Protecting Your Lab from Inadvertent Risk
Surveillance systems, validated technology, and clear responsibilities all play a role in minimizing internal risk
When thinking about ensuring the security of bioinventory, conversations often involve risk from intentional harm, such as industrial espionage, disgruntled employees, or proprietary disagreements. These are all very real threats that research labs must be prepared to evaluate and prevent. But what about protection against accidental risk, human errors, oversight of procedures, improper training, lack of communication, mechanical failure of equipment, or supply chain delays of critical equipment? Are the organization’s systems established to prevent issues that may arise from everyday activities?
Inadequate preparation and response to unintentional risks can be as harmful as deliberate crimes, affecting both finances and research progress. The same level of preventive management that is taken to protect from “bad actors” should be applied to mitigate inadvertent internal accidents.
To achieve this, consider the following factors:
Who’s watching?
Among the first steps is to evaluate the basic securities in place at the lab. For example, is the surveillance system activated 24/7? Real-time monitoring and alerts should be standard. There should be full visibility of the entire facility, not just at the entrances. Additionally, facial recognition with long-term image retention, badge-restricted access, and prohibited persons alerts is required for maximum security.
Know who is in the building and where they are
“Prohibited people” means anyone who shouldn’t be in a specific space, even if their intent is as innocent as saying hello or borrowing an office supply. With the appearance of a low threat, it is human nature to let your guard down when amongst friendly coworkers and ignore policies that may appear to be overbearing or not applicable to a specific interaction. Proper access is established for specific reasons related to training and understanding of proper protocols. Tracking access and movement of approved personnel helps to ensure compliance of procedures and quickly understand how to rectify the situation if there is a misstep. The aim isn’t to assign blame or create an unfriendly environment, but to keep everyone safer by creating a system that protects the inventory and important research.
In addition to protocols for the entire lab, each area may also have specific—and different—necessary processes. Someone entering an area where they are not officially supposed to be could inadvertently create a cross contamination situation, not only for the area that they are incorrectly entering, but also throughout the entire facility.
Knowing where people are is also critical when it comes to evacuation procedures. Emergencies don’t come on a schedule. If someone is in an area where they are not officially accounted for, not only may they not know the appropriate process for that area, but they could cause issues for others trying to evacuate and for those looking for them in their official location.
Validated technology
Software and hardware maintenance are important not only for ensuring optimum security; this is another area that can cause unintentional damage without the proper redundancies and compliant, protective procedures in place. The incident earlier this year with the FAA is a perfect example. The largest ground stoppage in more than two decades was a result of a routine scheduled systems maintenance, when an engineer replaced one file with another with no knowledge of the issues it would cause. The cause of the disruption was not immediately evident, resulting in a lengthy investigation to discover and correct. A senior FAA official said that it was an “honest mistake that cost the country millions.”
With technology continuously improving at a rapid rate, the current system could easily be rendered out-of-date and less effective, even though it may not seem to be that old. Although these considerations may seem basic, it is easy to become complacent. Validated software should be used.
Who’s responsible?
Maintaining the security of bioinventory is usually not someone’s primary responsibility. Often, it may fall across numerous people and be considered secondary (or tertiary) and viewed as an additional side task. With other priorities, it can be understandably too easy to overlook a routine procedure (such as checking nitrogen levels on a manual fill), which can result in massive losses.
Early detection
All labs are required to have smoke and fire detection, but how advanced and sensitive is the system in the lab? Early detection, at the lowest levels, with the ability to distinguish elements, is crucial for addressing the problem as soon as it occurs, and for preventing unrealized risk, such as with unnecessary sprinklers, where the water can potentially cause more damage than the smoke. Highly sensitive systems—and sensitive to the right element—allow for not only the proper, immediate treatment for a danger, but also stops an incorrect substance from being used and avoids potential hidden risks.
Keep the records straight
It isn’t just mechanical failures or mistakes that can cause harm; faulty recordkeeping may create inaccuracies with highly important, sensitive inventory information and expiration dates. Compliance processes should be established that minimize human error, protect from unrealized risk, and allow for protected, monitored, and managed oversight with checks and balances. Proper recordkeeping and documentation is critical for research oversight, as well as inventory controls, to ensure efficient usage of resources as well as aid in purchasing and storage management.
Additionally, staying updated on evolving FDA regulations will ensure that the organization is compliant and that the work being done will not accidentally be undone with a complaint. The governmental regulations for acceptance of electronic records and handwritten signatures executed to electronic records are intertwined with the audit of validated technology. Part of the regulations are connected to validation, audit trails, record retention, and record copying. Limited system access to authorized individuals and validating devices is evaluated by the FDA for compliance.
Consider offsite solutions
While it may feel that the safest option is to keep your inventory onsite, you could be inadvertently sabotaging your budget and opportunities for additional research and development. Offsite storage may provide a more validated solution, with a facility and staff designed for, and dedicated to, focusing on protecting bioinventory.
With sophisticated, regulated inventory management systems, an offsite facility may be able to better manage inventory, specialized temperature controls, and expirations dates for maximum efficiency and preservation. An additional bonus is opening up resources and real estate. With finite funding, institutions tend to vie for budgets and must prioritize spending. It is important to review if the inventory is occupying space that could bring more valuable returns utilized for scientific discovery, not storage. Offsite storage may be a more cost-efficient solution from a variety of standpoints, including financial, security, and safety.