Title 42 — The Public Health and WelfareRelease 119-73

§19234 Research security training requirement for Federal research award personnel

Title 42 › Chapter CHAPTER 163— - RESEARCH AND DEVELOPMENT, COMPETITION, AND INNOVATION › Subchapter SUBCHAPTER VI— - MISCELLANEOUS SCIENCE AND TECHNOLOGY PROVISIONS › Part Part C— - Research Security › § 19234

Last updated Apr 6, 2026|Official source

Summary

Federal research agencies must require that, by Not later than 12 months after August 9, 2022, anyone listed on a research and development award application certify they finished approved research security training within one year of the application. The university or other organization applying must also certify that its listed employees completed the training. Covered individuals means people named on the application (like researchers). Institutions means colleges, universities, or other groups applying for the award. The Director of the Office of Science and Technology Policy (OSTP) must make sure the agency rules match. OSTP must also, acting through the National Science and Technology Council, create guideline materials and, Not later than 90 days after August 9, 2022, hire a qualified group to make online training modules. The modules must cover topics like cybersecurity, international collaboration and travel, foreign interference, proper use of funds, disclosure, and conflicts, and be tailored for different roles (e.g., students, postdocs, SBIR/STTR applicants). OSTP must get stakeholder input and keep the modules up to date and usable across agencies.

Full Legal Text

Title 42, §19234

The Public Health and Welfare — Source: USLM XML via OLRC

(a)(1)Not later than 12 months after August 9, 2022, each Federal research agency shall establish a requirement that, as part of an application for a research and development award from the agency—

(A)each covered individual listed on the application for a research and development award certify that each such individual has completed within one year of such application research security training that meets the guidelines developed under subsection (b); and

(B)each institution of higher education or other organization applying for such an award certify that each covered individual who is employed by such institution or organization and listed on the application has completed such training.

(2)The Director of the Office of Science and Technology Policy shall ensure that the training requirements established by Federal research agencies pursuant to paragraph (1) are consistent.

(b)The Director of the Office of Science and Technology Policy, acting through the National Science and Technology Council and in accordance with the authority provided under section 1746(a) of the National Defense Authorization Act for Fiscal Year 2020 (Public Law 116–92; 42 U.S.C. 6601 note), shall, taking into consideration stakeholder input, develop guidelines for institutions of higher education and other organizations receiving Federal research and development funds to use in developing their own training programs to address the unique needs, challenges, and risk profiles of such institutions and other organizations, including adoption of security training modules developed under subsection (c), to ensure compliance with National Security Presidential Memorandum–33 (relating to strengthening protections of the United States Government-supported research and development against foreign government interference and exploitation) or any successor documents.

(c)(1)Not later than 90 days after August 9, 2022, the Director of the Office of Science and Technology Policy, in coordination with the Director of the National Science Foundation, the Director of the National Institutes of Health, the Secretary of Energy, and the Secretary of Defense, and in consultation with the heads of relevant Federal research agencies, shall enter into an agreement or contract with a qualified entity for the development of online research security training modules for the research community and participants in the United States research and development enterprise to ensure compliance with National Security Presidential Memorandum–33 or successor documents, including modules—

(A)focused on cybersecurity, international collaboration and international travel, foreign interference, and rules for proper use of funds, disclosure, conflict of commitment, and conflict of interest; and

(B)tailored to the unique needs of—

(i)covered individuals;

(ii)undergraduate students, graduate students, and postdoctoral researchers; and

(iii)applicants for awards under the SBIR and STTR programs (as such terms are defined in section 638(e) of title 15.

(2)Prior to entering into the agreement under paragraph (1), the Director of the Office of Science and Technology Policy shall seek input from academic, private sector, intelligence, and law enforcement stakeholders regarding the scope and content of security training modules, including the diversity of needs across institutions of higher education and other recipients of different sizes and types, and recommendations for minimizing administrative burden on recipients and researchers.

(3)The Director of the Office of Science and Technology Policy shall ensure that the entity referred to in paragraph (1)—

(A)develops security training modules that can be adapted and utilized across Federal research agencies; and

(B)develops and implements a plan for regularly updating such modules as needed.

Reference

Citations & Metadata

Citation

42 U.S.C. § 19234

Title 42 — The Public Health and Welfare

Last Updated

Apr 6, 2026

Release point: 119-73