Agent Program website at http://www.selectagents.gov/forms.html in a pdf-fillable format for electronic submission. The use of a pdf-fillable format, allows respondents to save the document to their local drive, complete the form, and then upload the form to FSAP. The entity can retain an electronic copy of their submission which will make it easier for the entity to amend any future submissions.
The FSAP is also committed and pursuing to a single shared web-based system that will allow the regulated community to conduct transactions electronically with either agency. By providing the regulated community a single web portal, FSAP will be able to interact efficiently, effectively, while reducing the burden on the public. This environment will provide for the electronic exchange of information for creating, amending, and submitting registration applications; requests for approvals for transfers, exemptions, or exclusions; and reports of identification and theft, loss, or release of a select agent or toxin.
The FSAP continues to working closely to identify duplication of the proposed data collection. DSAT has established relationships with the following federal agencies: Department of Homeland Security (DHS), the Department of Defense; Department of Army Inspector General (DoD, DAIG) and the Department Veterans Affairs. Each of these agencies shares a similar interest in the possession, use and transfers of select agents and toxins and has participated in joint inspections.
The Public Health Safety and Bioterrorism Preparedness and Response Act of 2002 (Public Law 107) required the development of a common registration system for the purpose of verifying the credentials, licenses, accreditations, and hospital privileges of such professionals during public health emergencies. There is no similar database available to identify individuals or entities registered to possess, use and transfer select agents and toxins.
CDC recognizes that a small number of entities affected by the data collection requirements of this regulation may be small businesses. For this reason, the information needed in the data collection has been kept to a minimum.
There are legal obstacles to reducing the burden by collecting this information less frequently. The purpose of this information collection is to meet mandated regulatory requirements. If this information were collected less frequently, it would not be possible for DSAT to carry out its commitments to protect the public health as mandated by these regulations
This request fully complies with the regulation in 5 CFR 1320.5.
A8A. A “60 Day Federal Register Notice” was published in the Federal Register on Friday, April 3, 2015, Vol. 80, No.64, Pages 18242-18243 (Attachment 2). There was one non-substantial public comment (Attachment 3) addressing the inclusion of Brucella on the select agent list. CDC did not reply to this comment as does not pertain to this information collection.
FSAP began revising the proposed data collection instruments in the fall of 2014. The following representatives from AgSAS assisted with the development of the data collection instruments:
Cassie Armiger
Animal Plant Health and Inspection Service
U.S. Department of Agriculture
4700 River Road, Unit 40
Riverdale, MD 20737-1231
Phone: (301) 851-2052
Kimberly A. Hardy
Animal Plant Health and Inspection Service
U.S. Department of Agriculture
4700
River Rd., Unit 123
Riverdale, MD 20737
Phone: (301)
851-2727
[email protected]
Respondents will not receive any payment or gift.
This submission has been reviewed by the Information Collection Request Office (ICRO) who determined that the Privacy Act does apply. The following information in identifiable form (IIF) will be collected: name, date of birth, department of justice identification number and job title. The Application for Registration (APHIS/CDC Form 1) requires the Responsible Official or Alternate Responsible Official provide the name, date of birth, department of justice identification number and job title of each individual that has access to select agents and toxins. The information is shared with the Federal Bureau of Investigation (FBI)/ Criminal Justice Information Services Division (CJIS). The FSAP approves the individual or entity to possess, use and transfer select agents and toxins based on the security risk assessment performed by CJIS.
To comply with the Office of Management and Budget (OMB) Memoranda (M) 07-16, Safeguarding Against and Responding to the Breach of Personally Identifiable Information, a Federal Register notice Vol. 76, No. 16, Tuesday, January 25, 2011, pages 4483-4485, was published to alter the System of Records, 09-20-0170 (Attachment 4), National Select Agent Registry (NSAR)/Select Agent Transfer and Entity Registration Information System (SATERIS), HHS/CDC/COTPER.
The following special safeguards are provided to protect the records from inadvertent disclosure:
Authorized Users: A database security package is implemented on CDC computers to control unauthorized access to the system. Attempts to gain access by unauthorized individuals are automatically recorded and reviewed on a regular basis. Individuals who have routine access to these records are limited to Select Agent Program staff (DSAT Full Time Employees) and contractors) who have responsibility for conducting regulatory oversight of individuals and entities that possess, use, or transfer select agents and toxins.
Physical Safeguards: Paper records are maintained in locked cabinets in locked rooms in a restricted access location that is controlled by a cardkey system, and security guard service provides personnel screening of visitors. Electronic data files are password protected and stored in a restricted access location. The computer room is protected by an automatic sprinkler system, numerous automatic sensors (e.g., water, heat, smoke, etc.) are installed, and a proper mix of portable fire extinguishers is located throughout the computer room. The system is backed up on a nightly basis with copies of the files stored off site in a secure location. Computer workstations, lockable personal computers, and automated records are located in secured areas.
