Title 42 — The Public Health and WelfareRelease 119-73not60

§19234 Research Security Training Requirement for Federal Research Award Personnel

Title 42 › Chapter 163— RESEARCH AND DEVELOPMENT, COMPETITION, AND INNOVATION › Subchapter VI— MISCELLANEOUS SCIENCE AND TECHNOLOGY PROVISIONS › Part C— Research Security › § 19234

Last updated Apr 5, 2026|Official source

Summary

Federal research agencies must require people listed on research grant applications to say they finished research security training within one year of applying. The school or organization applying must also say its listed employees finished that training. Agencies had to set up this rule not later than 12 months after August 9, 2022. The Director of the Office of Science and Technology Policy (OSTP) must make sure the agencies’ rules match each other. OSTP, working through the National Science and Technology Council, must make guidelines to help schools and organizations build training that fits their needs and follows National Security Presidential Memorandum–33. Not later than 90 days after August 9, 2022, OSTP (with NSF, NIH, Energy, and Defense leaders) must hire a qualified group to create online training modules. The modules must cover things like cybersecurity, international work and travel, foreign interference, proper use of funds, and disclosure and conflict issues. They must be written for different groups (researchers, students, postdocs, and SBIR/STTR applicants), get input from academic, private sector, intelligence, and law enforcement experts, work across agencies, and be updated regularly.

Full Legal Text

Title 42, §19234

The Public Health and Welfare — Source: USLM XML via OLRC

(a)(1)Not later than 12 months after August 9, 2022, each Federal research agency shall establish a requirement that, as part of an application for a research and development award from the agency—

(A)each covered individual listed on the application for a research and development award certify that each such individual has completed within one year of such application research security training that meets the guidelines developed under subsection (b); and

(B)each institution of higher education or other organization applying for such an award certify that each covered individual who is employed by such institution or organization and listed on the application has completed such training.

(2)The Director of the Office of Science and Technology Policy shall ensure that the training requirements established by Federal research agencies pursuant to paragraph (1) are consistent.

(b)The Director of the Office of Science and Technology Policy, acting through the National Science and Technology Council and in accordance with the authority provided under section 1746(a) of the National Defense Authorization Act for Fiscal Year 2020 (Public Law 116–92; 42 U.S.C. 6601 note), shall, taking into consideration stakeholder input, develop guidelines for institutions of higher education and other organizations receiving Federal research and development funds to use in developing their own training programs to address the unique needs, challenges, and risk profiles of such institutions and other organizations, including adoption of security training modules developed under subsection (c), to ensure compliance with National Security Presidential Memorandum–33 (relating to strengthening protections of the United States Government-supported research and development against foreign government interference and exploitation) or any successor documents.

(c)(1)Not later than 90 days after August 9, 2022, the Director of the Office of Science and Technology Policy, in coordination with the Director of the National Science Foundation, the Director of the National Institutes of Health, the Secretary of Energy, and the Secretary of Defense, and in consultation with the heads of relevant Federal research agencies, shall enter into an agreement or contract with a qualified entity for the development of online research security training modules for the research community and participants in the United States research and development enterprise to ensure compliance with National Security Presidential Memorandum–33 or successor documents, including modules—

(A)focused on cybersecurity, international collaboration and international travel, foreign interference, and rules for proper use of funds, disclosure, conflict of commitment, and conflict of interest; and

(B)tailored to the unique needs of—

(i)covered individuals;

(ii)undergraduate students, graduate students, and postdoctoral researchers; and

(iii)applicants for awards under the SBIR and STTR programs (as such terms are defined in section 638(e) of title 15.

(2)Prior to entering into the agreement under paragraph (1), the Director of the Office of Science and Technology Policy shall seek input from academic, private sector, intelligence, and law enforcement stakeholders regarding the scope and content of security training modules, including the diversity of needs across institutions of higher education and other recipients of different sizes and types, and recommendations for minimizing administrative burden on recipients and researchers.

(3)The Director of the Office of Science and Technology Policy shall ensure that the entity referred to in paragraph (1)—

(A)develops security training modules that can be adapted and utilized across Federal research agencies; and

(B)develops and implements a plan for regularly updating such modules as needed.

Reference

Citations & Metadata

Citation

42 U.S.C. § 19234

Title 42 — The Public Health and Welfare

Last Updated

Apr 5, 2026

Release point: 119-73not60