Content uploaded by Hazem Haddad
Author content
All content in this area was uploaded by Hazem Haddad on May 15, 2015
Content may be subject to copyright.
LABORATORY
MANAGEMENT
Biosafety AND Biosecurity
BI RISK
Boca Raton London New York
CRC Press is an imprint of the
Taylor & Francis Group, an informa business
Edited by
Reynolds M. Salerno
Sandia National Laboratories
Albuquerque, New Mexico, USA
Jennifer Gaudioso
Sandia National Laboratories
Albuquerque, New Mexico, USA
LABORATORY
MANAGEMENT
Biosafety
AND
Biosecurity
BI RISK
CRC Pres s
Taylor & Franci s Group
600 0 Broken Sound Park way NW, Suite 300
Boca Rato n, FL 33487-2742
© 2015 by Sandia Corporation
CRC Press i s an imprint of Taylor & Fra ncis Group, an Informa busines s
No clai m to original U. S. Government works
Version Date: 20150225
Intern ational Stand ard Book Number-13: 978 -1-46 65-9365-7 (eBook - PDF)
This b ook contain s information obtained f rom authentic and h ighly rega rded sources . While a ll reasonabl e efforts have
been made t o publish reliable d ata and inform ation, neither the aut hor[s] nor the publisher ca n accept any legal r esponsibil-
ity or li ability for a ny errors or omissions that may b e made. The publi shers wish to ma ke clear that a ny views or opin ions
express ed in this b ook by individual editors , authors or contributors are pers onal to them and do not necessar ily refle ct
the views/opinions of the p ublishers. T he informati on or guidance c ontained in this book is intended for use by m edical,
scientific or hea lth-care professionals and is provided strictly a s a supplement to the medical or other professional ’s own
judgement, t heir knowled ge of the patient’s med ical history, relevant m anufactu rer’s instr uctions and t he appropriate be st
practice guidelines. Because of the rapid advances in medica l science, any information or advice on dosages, pro cedures or
diagn oses should be i ndependently ver ified. The re ader is strong ly urged to cons ult the releva nt national d rug formula ry and
the dru g companies’ a nd device or mat erial manu facturer s’ printed in structio ns, and their websites, before administering
or util izing any of t he drugs, devi ces or materia ls mentioned in th is book. This b ook does not indicate whether a pa rticular
treatment is appropriate or suit able for a particular indiv idual. Ultimately it is t he sole responsibility of the med ical profes-
sional to make his or her ow n professional judgements, so as to advise and treat patients appropriately. The author s and
publish ers have also at tempted to tra ce the copyrig ht holders of al l material repr oduced in thi s publication a nd apologiz e
to copyr ight holders if permission to publish in th is form has not be en obtained . If any copyr ight materia l has not been
acknowle dged please writ e and let us know so we may r ectify in a ny future repri nt.
Except as p ermitted u nder U.S. Copy right Law, no part o f this book may b e reprinted, re produced, tra nsmitted , or utilize d in
any form by a ny electronic, me chanical, or o ther means, now known or hereaf ter invented, including photocopying, mic ro-
film ing, and recording, or in a ny information st orage or retrieval system, w ithout written permission f rom the publisher s.
For permi ssion to photocopy or us e material electronica lly from this work, please acces s www.copyr ight.com (http ://w ww.
copyri ght.com/) or cont act the Copyr ight Cleara nce Center, Inc. (CCC), 2 22 Rosewood Drive , Danvers, MA 0192 3, 978-750-
8400. CCC i s a not-for-profit organi zation that provides license s and registration for a varie ty of users. For organizat ions that
have been g ranted a photocopy l icense by the CCC, a separate sy stem of payment has been arrange d.
Trademark Notice: Produc t or corporate names may be tradema rks or registere d trademarks, a nd are used only fo r identi-
ficati on and explanation without inte nt to infringe.
Visit the Taylor & F rancis Web site at
http://www.taylorand francis.com
and the CRC P ress Web site at
http://www.crcpress.com
v
Contents
Foreword ...................................................................................................................xi
Preface......................................................................................................................xv
Acknowledgments ..................................................................................................xvii
About the Editors ....................................................................................................xix
Contributors ............................................................................................................xxi
Chapter 1 Introduction: The Case for Biorisk Management ................................. 1
Reynolds M. Salerno and Jennifer Gaudioso
Abstract ................................................................................................1
Laboratory Biosafety and Biosecurity ................................................. 1
A Short History of Laboratory Biosafety ........................................ 2
A Short History of Laboratory Biosecurity .....................................6
Recent Biosafety and Biosecurity Incidents .................................... 7
A Model of Biorisk Management Begins to Emerge ...................... 9
New Focus on Risks of Bioscience Research ................................ 11
Learning Lessons from Other Industries ........................................... 12
Union Carbide, Bhopal, 1984 ........................................................ 13
Chernobyl Nuclear Power Plant, 1986 ...........................................14
Piper Alpha Oil Platform, 1988 ..................................................... 15
Texas City Renery, 2005 ............................................................. 16
Fukushima Nuclear Power Plant, 2011 .......................................... 16
Y-12 Nuclear Facility, 2012 ........................................................... 17
Pharmaceutical Industry ................................................................18
Food Industry ................................................................................20
Airline Industry ............................................................................. 21
Biorisk Management ..........................................................................23
References .......................................................................................... 24
Chapter 2 The AMP Model ................................................................................ 31
Lisa Astuto Gribble, Edith Sangalang Tria, and Laurie Wallis
Abstract ..............................................................................................31
Introduction ........................................................................................ 31
Assessment ......................................................................................... 33
When to Perform and Review a Laboratory Risk Assessment .....35
Shared Roles and Responsibilities in Assessing Risk ................... 35
Mitigation ........................................................................................... 36
Mitigation Control Measures .........................................................37
Performance .......................................................................................39
Laboratory Biorisk Management Guidelines ................................ 40
Plan- Do- Check- Act ............................................................................ 40
vi Contents
Conclusion .......................................................................................... 42
References .......................................................................................... 42
Chapter 3 Risk Assessment ................................................................................. 45
Susan Caskey and Edgar E. Sevilla- Reyes
Abstract ..............................................................................................45
Denition of Risk ............................................................................... 45
Biosafety Risks .............................................................................. 46
Biosecurity Risks ...........................................................................46
Traditional Risk Assessment Approaches for Biorisks ................. 46
Risk Governance and Biorisk Management .................................. 47
Risk Assessment Methodology .......................................................... 47
