skip to main content

S. 1744: Genomics Data Security Act


The text of the bill below is as of May 20, 2021 (Introduced).


II

117th CONGRESS

1st Session

S. 1744

IN THE SENATE OF THE UNITED STATES

May 20, 2021

introduced the following bill; which was read twice and referred to the Committee on Health, Education, Labor, and Pensions

A BILL

To improve national security at the National Institutes of Health, to address national security issues in the licensure of biological products, to address national security considerations in research at the Department of Health and Human Services, and for other purposes.

1.

Short title

This Act may be cited as the Genomics Data Security Act.

2.

Modernizing the National Institutes of Health’s approach to national security

Section 402(m)(2) of the Public Health Service Act (42 U.S.C. 282(m)(2)) is amended—

(1)

in subparagraph (E), by striking ; and and inserting a semicolon;

(2)

by redesignating subparagraph (F) as subparagraph (G); and

(3)

by inserting after subparagraph (E) the following:

(F)

address national security issues, including ways in which the National Institutes of Health can engage with other Federal agencies to modernize the national security strategy of the National Institutes of Health; and

.

3.

Utilization of genomic sequencing services by the National Institutes of Health

Notwithstanding any other provision of law, no amounts made available to the National Institutes of Health may be used with respect to activities carried out by any company or its subcontractors or subsidiaries—

(1)

over which control is exercised or exercisable by the Government of the People's Republic of China, a national of the People’s Republic of China, or an entity organized under the laws of the People’s Republic of China; or

(2)

in which the Government of the People's Republic of China has a substantial interest.

4.

National security considerations through licensure

Section 353 of the Public Health Service Act (42 U.S.C. 263a) is amended—

(1)

by redesignating subsection (q) as subsection (r); and

(2)

by inserting after subsection (p) the following:

(q)

Ties to the People's Republic of China

(1)

In general

Each certificate issued by the Secretary under this section shall state whether—

(A)

the laboratory;

(B)

the company that owns or manages the laboratory; or

(C)

any subcontractors or subsidiaries of such a laboratory or company,

is an entity described in paragraph (2).
(2)

Entity described

An entity described in this paragraph is an entity—

(A)
(i)

that is engaged in the biological, microbiological, serological, chemical, immuno-hematological, hematological, biophysical, cytological, pathological, or other examination of materials derived from the human body for the purpose of providing information for the diagnosis, prevention, or treatment of any disease or impairment of, or the assessment of the health of, people of the United States; or

(ii)

that handles or has access to any data related to people of the United States that is derived from any activity described in clause (i); and

(B)
(i)

over which control is exercised or exercisable by the Government of the People's Republic of China, a national of the People’s Republic of China, or an entity organized under the laws of the People’s Republic of China; or

(ii)

in which the Government of the People's Republic of China has a substantial interest.

.

5.

NIH Grantee ties to foreign governments

Title IV of the Public Health Service Act is amended by inserting after section 403C (42 U.S.C. 283a–2) the following:

403C–1.

Annual reporting regarding grantee ties to foreign governments

(a)

In general

On an annual basis, the Director of NIH shall submit to the Committee on Health, Education, Labor, and Pensions, the Committee on Foreign Relations, and the Select Committee on Intelligence of the Senate, and to the Committee on Energy and Commerce, the Committee on Foreign Affairs, and the Permanent Select Committee on Intelligence of the House of Representatives, a report on any ties to foreign governments that researchers funded by grants from the National Institutes of Health have and that are not properly disclosed, vetted, and approved by the National Institutes of Health, including the status of any ongoing National Institutes of Health compliance reviews related to such ties and all administrative actions taken to address such concerns.

(b)

Requirement

The Committees receiving the reports under subsection (a) shall keep confidential, and shall not release, any provision of such a report that is related to an ongoing National Institutes of Health compliance review.

.

6.

National security considerations in research

(a)

Establishment of working group

Not later than 120 days after the date of enactment of this Act, the Secretary of Health and Human Services (referred to in this section as the Secretary) shall establish a working group (in this Act referred to as the Working Group) in the Department of Health and Human Services to make recommended updates to the National Institute of Health’s Genomic Data Sharing Policy and to that end, develop and disseminate best practices on data sharing for use by entities engaged in biomedical research and international collaboration to enable both academic, public, and private institutions to—

(1)

protect intellectual property;

(2)

weigh the national security risks of potential partnerships where sensitive health information (for purposes of this Act, as defined by the Health IT Policy Committee), of the people of the United States is exchanged; and

(3)

protect the sensitive health information of the people of the United States.

