§19234. Research security training requirement for Federal research award personnel
(a) Annual training requirement
(1) In general
Not later than 12 months after August 9, 2022, each Federal research agency shall establish a requirement that, as part of an application for a research and development award from the agency-
(A) each covered individual listed on the application for a research and development award certify that each such individual has completed within one year of such application research security training that meets the guidelines developed under subsection (b); and
(B) each institution of higher education or other organization applying for such an award certify that each covered individual who is employed by such institution or organization and listed on the application has completed such training.
(2) Consistency
The Director of the Office of Science and Technology Policy shall ensure that the training requirements established by Federal research agencies pursuant to paragraph (1) are consistent.
(b) Training guidelines
The Director of the Office of Science and Technology Policy, acting through the National Science and Technology Council and in accordance with the authority provided under section 1746(a) of the National Defense Authorization Act for Fiscal Year 2020 (
(c) Security training modules
(1) In general
Not later than 90 days after August 9, 2022, the Director of the Office of Science and Technology Policy, in coordination with the Director of the National Science Foundation, the Director of the National Institutes of Health, the Secretary of Energy, and the Secretary of Defense, and in consultation with the heads of relevant Federal research agencies, shall enter into an agreement or contract with a qualified entity for the development of online research security training modules for the research community and participants in the United States research and development enterprise to ensure compliance with National Security Presidential Memorandum–33 or successor documents, including modules-
(A) focused on cybersecurity, international collaboration and international travel, foreign interference, and rules for proper use of funds, disclosure, conflict of commitment, and conflict of interest; and
(B) tailored to the unique needs of-
(i) covered individuals;
(ii) undergraduate students, graduate students, and postdoctoral researchers; and
(iii) applicants for awards under the SBIR and STTR programs (as such terms are defined in section 638(e) of title 15.
(2) Stakeholder input
Prior to entering into the agreement under paragraph (1), the Director of the Office of Science and Technology Policy shall seek input from academic, private sector, intelligence, and law enforcement stakeholders regarding the scope and content of security training modules, including the diversity of needs across institutions of higher education and other recipients of different sizes and types, and recommendations for minimizing administrative burden on recipients and researchers.
(3) Development
The Director of the Office of Science and Technology Policy shall ensure that the entity referred to in paragraph (1)-
(A) develops security training modules that can be adapted and utilized across Federal research agencies; and
(B) develops and implements a plan for regularly updating such modules as needed.
(