Biosafety Risk Assessment ............................................................50
Biosecurity Risk Assessment ........................................................ 53
Ethics of Biorisk/ Risk Acceptability .................................................57
Roles and Responsibilities for Risk Assessment ................................ 59
Conclusion .......................................................................................... 62
References .......................................................................................... 62
Chapter 4 Facility Design and Controls .............................................................. 65
William D. Arndt, Mark E. Fitzgerald, and Ross Ferries
Abstract ..............................................................................................65
Introduction ........................................................................................65
Design for Biorisk Management .........................................................67
Risk- Based Design Decisions ............................................................. 69
The Design Process ............................................................................ 71
Project Stakeholders ........................................................................... 73
Predesign ............................................................................................ 74
Information Gathering .......................................................................75
Schematic Design ............................................................................... 76
Laboratory Design Best Practices ...................................................... 76
Public- Private Separation .............................................................. 76
Zone Strategies .............................................................................. 77
Flow Analysis ................................................................................ 78
Layers of Protection.......................................................................79
Placement of Primary Containment Devices ................................ 81
Facility Design Factors .......................................................................82
Sustainability .................................................................................82
Adaptability and Flexibility ..........................................................83
Conclusion ..........................................................................................84
Key Concepts .....................................................................................85
References .......................................................................................... 85
viiContents
Chapter 5 Rethinking Mitigation Measures........................................................87
Jennifer Gaudioso, Susan Boggs, Natasha K. Grifth,
Hazem Haddad, Laura Jones, Ephy Khaemba, Sergio Miguel,
and Cecelia V. Williams
Abstract ..............................................................................................87
Introduction ........................................................................................87
Case Study: Challenges Mitigating Biorisks—Texas A&M
University ...........................................................................................89
Using AMP to Strengthen Mitigations ............................................... 91
Primary Engineering Controls ...................................................... 91
Standard Operating Procedures .................................................... 93
Personnel .......................................................................................94
Eliminating Safety and Security Conicts .................................... 95
Case Study: Different Solution Paths to Working with Ebola Virus ....96
Conclusion ..........................................................................................97
References .......................................................................................... 97
Chapter 6 Biorisk Management Training .......................................................... 101
Lora Grainger and Dinara Turegeldiyeva
Abstract ............................................................................................ 101
Introduction ...................................................................................... 101
An International and Historical Perspective .................................... 102
Using ADDIE for BRM Training ..................................................... 103
Incorporating Instructional Design ............................................. 111
Identifying, Compiling, and Organizing Training Content ......... 116
Measuring Training Performance and Success ........................... 119
Conclusion ........................................................................................ 121
References ........................................................................................ 121
Chapter 7 Operations and Maintenance Concepts ............................................125
William Pinard, Stefan Breitenbaumer, and Daniel Kümin
Abstract ............................................................................................125
Introduction ......................................................................................125
Foot- and- Mouth Disease Virus Release ...................................... 126
Maintenance Strategies ....................................................................127
Overview ..................................................................................... 127
Reactive Maintenance (Event- Oriented Maintenance) ...............128
Preventive Maintenance .............................................................. 128
Predictive Maintenance (Conditional Maintenance) ................... 130
Reliability- Centered Maintenance ..............................................131
viii Contents
Developing a Tiered Maintenance System ....................................... 132
System Layout ............................................................................. 132
Roles and Responsibilities ........................................................... 133
Maintenance Context ...................................................................135
Maintenance Categories .............................................................. 137
Implementation ................................................................................. 140
Maintenance Planning ................................................................. 140
List of Facility Systems ............................................................... 141
Maintenance Activities ................................................................ 141
Arrangement into Maintenance Categories ................................. 141
Conclusion ........................................................................................ 142
References ........................................................................................ 143
Additional References Consulted ..................................................... 143
Chapter 8 Evaluating Biorisk Management Performance ................................. 145
LouAnn Burnett and Patricia Olinger
Abstract ............................................................................................ 145
Introduction ...................................................................................... 145
The Importance of Performance to Biorisk Management ............... 146
Establishing Biorisk Management Performance Measurements ..... 149
Step 1: Identify the Key Issues of Concern ................................. 150
Steps 2 and 3: Dene Outcome and Activity Indicators and
Metrics ......................................................................................... 151
Step 4: Collect Data and Report Indicator Results ...................... 152
Step 5: Act on Findings from Performance Indicators ................ 153
Step 6: Evaluate and Rene Performance Indicators .................. 154
Specic Biorisk Management Examples .......................................... 154
Example A: Setting Biorisk Management Performance
Indicators during the Planning Stage .......................................... 155
Example B: Expanding Biorisk Management Performance
Indicators during the Planning Stage .......................................... 158
Example C: Utilizing Existing Data to Create or Expand