(b)

Membership

(1)

Composition

The Secretary shall, after consultation with the Director of the National Science Foundation and the Attorney General, appoint to the Working Group—

(A)

individuals with knowledge and expertise in data privacy or security, data-sharing, national security, or the uses of genomic technology and information in clinical or non-clinical research;

(B)

representatives of national associations representing biomedical research institutions and academic societies;

(C)

representatives of at least 2 major genomics research organizations from the private sector; and

(D)

representatives of any other entities the Secretary determines appropriate and necessary to develop the best practices described in subsection (a).

(2)

Representation

In addition to the members described in paragraph (1), the Working Group shall include not less than one representative of each of the following:

(A)

The National Institutes of Health.

(B)

The Bureau of Industry and Security of the Department of Commerce.

(C)

The National Academies of Science, Engineering, and Mathematics.

(D)

The Department of State.

(E)

The Department of Justice.

(F)

The Federal Health IT Coordinating Council.

(G)

The Office of the National Coordinator for Health Information Technology.

(H)

The Defense Advanced Research Projects Agency.

(I)

The Department of Energy.

(3)

Date

The appointments of the members of the Working Group shall be made not later than 90 days after the date of enactment of this Act.

(c)

Duties of Working Group

(1)

Study

The Working Group shall study—

(A)

the transfer of data between private, public, and academic institutions that partake in science and technology research and their research partners, with a focus on entities of the People’s Republic of China and other foreign entities of concern, including a review of what circumstances would constitute a transfer of data;

(B)

best practices regarding data protection to help private, public, and academic institutions that partake in biomedical research decide how to weigh and factor national security into their partnership decisions and, through research collaborations, what steps the institutions can take to safeguard data, particularly genomic data;

(C)

recommendations regarding areas where Federal agencies can coordinate to increase education to such private and academic research institutions that partake in science and technology research to ensure the institutions can better protect themselves from economic threats with a strengthened understanding of intellectual property rights, research ethics, and the risk of intellectual property theft, as well as education on how to recognize and report such threats; and

(D)

other risks and best practices related to information and data sharing, as identified by the Working Group, including any gaps in current practice that could be addressed by congressional action.

(2)

Report

(A)

In general

Not later than 1 year after the date of enactment of this Act, the Working Group shall submit a report that contains a detailed statement of the findings and conclusions of the Working Group, together with recommendations to update the National Institute of Health’s Genomic Data Sharing Policy and subsequent nonbinding guidance regarding risks and safeguards for data sharing with foreign entities for research institutions in the field, to—

(i)

the Secretary of Health and Human Services;

(ii)

the President;

(iii)

the Committee on Health, Education, Labor, and Pensions, the Committee on Foreign Relations, and the Select Committee on Intelligence of the Senate; and

(iv)

the Committee on Energy and Commerce, the Committee on Foreign Affairs, and the Permanent Select Committee on Intelligence of the House of Representatives.

(B)

Guidance

The guidance provided under subparagraph (A) shall include non-binding guidance for entities that utilize genomic technologies, such as whole genomic sequencing, for use in research or other types of sensitive health information, as defined by the Secretary.

(3)

Requirements

In carrying out the duties of this subsection, the Working Group shall consider all existing Federal guidance and grant requirements (as of the date of consideration), particularly with regard to foreign influences and research integrity, and ensure that all recommended updates to the Genomic Data Sharing Policy and subsequent best practices put forward by the working group not duplicate or conflict with existing guidance, as of the date of publication.

(d)

Powers of Working Group

(1)

Hearings

The Working Group may hold such hearings, sit and act at such times and places, take such testimony, and receive such evidence as the Working Group considers advisable to carry out this Act.

(2)

Information from Federal agencies

(A)

In general

The Working Group may secure directly from a Federal department or agency such information as the Working Group considers necessary to carry out this Act.

(B)

Furnishing information

On request of a majority of the members of the Working Group, the head of the department or agency shall furnish the information to the Working Group.

(3)

Postal services

The Working Group may use the United States mails in the same manner and under the same conditions as other departments and agencies of the Federal Government.

(e)

Termination of Working Group

The Working Group shall terminate 90 days after the date on which the Working Group submits the report required under subsection (c)(2).