[Congressional Bills 118th Congress]
[From the U.S. Government Publishing Office]
[S. 289 Introduced in Senate (IS)]
<DOC>
118th CONGRESS
1st Session
S. 289
To improve national security at the National Institutes of Health, to
address national security issues in the licensure of biological
products, to address national security considerations in research at
the Department of Health and Human Services, and for other purposes.
_______________________________________________________________________
IN THE SENATE OF THE UNITED STATES
February 7, 2023
Mr. Rubio introduced the following bill; which was read twice and
referred to the Committee on Health, Education, Labor, and Pensions
_______________________________________________________________________
A BILL
To improve national security at the National Institutes of Health, to
address national security issues in the licensure of biological
products, to address national security considerations in research at
the Department of Health and Human Services, and for other purposes.
Be it enacted by the Senate and House of Representatives of the
United States of America in Congress assembled,
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Genomics Data Security Act''.
SEC. 2. MODERNIZING THE NATIONAL INSTITUTES OF HEALTH'S APPROACH TO
NATIONAL SECURITY.
Section 402(m)(2) of the Public Health Service Act (42 U.S.C.
282(m)(2)) is amended--
(1) in subparagraph (E), by striking ``; and'' and
inserting a semicolon;
(2) by redesignating subparagraph (F) as subparagraph (G);
and
(3) by inserting after subparagraph (E) the following:
``(F) address national security issues, including
ways in which the National Institutes of Health can
engage with other Federal agencies to modernize the
national security strategy of the National Institutes
of Health; and''.
SEC. 3. UTILIZATION OF GENOMIC SEQUENCING SERVICES BY THE NATIONAL
INSTITUTES OF HEALTH.
Notwithstanding any other provision of law, no amounts made
available to the National Institutes of Health may be used with respect
to activities carried out by any company or its subcontractors or
subsidiaries--
(1) over which control is exercised or exercisable by the
Government of the People's Republic of China, a national of the
People's Republic of China, or an entity organized under the
laws of the People's Republic of China; or
(2) in which the Government of the People's Republic of
China has a substantial interest.
SEC. 4. NATIONAL SECURITY CONSIDERATIONS THROUGH LICENSURE.
Section 353 of the Public Health Service Act (42 U.S.C. 263a) is
amended--
(1) by redesignating subsection (q) as subsection (r); and
(2) by inserting after subsection (p) the following:
``(q) Ties to the People's Republic of China.--
``(1) In general.--Each certificate issued by the Secretary
under this section shall state whether--
``(A) the laboratory;
``(B) the company that owns or manages the
laboratory; or
``(C) any subcontractors or subsidiaries of such a
laboratory or company,
is an entity described in paragraph (2).
``(2) Entity described.--An entity described in this
paragraph is an entity--
``(A)(i) that is engaged in the biological,
microbiological, serological, chemical, immuno-
hematological, hematological, biophysical, cytological,
pathological, or other examination of materials derived
from the human body for the purpose of providing
information for the diagnosis, prevention, or treatment
of any disease or impairment of, or the assessment of
the health of, people of the United States; or
``(ii) that handles or has access to any data
related to people of the United States that is derived
from any activity described in clause (i); and
``(B)(i) over which control is exercised or
exercisable by the Government of the People's Republic
of China, a national of the People's Republic of China,
or an entity organized under the laws of the People's
Republic of China; or
``(ii) in which the Government of the People's
Republic of China has a substantial interest.''.
SEC. 5. NIH GRANTEE TIES TO FOREIGN GOVERNMENTS.
Title IV of the Public Health Service Act is amended by inserting
after section 403C (42 U.S.C. 283a-2) the following:
``SEC. 403C-1. ANNUAL REPORTING REGARDING GRANTEE TIES TO FOREIGN
GOVERNMENTS.
``(a) In General.--On an annual basis, the Director of NIH shall
submit to the Committee on Health, Education, Labor, and Pensions, the
Committee on Foreign Relations, and the Select Committee on
Intelligence of the Senate, and to the Committee on Energy and
Commerce, the Committee on Foreign Affairs, and the Permanent Select
Committee on Intelligence of the House of Representatives, a report on
any ties to foreign governments that researchers funded by grants from
the National Institutes of Health have and that are not properly
disclosed, vetted, and approved by the National Institutes of Health,
including the status of any ongoing National Institutes of Health
compliance reviews related to such ties and all administrative actions
taken to address such concerns.
``(b) Requirement.--The Committees receiving the reports under
subsection (a) shall keep confidential, and shall not release, any
provision of such a report that is related to an ongoing National
Institutes of Health compliance review.''.
SEC. 6. NATIONAL SECURITY CONSIDERATIONS IN RESEARCH.