Performance Measurements ........................................................ 162
Example D: Using Biorisk Management Functions
and Performance Indicators Outside of Laboratories..................164
Conclusion ........................................................................................ 164
References ........................................................................................ 166
Chapter 9 Communication for Biorisk Management ........................................ 169
Monear Makvandi and Mika Shigematsu
Abstract ............................................................................................ 169
A Case Study .................................................................................... 169
Background ...................................................................................... 172
Roles and Responsibilities ................................................................ 173
ixContents
Communicating Biorisk Management Information ......................... 175
Drivers of Public Perception ........................................................ 177
Hazard Communication .............................................................. 178
Communication of Risk Assessment Findings ............................ 180
Risk Communication in a Risk Governance Framework .................182
Preassessment (Hazard Identication) ........................................ 182
Risk Assessment .......................................................................... 183
Tolerability and Acceptance Judgment (Risk Tolerance and
Acceptability) .............................................................................. 183
Risk Management (Risk Mitigation and Evaluation) .................. 185
Crisis Communication ......................................................................185
Risk and Crisis Communication during Hurricane Katrina ....... 186
Conclusion ........................................................................................ 187
References ........................................................................................ 188
Chapter 10 Three Recent Case Studies: The Role of Biorisk Management ....... 191
Reynolds M. Salerno
Abstract ............................................................................................ 191
Introduction ...................................................................................... 191
Case Study 1: Anthrax Mishandling at the CDC ............................. 192
A Role for Biorisk Management? ................................................ 192
Case Study 2: H5N1 Inuenza Mishandling at CDC ...................... 196
A Role for Biorisk Management? ................................................ 196
Case Study 3: Mishandling Inventory at the NIH ............................ 198
A Role for Biorisk Management? ................................................ 199
Conclusion ........................................................................................ 201
References ........................................................................................ 202
Chapter 11 Future Development of Biorisk Management: Challenges and
Opportunities ....................................................................................205
Benjamin Brodsky and Uwe Müeller- Doblies
Abstract ............................................................................................205
Introduction ......................................................................................205
Challenges and Opportunities ..........................................................207
Biorisk Assessment ...................................................................... 207
Biorisk Mitigation ........................................................................ 216
Bio risk Management Performance—Evaluating the
Organizational Benets from a Matured Bio risk
Management System ....................................................................221
Conclusion ........................................................................................225
References ........................................................................................ 226
Index ...................................................................................................................... 229
xi
Foreword
Communicable diseases remain a leading cause of death globally and account for
nearly one-third of world deaths. The emergence of newly identied pathogens,
as well as the re-emergence of pathogens with public health signicance, exacer-
bates the global threat of infectious diseases. For example, it has been reported that
between 1973 and 2003 over 36 newly emerging infectious diseases had been identi-
ed. Research and diagnostic activities involving pathogenic microorganisms are
critical to global security as this research elucidates knowledge and leads to products
that improve the health, welfare, economy, quality of life and security for all persons
around the globe.
Advancements in technology as well as the cross-fertilization of formerly dispa-
rate scientic disciplines have led to technical capabilities never before realized in
the life sciences. This technical progress is exemplied by the de novo synthesis of
poliovirus and the recreation of the 1918 H1N1 inuenza virus, which was the caus-
ative agent of the Spanish u pandemic, the deadliest single event in recorded history
killing an estimated 50 million people world-wide.
In addition to the threat to public health and welfare caused by pathogenic micro-
organisms derived from nature, including newly emerging or re-emerging diseases,
there is also the threat posed by the intentional release of disease-causing microorgan-
isms whether through state-sponsored biological warfare or through the intentional
use of pathogens to elicit terror. The impact of such a terrorist event was demonstrated
vividly in 2001 during the Amerithrax episode. Highly rened (i.e., weaponized)
spores of Bacillus anthracis were released on an unsuspecting public, resulting in ve
deaths, illness in 17 U.S. citizens, and an untold economic impact.
The combined threats to public health resulting from emerging diseases and the
potential for deliberate release of a pathogenic microorganism altered the research
and public health agenda not only for the U.S., but also for countries around the globe.
For example, in 2003 the U.S. National Institute of Allergy and Infectious Diseases
(NIAID) established Regional Centers of Excellence for Biodefense and Emerging
Infectious Diseases Research to serve as regional foci for developing and conduct-
ing cutting edge research. The centers were created to develop counter measures to
these threats, including vaccines, therapeutics, and diagnostics, among others. At the
same time, the U.S. Department of Homeland Security provided nancial support
to fund the construction and expansion of a laboratory infrastructure to support this
infectious diseases research agenda. This expansion of infrastructure and funding
was not unique to the U.S., and can be observed internationally.
Concerns raised by the threat of potential biological terrorism in the national
security apparatus of the U.S. and other countries resulted in the promulgation of
regulations intended to control and limit the numbers of persons with access to cer-
tain pathogenic microorganisms. This regulatory approach focused on the establish-
ment of a security-based infrastructure and security-based programs to manage the
important research directed toward understanding the fundamental biology of, and
generating medical countermeasures against, certain dangerous pathogens.
xii Foreword
Biosafety and biosecurity, while distinctly different concepts, are inexorably
linked; one cannot consider a biosafety program to be robust in the absence of bio-
security, and most certainly, biosecurity cannot exist in the absence of a strong com-
mitment to biosafety. It has become abundantly clear that a holistic approach to the
management of risks associated with research involving pathogenic microorgan-
isms is critical. Facilities and infrastructure construction and maintenance, educa-
tion, training and competency (not only of the scientic staff but also all support
staff ancillary to the research program), reliability of the entire workforce, public
outreach and political support, strong leadership committed to the management of
biorisk (i.e., biosafety and biosecurity), and a culture of responsible research are all
elements that must be integral to life sciences research, especially this particular
research enterprise.
