A Biosecurity Plan must be developed by any facility that handles or stores human or animal pathogens or toxins as these pose a risk to personnel, the community, and the environment. “The purpose of a biosecurity program is to prevent the loss, theft, misuse, diversion, or intentional release of biological assets.”
The biosecurity plan needs to be developed based on a biosecurity risk assessment. This biosecurity risk assessment is and evaluation of the probability of an intentional event, such as the theft of assets and the consequences of that event. The biosecurity risk assessment will be specific for each facility.
Elements of a Biosecurity Plan
Every biosecurity plan must address the following elements:
Physical Security: physical and security controls must be put on place to restrict access of unauthorized individuals to a facility, part of a facility, or assets to protect them from damage, theft, or misuse. The complexity of these controls will depend on the level of risk determined by the facility’s biosecurity risk assessment.
Physical and security controls may include key access to facility, additional level of control for laboratory areas, locked freezers where organisms are stored, etc. It is important that the facility maintains a record for keys, codes, combinations, etc. that limit or restrict access to containment zones, infectious material, or toxins.
Facilities must also have a protocol for the entry of non-authorized individuals such as trainees, maintenance staff, etc. who require temporary access are important considerations when evaluating access control.
Personnel Suitability and Reliability: potential employees which will be granted access to pathogens, toxins or other regulated infectious material need to be screened to evaluate their integrity and reliability; this may include background checks and HPTA Security Clearances.
Pathogen and Toxin Accountability and Inventory Control: pathogens, toxins, and other regulated infectious material in long-term storage need to be tracked and documented within the organization and when transported within or to a different organization. This requirement does not apply to material that is in use such as cultures or ongoing experiments/tests.
A robust pathogen and toxin inventory and accountability system will include a designated individuals responsible for the maintenance of the inventory; documentation of all transfers, inactivation, and disposal of material; proper labelling for long term storage and accountability; accountability measures to protect pathogens and toxins when transported from one location to another.
Incident and Emergency Response: an incident is an event that has the potential to cause harm to personnel, the community, or the environment. “Incidents involving pathogens, toxins, other regulated infectious material, infected animals, or failure of containment systems or control systems be immediately reported to the appropriate internal authority, and in some cases, to the PHAC.”
Examples of biosecurity incidents are: any loss or compromise of keys, passwords, combinations, remote access equipment; unauthorized access or attempts to access restricted access areas; any suspicious persons or activities; any discrepancy in the inventory.
Information Management and Security: specific measures must be put in place to assure sensitive information is protected from unauthorized access, keeping it confidential and making it accessible only to those who need it.
Training of the personnel is essential for the success of the biosecurity plan. Personnel need to be knowledgeable about the hazards and threats associated with the pathogens and toxins present in their work environment, and of the measures and protocols that can prevent accidental exposure to, or release of, pathogens and toxins, and maintain the security of assets.
It is important that the biosecurity plan is regularly reviewed and continually improved so that it remains relevant, applicable, and effective.