(a) Establishment of Working Group.--Not later than 120 days after
the date of enactment of this Act, the Secretary of Health and Human
Services (referred to in this section as the ``Secretary'') shall
establish a working group (in this Act referred to as the ``Working
Group'') in the Department of Health and Human Services to make
recommended updates to the National Institute of Health's Genomic Data
Sharing Policy and to that end, develop and disseminate best practices
on data sharing for use by entities engaged in biomedical research and
international collaboration to enable both academic, public, and
private institutions to--
(1) protect intellectual property;
(2) weigh the national security risks of potential
partnerships where sensitive health information (for purposes
of this Act, as defined by the Health IT Policy Committee), of
the people of the United States is exchanged; and
(3) protect the sensitive health information of the people
of the United States.
(b) Membership.--
(1) Composition.--The Secretary shall, after consultation
with the Director of the National Science Foundation and the
Attorney General, appoint to the Working Group--
(A) individuals with knowledge and expertise in
data privacy or security, data-sharing, national
security, or the uses of genomic technology and
information in clinical or non-clinical research;
(B) representatives of national associations
representing biomedical research institutions and
academic societies;
(C) representatives of at least 2 major genomics
research organizations from the private sector; and
(D) representatives of any other entities the
Secretary determines appropriate and necessary to
develop the best practices described in subsection (a).
(2) Representation.--In addition to the members described
in paragraph (1), the Working Group shall include not less than
one representative of each of the following:
(A) The National Institutes of Health.
(B) The Bureau of Industry and Security of the
Department of Commerce.
(C) The National Academies of Science, Engineering,
and Medicine.
(D) The Department of State.
(E) The Department of Justice.
(F) The Federal Health IT Coordinating Council.
(G) The Office of the National Coordinator for
Health Information Technology.
(H) The Defense Advanced Research Projects Agency.
(I) The Department of Energy.
(3) Date.--The appointments of the members of the Working
Group shall be made not later than 90 days after the date of
enactment of this Act.
(c) Duties of Working Group.--
(1) Study.--The Working Group shall study--
(A) the transfer of data between private, public,
and academic institutions that partake in science and
technology research and their research partners, with a
focus on entities of the People's Republic of China and
other foreign entities of concern, including a review
of what circumstances would constitute a transfer of
data;
(B) best practices regarding data protection to
help private, public, and academic institutions that
partake in biomedical research decide how to weigh and
factor national security into their partnership
decisions and, through research collaborations, what
steps the institutions can take to safeguard data,
particularly genomic data;
(C) recommendations regarding areas where Federal
agencies can coordinate to increase education to such
private and academic research institutions that partake
in science and technology research to ensure the
institutions can better protect themselves from
economic threats with a strengthened understanding of
intellectual property rights, research ethics, and the
risk of intellectual property theft, as well as
education on how to recognize and report such threats;
and
(D) other risks and best practices related to
information and data sharing, as identified by the
Working Group, including any gaps in current practice
that could be addressed by congressional action.
(2) Report.--
(A) In general.--Not later than 1 year after the
date of enactment of this Act, the Working Group shall
submit a report that contains a detailed statement of
the findings and conclusions of the Working Group,
together with recommendations to update the National
Institute of Health's Genomic Data Sharing Policy and
subsequent nonbinding guidance regarding risks and
safeguards for data sharing with foreign entities for
research institutions in the field, to--
(i) the Secretary of Health and Human
Services;
(ii) the President;
(iii) the Committee on Health, Education,
Labor, and Pensions, the Committee on Foreign
Relations, and the Select Committee on
Intelligence of the Senate; and
(iv) the Committee on Energy and Commerce,
the Committee on Foreign Affairs, and the
Permanent Select Committee on Intelligence of
the House of Representatives.
(B) Guidance.--The guidance provided under
subparagraph (A) shall include non-binding guidance for
entities that utilize genomic technologies, such as
whole genomic sequencing, for use in research or other
types of sensitive health information, as defined by
the Secretary.
(3) Requirements.--In carrying out the duties of this
subsection, the Working Group shall consider all existing
Federal guidance and grant requirements (as of the date of
consideration), particularly with regard to foreign influences
and research integrity, and ensure that all recommended updates
to the Genomic Data Sharing Policy and subsequent best
practices put forward by the working group not duplicate or
conflict with existing guidance, as of the date of publication.
(d) Powers of Working Group.--
(1) Hearings.--The Working Group may hold such hearings,
sit and act at such times and places, take such testimony, and
receive such evidence as the Working Group considers advisable
to carry out this Act.
(2) Information from federal agencies.--
(A) In general.--The Working Group may secure
directly from a Federal department or agency such
information as the Working Group considers necessary to
carry out this Act.
(B) Furnishing information.--On request of a
majority of the members of the Working Group, the head
of the department or agency shall furnish the
information to the Working Group.
(3) Postal services.--The Working Group may use the United
States mails in the same manner and under the same conditions
as other departments and agencies of the Federal Government.
(e) Termination of Working Group.--The Working Group shall
terminate 90 days after the date on which the Working Group submits the
report required under subsection (c)(2).
<all>