In the early to mid-1970s, a new technology, termed “recombinant DNA
technology,” was developed and utilized. The scientic community responsible
for developing and utilizing this work also realized that the new technology posed
potential risks and threats to the health and well being of society. To address the pub-
lic and political concerns, the scientic community in the U.S. came together to craft
guidelines within the structure of the National Institutes of Health (Guidelines for
Research Involving Recombinant DNA Molecules) by which biosafety risks from this
research could be systematically assessed and through which these biosafety risks
could be specically mitigated and managed. These guidelines were not prescrip-
tive, but rather were performance based, allowing for exibility in the manner by
which these risks could be mitigated. Most critically, the guidelines provided mech-
anisms for local oversight by the scientists themselves, their research institutions,
and the funding agency. While this approach toward management of biosafety risks
associated with research involving pathogenic microorganisms is clearly important,
this approach alone is incomplete as it does not address biorisk in a holistic manner.
This book proposes a new paradigm for evaluating, mitigating, and managing
biorisk and terms this paradigm AMP: Assessment/Mitigation/Performance. While
specic individual components of this new paradigm are currently being employed
in biosafety programs built upon the existing “biosafety level” systems, many bio-
safety programs fail to comprehensively approach risk assessment, risk mitigation,
and performance evaluation. For example, a comprehensive risk analysis of both bio-
safety and biosecurity (biorisk) is generally lacking in these traditional approaches.
Similarly, where traditional biosafety level-based systems discuss levels of controls
to mitigate risk (usually built upon mitigation control measures that include engi-
neering controls, administrative controls, practices and procedures, and personal
protective equipment), few routinely evaluate the effectiveness of these risk mitiga-
tion strategies.
In the Summer of 2014 several highly publicized incidents and accidents involving
the potential release of some of the world’s most dangerous pathogens (e.g., smallpox,
Bacillus anthracis, Highly Pathogenic Avian Inuenza H5N1, and Ebola) from the
laboratories of several U.S. Federal agencies resulted in a strong negative response
from the public, who were understandably fearful of the threat to public health posed
by these releases. Following on fears of the citizenry and resultant backlash against
the scientic community conducting this research, political pressure on these same
xiiiForeword
government agencies resulted in a funding pause in the U.S. of important research
involving inuenza as well as SARS and MERS coronaviruses. Investigations into
the root causes leading to these accidents and incidents revealed that a contributing
factor may have been the prioritization of security procedures over safety practices.
As a result of these incidents, the Secretary of the U.S. Department of Health
and Human Services ordered an external review of safety programs in DHHS labs,
including the CDC. A report to the CDC by this independent external advisory group
conveyed many of the same observations made about these incidents and detailed in
Chapter 10 of this book. The case study analyses of these incidents provided in this
chapter concluded that a comprehensive approach to biorisk management was absent
at the CDC at the time of these incidents. In fact, many of the recommendations
proposed by the external advisory group are consistent with and reect the compre-
hensive approach to risk management presented in this book.
As already stated, research activities involving pathogenic microorganisms
elucidate basic knowledge and lead to products and technologies that improve the
welfare, economy, and quality of life for people globally. It is important that the
scientic community embrace a holistic approach to the management of biorisks
because biorisk management is a responsibility shared by principal investigators,
bench scientists, support staff, students, postdoctoral fellows, and the leadership of
the institutions conducting and funding this vital research. Furthermore, it is equally
important that the scientic community speak loudly and proudly of the benets of
their research activities to educate and gain public support for, and acceptance of,
this work. It is also vital to inspire youth to become conversant in and enthusiastic
about the benets of basic science.
Joseph Kanabrocki, Ph.D., SM(NRCM)
Associate Vice-President for Research Safety
Professor of Microbiology
University of Chicago
xv
Preface
The central premise of this book is that the biological research, clinical, diagnostic,
and production/ manufacturing communities need to embrace and implement biorisk
management systems in their facilities and operations. In most countries, the current
system mitigates the risk of accidental infection, accidental release, and intentional
misuse of pathogens and toxins based on general, predetermined biosafety levels
and/or prescriptive biosecurity regulations. Although this approach may have suf-
ced when the biological life science community was relatively small, and work
with particularly dangerous organisms was limited to a few countries and facilities,
the life sciences have grown signicantly in the last two decades—in both scope and
sophistication. Much of this growth has extended well beyond North America and
Western Europe, and deep into the developing world. Simply, there are more people
in more places working with, and even creating, more dangerous pathogens and tox-
ins than ever before—and that trend shows no sign of abating in the future.
Increased risk inevitably comes with this expansion. The past 20 years have been
marked by multiple safety and security incidents at bioscience facilities around the
world, including many notable incidents at so- called sophisticated facilities in North
America and Western Europe. Clearly, the current system that is based on biosafety
levels and security regulations does not work effectively enough. It is time for the
bioscience community to learn some lessons from other high- consequence indus-
tries that have experienced devastating accidents, and that have intellectually evolved
their own approaches to safety and security well beyond generic, predetermined,
technical checklists. These industries have almost universally adopted what is now
referred to as risk management systems. This book urges the global bioscience com-
munity to embrace biorisk management—before a devastating accident threatens to
jeopardize the entire bioscience enterprise.
This book is organized into 11 separate chapters, and each chapter focuses on a
different element of a biorisk management system. Different experts from around
the world have written each chapter, demonstrating that the biorisk management
system espoused by this book is globally applicable. The rst chapter denes biorisk
management, details the history of the eld of biosafety and biosecurity, and makes
a case for implementing biorisk management to prevent a major incident by drawing
comparisons to disasters in other industries. The second chapter describes the AMP
model, which is a framework that uses the components of assessment, mitigation,
and performance to structure and implement a comprehensive biorisk management
system. Chapter 3 denes the risk assessment process, and explains how to assess and
prioritize various risks, and ensure that a risk assessment ts into a biorisk manage-
ment system. The fourth chapter illustrates how to use the risk assessments to inform
a design strategy to avoid overengineering a facility and wasting valuable resources.
