42 U.S. Code § 19234 - Research security training requirement for Federal research award personnel

(a) Annual training requirement

(1) In general

Not later than 12 months after August 9, 2022, each Federal research agency shall establish a requirement that, as part of an application for a research and development award from the agency—

(A) each covered individual listed on the application for a research and development award certify that each such individual has completed within one year of such application research security training that meets the guidelines developed under subsection (b); and

(B) each institution of higher education or other organization applying for such an award certify that each covered individual who is employed by such institution or organization and listed on the application has completed such training.

(2) Consistency

The Director of the Office of Science and Technology Policy shall ensure that the training requirements established by Federal research agencies pursuant to paragraph (1) are consistent.

(b) Training guidelines

The Director of the Office of Science and Technology Policy, acting through the National Science and Technology Council and in accordance with the authority provided under section 1746(a) of the National Defense Authorization Act for Fiscal Year 2020 (Public Law 116–92; 42 U.S.C. 6601 note), shall, taking into consideration stakeholder input, develop guidelines for institutions of higher education and other organizations receiving Federal research and development funds to use in developing their own training programs to address the unique needs, challenges, and risk profiles of such institutions and other organizations, including adoption of security training modules developed under subsection (c), to ensure compliance with National Security Presidential Memorandum–33 (relating to strengthening protections of the United States Government-supported research and development against foreign government interference and exploitation) or any successor documents.

(c) Security training modules

(1) In general

Not later than 90 days after August 9, 2022, the Director of the Office of Science and Technology Policy, in coordination with the Director of the National Science Foundation, the Director of the National Institutes of Health, the Secretary of Energy, and the Secretary of Defense, and in consultation with the heads of relevant Federal research agencies, shall enter into an agreement or contract with a qualified entity for the development of online research security training modules for the research community and participants in the United States research and development enterprise to ensure compliance with National Security Presidential Memorandum–33 or successor documents, including modules—

(A) focused on cybersecurity, international collaboration and international travel, foreign interference, and rules for proper use of funds, disclosure, conflict of commitment, and conflict of interest; and

(B) tailored to the unique needs of—

(i) covered individuals;

(ii) undergraduate students, graduate students, and postdoctoral researchers; and

(iii) applicants for awards under the SBIR and STTR programs (as such terms are defined in section 638(e) of title 15.

(2) Stakeholder input

Prior to entering into the agreement under paragraph (1), the Director of the Office of Science and Technology Policy shall seek input from academic, private sector, intelligence, and law enforcement stakeholders regarding the scope and content of security training modules, including the diversity of needs across institutions of higher education and other recipients of different sizes and types, and recommendations for minimizing administrative burden on recipients and researchers.

(3) Development

The Director of the Office of Science and Technology Policy shall ensure that the entity referred to in paragraph (1)—

(A) develops security training modules that can be adapted and utilized across Federal research agencies; and

(B) develops and implements a plan for regularly updating such modules as needed.

(Pub. L. 117–167, div. B, title VI, § 10634, Aug. 9, 2022, 136 Stat. 1667.)