Sign In

An official website of the United States government

U.S. Department of Health & Human Services

Official websites use .gov

A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS

A lock ( A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Physical Security

S3: Science Safety Security

Biorisk Management 

Physical Security is one of the aspects of biosecurity intended to prevent the misuse, loss, or theft of biological agents and toxins. Physical security encompasses measures to safeguard and prevent non-official access to these biological assets in the laboratory, building, or medical/research campus. A biosecurity risk assessment determines procedures and practices to ensure that biological materials remain secure. The risk assessment includes a thorough review of the building and premises, the laboratories, and biological material storage areas. Physical security elements should be implemented, as needed, based upon the risk assessment process.

The National Institutes of Health (NIH) Design Requirements Manual for Biomedical Laboratories and Animal Research Facilities (DRM), formerly called the NIH Design Policy and Guidelines, is the only detailed design requirements and guidance manual for biomedical research laboratories and animal research facilities in the U.S. Compliance with the DRM, which sets minimum performance design standards for NIH-owned and leased buildings, ensures that those facilities include physical security measures to protect against unauthorized access in all laboratories. In addition to the design requirements stipulated by the DRM, the Department of Defense Manual 6055.18-M: Safety Standards for Microbiological and Biomedical Laboratories lists BSL-3/4 commissioning criteria and inspection checklists.

A separate NIH Security Design Policy and Guideline has been developed that contains specific security requirements for the construction of new NIH facilities, as well as for modifications, renovations, and alterations of existing NIH facilities. The Security Design Policy and Guideline also contains specific security requirements for NIH-leased facilities. For security reasons, access to copies of the NIH Physical Security Guidelines is limited to key project personnel and is based on a project-specific need–to–know. The Whole Building Design Guide (WBDG) has also published information on how to safely and securely design laboratories. The section titled Security and Safety in Laboratories addresses these concerns and specific building code standards with respect to research facilities.

All laboratories should adopt biosecurity practices to minimize opportunities for unauthorized entry into laboratories, animal and storage areas, as well as the unauthorized removal of toxins and infectious materials from their facility. Photo identification badges for employees and temporary badges for escorted visitors can also be used to identify individuals with clearance to enter restricted areas. Support for a physical security element for laboratories and the biological agents and toxins within those laboratories can be found in several key National Strategies which categorize these elements as critical infrastructure.

The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets outlines the guiding principles to secure the infrastructures and assets vital to national security, governance, public health and safety, economy, and public confidence. Hazardous materials and public health are two of the key critical infrastructure assets that require protection, including physical security of facilities. The National Infrastructure Protection Plan outlines a strategy to build resilient and secure infrastructure by preventing, deterring, neutralizing, or mitigating the effects of deliberate efforts by terrorists to destroy, incapacitate, or exploit critical infrastructure. The National Critical Infrastructure Protection Research and Development (NCIP R&D) Plan addresses physical, cyber, and human elements of the critical infrastructure sectors.

The physical security of laboratories and secure mechanisms for storing biological agents and toxins are key National objectives. For entities registered with the Federal Select Agent Program, high requirements for personnel screening and monitoring to ensure the security of BSAT. In addition, facilities working with Tier 1 BSAT have enhanced personnel screening, training, and monitoring responsibilities. The Federal Select Agent Program has prepared "Security Guidance for Select Agent or Toxin Facilities" to assist in complying with the requirements of the select agents regulations.

The NIH and CDC’s B​iosafety in Microbiological and Biomedical Laboratories (BMBL) publication is a key reference for laboratory biosecurity planning for microbiological laboratories. Section VI highlights the principles of biosecurity. The BMBL recommends that physical security should be included within a laboratory biosecurity program. It states:

“An evaluation of the physical security measures should include a thorough review of the building(s) and premises, the laboratories, and the biological material storage areas. Many requirements for a laboratory biosecurity plan may already exist in a facility’s overall security plan. Access should be limited to authorized and designated employees based on the need to enter sensitive areas. Methods for limiting access could be as simple as locking doors or having a card key system in place. Evaluations of the levels of access should consider all facets of the laboratory’s operations and programs (e.g., laboratory entrance requirements, freezer access). The need for entry by visitors, laboratory workers, management officials, students, cleaning and maintenance staff, and emergency response personnel should be considered.”​