The fth chapter evaluates the roles of the different mitigation measures, includ-
ing laboratory practices and procedures, safety and security equipment, and per-
sonnel management. The specic combination of mitigation measures should
be determined based on the risk assessment, and evaluated according to specic
xvi Preface
performance metrics. Chapter 6 argues that a exible and adaptable training plan is
more effective than a rigid standardized compliance plan, since it can be strategi-
cally implemented to manage risk in a number of different settings and contexts with
the ability to meet the challenge of new hazards or threats.
Chapter 7 argues that reliability- centered maintenance should be the framework
for a biorisk management maintenance program. The eighth chapter advocates for
utilizing specic performance indicators, instead of relying on failure data, for pro-
active activities and outcomes to make effective changes and improvements to a
biorisk management system. The ninth chapter suggests that a comprehensive biorisk
management system must include a risk communication plan designed to address
both normal operations and emergency situations from an internal and an exter-
nal perspective.
Chapter 10 is a case study that examines the biosafety incidents that took place
at the US Centers for Disease Control and Prevention and the US National Institutes
of Health in 2014. Finally, Chapter 11 identies some of the most important chal-
lenges that face the biorisk management community by examining current gaps and
shortcomings in contemporary biorisk management understanding and approaches.
It also presents a series of opportunities to enhance the practice of biorisk manage-
ment in the future.
xvii
Acknowledgments
This book could not have been written or even attempted without the tremendous
hard work, commitment, and support of so many of our mentors, colleagues, friends,
and families. Our work around the world for more than the last decade has shaped
our evolving views of biorisk management. We have not created the eld of biorisk
management, but have been fortunate to be among those who have helped shape its
current form. Nevertheless, there are hundreds of experts around the world who suc-
cessfully manage the risks of working with dangerous biological materials on a daily
basis, and we have had the privilege to learn from the experiences of many of them.
In particular, we are grateful for the support and kindness offered to us by so
many technical experts in our eld, who have taught, guided, and encouraged us to
contribute to the intellectual debate of how best to manage the risks of working with
biological materials in research, diagnostic, and clinical laboratories, as well as in
healthcare and eld settings. Many of those experts have contributed chapters to this
book. Among those who are not authors here, but deserve our recognition and deep
appreciation, are Stefan Waggener, Paul Huntly, Vips Halkaer- Knudsen, Jim Welch,
Maureen Ellis, Bob Ellis, Nicoletta Previsani, Ingegerd Kallings, Joe Kozlovak,
Debra Hunt, and Heather Sheeley. We have been signicantly inuenced by all of
these mentors, and we are humbled to be able to call them colleagues.
We are also grateful for the collaborations that we have had with the American
Biological Safety Association, the European Biosafety Association, the Asia- Pacic
Biosafety Association, the International Federation of Biosafety Associations, the
World Health Organization, the World Organization for Animal Health, and the
European Committee for Standardization. The US Department of State’s Biosecurity
Engagement Program and the US Defense Threat Reduction Agency’s Cooperative
Biological Engagement Program have given both of us, as well as our program at
Sandia, the opportunity to work with hundreds of institutions and thousands of sci-
entists from around the world to advance biorisk management. All of these inter-
national engagements on behalf of the US government have also helped shape our
views on this topic.
This book is the product of countless discussions with the staff who work for
Sandia’s International Biological Threat Reduction (IBTR) program. Several IBTR
staff contributed to these chapters as authors, and several other IBTR staff exten-
sively peer- reviewed drafts of the chapters. The IBTR team is too large to mention
every one of them here, but we are grateful for their tireless and global commitment
to the pursuit of biorisk management. A few in particular, though, deserve special
mention. Jason Bolles, Lyle Beck, and Laurie Wallis helped create the gures and
table for this book. Laurie Wallis single- handedly managed the entire book project
from beginning to end, cajoling the authors to complete their chapters, keeping the
editors on task, negotiating with lawyers, ensuring proper reviews and approvals,
and corresponding with the staff at CRC Press. Without Laurie, this book would not
have seen the light of day; we cannot express enough gratitude for Laurie’s efforts.
xviii Acknowledgments
Sandia National Laboratories provided the nancial support for this book. In par-
ticular, we express our appreciation to Vice President Jill Hruby and Director Rodney
Wilson for supporting and funding this project. We also thank Greg Doudnikoff,
an intellectual property attorney at Sandia, who executed the contract with CRC
Press. We are particularly grateful to Rodney Wilson, director of Sandia’s Center for
Global Security and Cooperation, for his critical technical guidance and enduring
programmatic support for our work in biorisk management.
We also received fantastic assistance and encouragement from our editors at CRC
Press. Executive Editor Barbara Norwitz and Project Coordinator Kat Everett have
been wonderful to work with throughout the duration of this project. Their patience,
forbearance, encouragement, and expertise have been invaluable.
This book would not have been possible without the very signicant contribu-
tions of all of these great mentors and colleagues, and we cannot overstate our deep
gratitude to all of them. Nevertheless, all of the mistakes and shortcomings of this
manuscript remain ours and ours alone.
Finally, we extend our deepest gratitude to our signicant others, Jennifer Salerno
and Damian Donckels. Each of them has sacriced by allowing us to dedicate our
professional lives to advancing biorisk management. Without their support and
encouragement, this book would not have come to fruition.