Procedural Safeguards: Protection for computerized records includes programmed verification of valid user identification code and password prior to logging on to the system; mandatory password changes, limited log-ins, virus protection, and user rights/file attribute restrictions. Password protection imposes user name and password log-in requirements to prevent unauthorized access. Each user name is assigned limited access rights to files and directories at varying levels to control file sharing. There are routine daily backup procedures and secure off-site storage is available for backup files.
Knowledge of individual tape passwords is required to access tapes, and access to the system is limited to users obtaining prior supervisory approval. To avoid inadvertent data disclosure, a special additional procedure is performed to ensure that all Privacy Act data are removed from computer tapes and/or other magnetic media. When possible, a backup copy of data is stored at an offsite location and a log kept of all changes to each file and all persons reviewing the file. Additional safeguards may also be built into the program by the system analyst as warranted by the sensitivity of the data set.
CDC/DSAT and contractor employees who maintain records are instructed in specific procedures to protect the security of records, and are to check with the system manager prior to making disclosure of data. When individually identified data are being used in a room, admittance at either CDC or contractor sites is restricted to specifically authorized personnel.
Appropriate Privacy Act provisions are included in contracts and the CDC/DSAT Project Director, contract officers, and project officers oversee compliance with these requirements. Upon completion of the contract, all data will be either returned to CDC/DSAT or destroyed, as specified by the contract.
The USDA/APHIS/AgSAS maintains similarly stringent safeguards that are discussed within that agency’s Select Agent system of records notice.
Implementation Guidelines: The safeguards outlined above are in accordance with the HHS Information Security Program Policy and FIPS Pub 200, “Minimum Security Requirements for Federal Information and Information Systems.” Data maintained on CDC’s Mainframe and the OPHPR Local Area Network is in compliance with OMB Circular A-130, Appendix III. Security is provided for information collection, processing, transmission, storage, and dissemination in general support systems and major applications.
Because of the national security sensitivity of the information in this database, CDC has determined that making this information available through a public database would compromise one of the primary purposes of the legislation. Therefore, CDC will not create a publicly available database of information. Disclosure of any registration or transfer documentation by the federal government is prohibited by P.L. 107-188.
Institutional Review Board
Institutional Review Board approval is not required.
There are questions in the data collection instruments that are directly related to criminal behavior which is considered sensitive information. The Public Health Safety and Bioterrorism Preparedness and Response Act of 2002 (Public Law 107) required the development of a common registration system for the purpose of verifying the credentials, licenses, accreditations, and hospital privileges of such professionals during public health emergencies. Therefore, questions in reference criminal behavior are necessary to obtain information regarding possible criminal activity.
Estimated Annualized Burden Hours
Annualized burden hours and cost were calculated based on data regarding reports received since the last submission. The currently approved annualized burden is 8,923 hours. The 2015 estimated annualized burden hours are 8,527. Burden has reduced due to the decrease in the number of respondents.
Estimated Annualized Burden Hours
Section |
Form Name |
Number of Respondents |
Number of Responses per Respondent |
Average Burden per Response (in hours) |
Total Burden Hours |
73.3 & 73.4 |
Request for Exclusions |
3 |
1 |
1 |
3 |
73.5 & 6 |
Report of Identification of a Select Agent or Toxin |
303 |
3 |
1 |
909 |
73.5 & 73.6 |
Request for Exemption |
1 |
1 |
1 |
1 |
73.7 |
Application for Registration |
5 |
1 |
5 |
25 |
73.7 |
Amendment to a Certificate of Registration |
277 |
7 |
1 |
1,939 |
73.9 |
Documentation of self-inspection |
277 |
1 |
1 |
277 |
73.10 |
Request for Expedited Review |
1 |
1 |
30/60 |
0.5 |
73.11 |
Security Plan |
277 |
1 |
