Immediate: Regulatory and Policy Changes
Research Misconduct: Procedures and requirements for research misconduct proceedings for institutions receiving funding from HHS: Rule effective: January 2025, Institutions must comply by: January 2026
- U.S. Department of Health and Human Services (HHS) Final Rule - Public Health Service Policies on Research Misconduct
- Office of Research Integrity (ORI) Release - Public Health Service Policies on Research Misconduct
- Ropes & Gray Highlights of Key Changes to ORI’s Research Misconduct Regulations
Synthetic Nucleic Acids: Screening required for purchasers and providers of Nucleic Acid Sequences: April 2025 for 200 base pairs or more. October 2026 for 50 base pairs or more.
Dept. of Justice (DOJ) Notice of Final Rule - Preventing Access to Americans’ Bulk Sensitive Personal Data and USG-Related Data by Countries of Concern: No U.S. person, on or after the effective date, may knowingly engage in a covered data transaction involving data brokerage with a country of concern or covered person. Effective April 8th, 2025
Dual Use Research of Concern (DURC) and Pathogens with Enhanced Pandemic Potential (PEPP): This policy increases oversight of research on biological agents and toxins that, when enhanced, have the potential to pose risks to public health, agriculture, food security, economic security, or national security and also achieves consistent review and oversight of life sciences research proposed for federal funding that may be reasonably anticipated to involve the creation, transfer, or use of pathogens with enhanced pandemic potential (PEPPs) May 2025
NIH Controlled-Access Data and Repositories Security:NIH has updated its security standards in the NIH Security Best Practices for Controlled-Access Data Subject to the NIH Genomic Data Sharing (GDS) Policy for users of controlled-access data under the GDS Policy. Effective January 25, 2025
Research Security Training: Covered individuals as defined by NSPM-33: January 2025
- Harvard Research Security Program
- Harvard Research Security Program Training: Coming January 2025
Watchlist: Future Regulatory and Policy Changes
Executive Orders and Research Policy Changes 2025 - Harvard OVPR website
NIH Implementation Update: Promoting Maximal Transparency Under the NIH Guidelines for Research Involving Recombinant or Synthetic Nucleic Acid Molecules (NOT-OD-25-082): On June 1, 2025, the NIH Office of Science Policy (OSP) will publicly post the rosters of all active IBCs registered with OSP via the IBC-Registration Management System (RMS). In addition, the NIH expects that approved meeting minutes from all IBC meetings occurring on, or after June 1, 2025 will be posted publicly on an institutional website.
Research Security Program: National Security Presidential Memorandum 33 (NSPM-33) requires Research Institutions receiving over $50 million to establish and operate a research security program which includes elements of cybersecurity, foreign travel security, insider threat awareness and identification, and export control training. Estimated Implementation Date: January 2026