Albuquerque, New Mexico
xix
About the Editors
Reynolds M. Salerno is the senior manager
for Cooperative Threat Reduction Programs
at Sandia National Laboratories in
Albuquerque, New Mexico. His programs
enhance US and international security by
reducing biological, chemical, and nuclear
threats worldwide. Recognized as a leading
expert on laboratory biosecurity, Salerno and
his Sandia team have worked extensively in
laboratory biosafety, biosecurity, biocontain-
ment, and infectious disease diagnostics and
control internationally. Salerno is a coauthor
of the Laboratory Biosecurity Handbook
(CRC Press, 2007). As a technical advisor to
the World Health Organization (WHO), he
was a member of the WHO’s international team that inspected the Maximum
Containment (smallpox) Laboratory at the State Research Center of Virology and
Biotechnology VECTOR, Koltsovo, Novosibirsk, Russia, in December 2009. He is a
principal developer of the WHO train- the- trainers course, “Biorisk Management
Advanced Training Program,” which was delivered in all six WHO regions in 2010.
He was recently the vice chairman of the board of directors of the International
Federation of Biosafety Associations. Salerno received his PhD from Yale University
in 1997.
Jennifer Gaudioso leads the International
Biological Threat Reduction (IBTR) and
International Chemical Threat Reduction
(ICTR) programs at Sandia National
Laboratories in Albuquerque, New Mexico.
These programs enhance US and interna-
tional security by promoting safe, secure,
and responsible use of dangerous biological
and chemical agents. They have organized
many international conferences, trainings,
and workshops to build local capacity to
address these issues. The team currently con-
sults in more than 40 countries specically
on biosecurity and chemical security issues.
Gaudioso and her Sandia team work with international partners, such as the World
Health Organization and the International Federation of Biosafety Associations.
Her program is a World Organisation for Animal Health (OIE) Collaborating
Centre for Laboratory Biorisk Management. Gaudioso has served on the National
xx About the Editors
Academies’ Committee on Education on Dual Use Issues in the Life Sciences and
their Committee on Anticipating Biosecurity Challenges of the Global Expansion of
High Containment Biological Laboratories. She is the author of numerous journal
articles and has presented her research at national and international meetings. She
also coauthored the Laboratory Biosecurity Handbook (CRC Press, 2007). Gaudioso
has served on Sandia’s Institutional Biosafety Committee, and is an active member
of the American Biological Safety Association. She earned her PhD in chemistry at
Cornell University.
xxi
Contributors
William D. Arndt
Sandia National Laboratories
Albuquerque, New Mexico
Lisa Astuto Gribble
Sandia National Laboratories
Albuquerque, New Mexico
Susan Boggs
Sandia National Laboratories
Albuquerque, New Mexico
Stefan Breitenbaumer
Spiez Laboratory
Spiez, Switzerland
Benjamin Brodsky
Sandia National Laboratories
Albuquerque, New Mexico
LouAnn Burnett
Sandia National Laboratories
Albuquerque, New Mexico
Susan Caskey
Sandia National Laboratories
Albuquerque, New Mexico
Ross Ferries
HDR Architecture, Inc.
Atlanta, Georgia
Mark E. Fitzgerald
HDR Architecture, Inc.
Atlanta, Georiga
Jennifer Gaudioso
Sandia National Laboratories
Albuquerque, New Mexico
Lora Grainger
Sandia National Laboratories
Albuquerque, New Mexico
Natasha K. Grifth
University of California– Los Angeles
Los Angeles, California
Hazem Haddad
Jordan University of Science and
Technology
Irbid, Jordan
Laura Jones
Sandia National Laboratories
Albuquerque, New Mexico
Ephy Khaemba
International Livestock Research
Institute
Nairobi, Kenya
Daniel Kümin
Spiez Laboratory
Spiez, Switzerland
Monear Makvandi
Sandia National Laboratories
Albuquerque, New Mexico
Sergio Miguel
Medical Forensic Laboratory
Buenos Aires, Argentina
Uwe Müeller- Doblies
Epibiosafe
Surrey, United Kingdom
Patricia Olinger
Emory University
Atlanta, Georgia
xxii Contributors
William Pinard
Sandia National Laboratories
Albuquerque, New Mexico
Reynolds M. Salerno
Sandia National Laboratories
Albuquerque, New Mexico
Edgar E. Sevilla- Reyes
National Institute of Respiratory
Diseases
Mexico City, Mexico
Mika Shigematsu
National Institute of Infectious
Diseases
Tokyo, Japan
Edith Sangalang Tria
San Lazaro Hospital
Ministry of Health
Manila, Philippines
Dinara Turegeldiyeva
Kazakh Science Center for Quarantine
and Zoonotic Diseases
Almaty, Kazakhstan
Laurie Wallis
Sandia National Laboratories
Albuquerque, New Mexico
Cecelia V. Williams
Sandia National Laboratories
Albuquerque, New Mexico
1
1Introduction
The Case for Biorisk
Management
Reynolds M. Salerno and Jennifer Gaudioso
ABSTRACT
This introductory chapter recounts the history of laboratory biosafety and
biosecurity in an attempt to explain the origins of the current paradigm that
relies on pre-dened biosafety levels, agent risk groups, and biosecurity regu-
lations. This history reveals that the fundamental concepts of bio risk manage-
ment were articulated well before the current paradigm came into existence,
but unfortunately have been lost by a community that has expanded signi-
cantly. After summarizing many safety and security incidents at bioscience
laboratories in the 1990s and 2000s, demonstrating the weakness of the cur-
rent paradigm, this chapter argues that the rapid technological advances of the
biosciences compel the community to reconsider the traditional methods of
ensuring safety and security. The chapter then reviews a series of catastrophic
accidents that occurred in many different industries, and shows, as a result, how
generic, rule-based, administrative systems have been abandoned in favor of a
performance-based, holistic, risk-management systems approach. The imple-
mentation of substantive risk management policies, standards, and expecta-
tions has dramatically decreased both the number and severity of accidents in
these industries. The bioscience community should not wait for a calamity to
occur in its eld before learning these fundamental lessons.