5 |
1,385 |
73.12 |
Biosafety Plan |
277 |
1 |
5 |
1,385 |
73.13 |
Request Regarding a Restricted Experiment |
20 |
2 |
1 |
40 |
73.14 |
Incident Response Plan |
277 |
1 |
5 |
1,385 |
73.15 |
Training |
277 |
1 |
1 |
277 |
73.16 |
Request to Transfer Select Agents and Toxins |
156 |
2 |
1 |
312 |
73.17 |
Records |
277 |
1 |
30/60 |
138.5 |
73.19 |
Notification of Potential Theft, Loss, or Release |
215 |
2 |
1 |
430 |
73.20 |
Administrative Review |
5 |
4 |
1 |
20 |
Total |
|
|
|
|
8,527 |
Estimated Annualized Burden Costs
Section |
Form Name |
Total Burden Hours |
Hourly Wage Rate
|
Total Respondent Cost |
73.3 & 73.4 |
Request for Exclusions |
3 |
$35.12 |
$105.36 |
73.5 & 6 |
Report of Identification of a Select Agent or Toxin |
909 |
$35.12 |
$31,924.08 |
73.5 & 73.6 |
Request of Exemption |
1 |
$35.12 |
$35.12 |
73.7 |
Application for Registration |
25 |
$35.12 |
$878.00 |
73.7 |
Amendment to a Certificate of Registration |
1,939 |
$35.12 |
$68,097.68 |
73.9 |
Documentation of self-inspection |
277 |
$35.12 |
$9,728.24 |
73.10 |
Request for Expedited Review |
0.5 |
$35.12 |
$17.56 |
73.11 |
Security Plan |
1,385 |
$35.12 |
$48,641.20 |
73.12 |
Biosafety Plan |
1,385 |
$35.12 |
$48,641.20 |
73.13 |
Request Regarding a Restricted Experiment |
40 |
$35.12 |
$1,404.80 |
73.14 |
Incident Response Plan |
1,385 |
$35.12 |
$48,641.20 |
73.15 |
Training |
277 |
$35.12 |
$9,728.24 |
73.16 |
Request to Transfer Select Agents and Toxins |
312 |
$35.12 |
$10,957.44 |
73.17 |
Records |
138.5 |
$35.12 |
$4,864.12 |
73.19 |
Notification of Theft, Loss, or Release |
430 |
$35.12 |
$15,101.60 |
73.20 |
Administrative Review |
20 |
$35.12 |
$702.40 |
Total Cost |
|
|
|
$299,468.24 |
When estimating the annualized burden costs, CDC assumes that the hourly burden would be evenly split between managerial staff and clerical staff. We are using an average hourly respondent labor rate of $55.81 for managerial staff and $ 14.42 for clerical staff. To calculate the mean hourly rate, we averaged these two figures for an hourly wage rate of $35.12. These rates were obtained from the Bureau of Labor Statistics, from the 2013 Occupational Employment Statistics Survey by Occupation (http://www.bls.gov/oes/).
Respondents incur no capital or maintenance costs. The only costs incurred to respondents are those associated with telephone calls, mailing, and fax transmissions. All of these costs are part of normal business expenses.
The total annualized cost for implementing these regulatory activities budgeted is $15,694,401 and includes FTE’s and contracts.
Compensation summary $5,881,330
Personnel benefits 1,956,197
Travel & transportation: Inspectors 855,238
Transportation: Shipping 10,097
Rent, telecommunication, other communication & utilities 64,621
Printing & reproduction 10,330
Consulting and other services 6,837,415
Supplies & materials 49,122
Equipment 30,051
Grand Total: $15,694,401
The program changes in this revised data collection are primarily changes to the forms to clarify instructions, correct editorial errors from previous submissions, and reformat the structure of the forms based on the day-to-day processing of these forms. There is a reduction in burden due to entities (respondents) withdrawing from the Federal Select Agent Program.
There are no plans for tabulation and publication of these data.
The display of the OMB expiration date is appropriate.
There are no exceptions to the certification.
Attachment 1 Possession, Use and Transfer of Select Agents and Toxins (42 CFR Part 73) – Final Rule
Attachment 2 60-Day Federal Register Notice 0920-0576
Attachment 3 Public Comments to 60-Day Federal Register Notice 0920-0576
Attachment 4 System of Record Notice
Attachment 5 Request for Exclusions
Attachment 6 Report of Identification of a Select Agent or Toxin
Attachment 7 Request for Exemption
Attachment 8 Application for Registration
Attachment 9 Amendment to a Certificate of Registration
Attachment 10 Documentation of self-inspection
Attachment 11 Request for Expedited Review
Attachment 12 Security Plan
Attachment 13 Biosafety Plan
Attachment 14 Request Regarding a Restricted Experiment
Attachment 15 Incident Response Plan
Attachment 16 Training
Attachment 17 Request to Transfer Select Agents and Toxins
Attachment 18 Records
Attachment 19 Notification of Theft, Loss, or Release
Attachment 20 Administrative Review
| File Type | application/msword |
| File Title | Supporting Statement for |
| Author | zoz1 |
| Last Modified By | Cenac, Carol E. (CDC/OD/OADS) |
| File Modified | 2015-07-23 |
| File Created | 2015-07-16 |