Guidelines to Secure Export Regulated Technology, Software, and Information
Federal export regulations1 are designed to protect national security and trade, and, under these regulations, UTHSC-H and its faculty, staff, and trainees are required to minimize risks that export regulated items are used for terrorist activities and ensure access to export regulated items is controlled. Providing a foreign national in the U.S. access to an export regulated item is a “deemed export, and a license may be required. There are however several exemptions for deemed exports at universities (fundamental research, public domain, education, employment exclusions), but exemptions depend on the item, end user/use, and country of origin of the foreign national. Principal investigators (PI) with research that involves export regulated items that are not exempt should identify and implement strategies that are necessary/appropriate to secure export regulated aspects of their research.
When developing security strategies, PIs should consider a variety of factors that drive the level and type of security required, and these factors include: type of item (e.g. biological agent vs. encrypted software); number and type of research investigators and their level of responsibilities for/access to regulated items; involvement of trainees; and physical environment (e.g. restricted lab vs. dispersed research settings). Examples of security strategies are highlighted below.
Screen research personnel – Background checks can be conducted for foreign nationals (i.e. faculty, staff, trainees, visitors) prior to their participating in research affected by export regulations. There are several online lists that identify individuals who have sanctions/restrictions (Denied Persons List, Denied Entity List, and Unverified End Users from the U.S. Commerce Dept; Specially Designated Nationals, Proliferators List, and Specially Designated Nationals from the U.S. Treasury Dept.; Debarred Parties List from the U.S. State Dept.). Human Resources is also available to advise supervisors about if / what background checks are necessary (713) 500-3140.
Train research personnel about export regulations and security requirements – PIs should also educate their research team about the export regulations and security requirements relevant to their research.
Identify export-controlled items – Identify/mark export regulated items so research personnel clearly understand what/how items should be secured.
Secure lab documents with export regulated information – Secure lab documents with export regulated information to ensure it is accessible only to authorized personnel (e.g. locked cabinets/rooms).
Secure computers with export regulated data/information – Secure computers with export regulated data/information to ensure they are accessible only to authorized personnel (e.g. locked rooms, password protection).
Control access to laboratories conducting research involving export regulated technologies - Access to laboratories conducting research involving export regulated technologies should be controlled/regulated so access is limited to individuals with appropriate clearance/training.
Contact information for security for export controlled items - hazardous reagents contact Environmental Health and Safety at (713) 500-8100; data, computer hardware/software, information security contact IT Security Team at (713) 500-2238; personnel security contact Pre-employment Processing at (713) 500-3140.
1 Export Administration Regulations (EAR) administered by U.S. Commerce Dept.; International Traffic in Arms Regulations (ITAR) ad ministered by U.S. State Dept.; Foreign Assets Control Regulations administered by Office of Foreign Assets Control (OFAC) in Treasury Dept.