LABORATORY BIOSAFETY AND BIOSECURITY
Biorisk management encompasses both laboratory biosafety and biosecurity. The
laboratory biosafety community has relied on predened biosafety levels* for more
than 30 years. Laboratory biosecurity has a much shorter history than biosafety,
but it has been predominantly based on prescriptive regulations. In both cases, bio-
safety and biosecurity practices have generally relied on generic biological agent risk
* According to the WHO Laboratory Biosafety Manual, 3rd edition (2004), “Laboratory facilities are
designated as basic—Biosafety Level 1, basic—Biosafety Level 2, containment—Biosafety Level 3,
and maximum containment—Biosafety Level 4. Biosafety level designations are based on a composite
of the design features, construction, containment facilities, equipment, practices, and operational pro-
cedures for working with agents from the various risk groups.”
2Laboratory Biorisk Management
groups, biosafety levels, or regulations that, de facto, assume that all work with the
same agent presents the same degree of risk—regardless of the nature of the work,
where it takes place, or by whom. Diagnostic work with avian inuenza should take
place in essentially the same laboratory in Minneapolis as in Jakarta, and if the labo-
ratories physically look the same, the risk of accidental release will be essentially the
same. Of course, anyone with any substantive experience in the biological research
and diagnostics eld, particularly biosafety experts, will recognize the absurd sim-
plicity of that statement, but for many who want to build a new bioscience facility,
the published guidance leads them to believe that achieving the prescribed biosafety
level equates to biological safety in that facility.
The situation is arguably worse for laboratory biosecurity. Because most pro-
fessionals in the bioscience community have little experience or expertise in law
enforcement or counterterrorism, policy makers with scant bioscience background
have enacted regulations that dene the technical security systems for every facility
that works with specic agents or toxins. The unique circumstances of the facil-
ity or its personnel, its location, the agents, and the nature of the work with those
agents seem not to matter. From the perspective of the regulators, all the facili-
ties that work with certain dangerous agents in their jurisdiction should employ the
same security approach. Not only does this simplied approach inevitably lead to
wasted security resources in some facilities, and signicant gaps in security at other
facilities, but most disturbingly, it discourages the scientic leadership to engage
intellectually on the subject of security. Such an attitude inevitably leads to compla-
cency and increases a facility’s vulnerabilities over time.
A Short hiStory of LAborAtory bioSAfety
It is instructive to understand the history of laboratory biosafety and biosecurity.
Much of the published history is rooted in North America and Western Europe.
Biosafety as an intellectual eld can trace at least many of its origins to the US bio-
logical weapons program, which was active during the Cold War and nally termi-
nated by President Nixon in 1969. In 1943, Ira L. Baldwin became the rst scientic
director of Camp Detrick (which eventually became Fort Detrick), and was tasked
with establishing the biological weapons program (US Department of Army 2014).
The US development of biological weapons was explicitly for defensive purposes: to
enable the United States to respond in kind if attacked by such weapons. After the
Second World War ended, Camp Detrick was designated a permanent installation
for biological research and development. Baldwin understood from the very begin-
ning that the program had to establish specic measures to protect Camp Detrick
personnel and the surrounding community from the dangers of the highly infectious
agents that the program would work with on a daily basis. Biosafety was necessar-
ily an inherent component of biological weapons development.* Baldwin immedi-
ately assigned Newell A. Johnson to design any needed modications for safety.
Johnson engaged some of Camp Detrick’s leading scientists about the nature of their
* It is fair to assume that, at this time or even before, the British, Soviets, and Japanese also had devel-
oped biosafety measures as part of their biological weapons development programs.
3Introduction
work, and developed specic technical solutions—such as Class III safety cabinets
and laminar ow hoods—to address their specic risks (US Department of Army
2014). Over time, Johnson and his colleagues recognized the need to share their
technical challenges and solutions with other facilities that were also part of the US
biological weapons program, and in 1955 they began to meet annually to discuss bio-
safety issues. This annual meeting eventually led to the formation of the American
Biological Safety Association (ABSA) in 1984, and the annual meeting soon became
the ABSA annual conference (Barbeito and Kruse 2014).
Although the US biological weapons offensive and defensive programs are among
the most documented contributions to a systematic approach to developing biosafety,
these pioneers recognized the contributions of others to the eld. For example,
Arnold Wedum cites descriptions of the use of mechanical pipettors to prevent
laboratory- acquired infections in German scientic journals that date back to 1907
and 1908 (Wedum 1997). Ventilated cabinets, early progenitors to the nearly ubiqui-
tous engineered control now known as the biological safety cabinet, were also rst
documented outside of the US biological weapons program. A pharmaceutical com-
pany in Pennsylvania developed a ventilated cabinet for work with Mycobacterium
tuberculosis in 1909 (Kruse et al. 1991). In 1954, tuberculosis was the driving factor
that led to the adoption of similar ventilated cabinets at the Goteborg Bacteriological
Laboratory (Lind 1957). These early efforts helped the bioscience community begin
to more broadly adopt principles of this nascent eld of biosafety.
At approximately the same time as the United States formally abandoned its bio-
logical weapons program, the international community aggressively pursued the
eradication of smallpox (College of Physicians of Philadelphia 2014).* The smallpox
eradication campaign, which ofcially began in 1967, also had a signicant impact
on the evolution of the biosafety eld. Between 1963 and 1978, there were a series of
smallpox infections that originated from laboratories in the United Kingdom. In that
time period, the United Kingdom had 80 cases of smallpox infections that were traced
to two accredited smallpox laboratories (Shooter 1980; Furmanski 2014). The most
egregious of these incidents occurred in August 1978—well after the last wild case of
Variola major in 1975, and the last wild case of Variola minor in 1977. Janet Parker,
a medical photographer at the University of Birmingham Medical School, worked
in a darkroom one oor above a laboratory where research was being conducted
with live smallpox virus. After contracting the disease at work, and then infecting
her mother, Parker became the last person known to die from smallpox. Her mother
survived, and 300 of her colleagues and contacts were quarantined. Prior to this
event, the World Health Organization (WHO) had informed Henry Bedson, the head
of the medical microbiology department, that his facilities did not conform to the
WHO guidelines. Bedson failed to make any of the WHO’s recommended changes in
lab procedures. Shortly after Parker’s death, Bedson committed suicide, purportedly
over the guilt for his part in the tragedy (College of Physicians of Philadelphia 2014).
* The World Health Organization launched the Intensied Smallpox Eradication Programme in 1967.
At the time, smallpox was endemic in 12 countries or territories in eastern and southern Africa, 11 in
Western and Central Africa, seven in Asia, and Brazil in the Americas. The World Health Assembly
declared smallpox eradicated in 1980.
4Laboratory Biorisk Management
The accidental infection and death of a laboratory worker and the secondary
transmission to someone outside of the laboratory—after the international commu-
nity had spent US$23 million per year between 1967 and 1979 to eradicate small-
pox (Center for Global Development 2014)—raised serious concerns about biosafety
practices worldwide (e.g., Pike 1976*), and contributed directly to the decision by the
World Health Assembly to consolidate the remaining stocks of smallpox into two
locations: the Centers for Disease Control and Prevention (CDC) in the United States
and the State Research Center of Virology and Biotechnology (known as VECTOR)
in Russia. In addition, this tragedy spurred forward some embryonic biosafety initia-
tives. In 1974, the CDC had published the Classication of Etiological Agents on
the Basis of Hazard (US Centers for Disease Control and Prevention 1974), which
introduced the concept of establishing ascending levels of containment that corre-
spond to risks associated with handling groups of infectious micro organ isms that
present similar characteristics—or so- called agent risk groups. Two years later,
the US National Institutes of Health published the NIH Guidelines for Research
Involving Recombinant DNA Molecules (US National Institutes of Health 1976),
which described in detail the microbiological practices, equipment, and facility safe-
guards that correspond to four ascending levels of physical containment.
These guidelines set the foundation for a code of biosafety practice that was for-
mally introduced in 1983, when the WHO published the rst edition of its Laboratory
Biosafety Manual (World Health Organization 1983), and in 1984, when the CDC
and NIH jointly published the rst edition of Biosafety in Microbiological and
Biomedical Laboratories (BMBL) (US Department of Health and Human Services
1984). These documents established the paradigm of biosafety containment levels
that should be implemented for work with certain agents. Increasing biosafety lev-
els were designated for biological agents that pose increasing risk to human health.
Understandably, the biosafety levels focused on the technical means of mitigating
the risk of accidental infection or release. Although the biosafety levels articulated
a combination of engineered controls, administrative controls, and practices, the
emphasis was clearly on equipment and facility controls. Specic technologies and
physical barriers were associated with each of the biosafety levels, and risk assess-
ment was not emphasized. In fact, the implication was that the risk assessment had
already been done by the experts, who had categorized the agents into risk groups,
and established specic controls for each of the biosafety levels. A community of
“biosafety ofcers” soon emerged, who adopted the administrative role in bioscience
facilities of ensuring that the proper equipment and facility controls were in place
based on the specied biosafety level of the laboratory.
Unfortunately, the biosafety levels paradigm that was adopted in the early 1980s
seemed to have overlooked some seminal work on biosafety that rst appeared more
than two decades earlier. In 1961, Brooks Phillips published a study of biosafety based
on his visits to 102 laboratories in 11 countries, and concluded that preventing acci-
dental releases and infections in laboratories required a broad, systematic approach
that should not be limited to the implementation of technical control measures:
* This seminal study documented 3,921 historical cases, of which 2,465 occurred in the United States
and 164 were fatal.
5Introduction
A ‘whole laboratory’ concept can be evolved in which importance may be attached to
such varied sub- components as management, training, building construction, air venti-
lation and ltration, disinfectants, immunization, and the use of special equipment and
techniques…. One may ask a number of pertinent questions. To what extent is micro-
biological safety needed in various types of laboratories? Which sub- components are
most important? Is the application of these newer developments fully justied from the
point of view of costs? (Phillips 1961)
Furthermore, Phillips concluded that management displayed evidence of its safety
responsibilities in only 43% of the facilities that he visited. Without explicit manage-
ment direction and support, the implementation of any biosafety controls would not
be reliably or consistently effective. And conversely, leadership on discrete safety
issues had a signicant positive inuence on staff choosing to use available risk miti-
gation measures. For instance, the risk of mouth pipetting infectious solutions was
nearly universally recognized. But in laboratories whose leadership did not insist on
the use of mechanical pipettors, staff defaulted to mouth pipetting whenever they
felt too busy to use the “more time- consuming” mechanical pipettors. When the lab
leadership enforced the requirement to use mechanical pipettors instead of mouth
pipetting, there was good compliance, few complaints, and technicians were proud
that the director was concerned about their health (Phillips 1961).
Phillips also illustrated how the laboratory design impacts safety, citing building
features such as size and shape, room size and layout, ventilation, and separation of
infectious areas. He evaluated a series of laboratory designs based on his visits to
demonstrate the effect of each on biosafety, and he argued that many of the most
recently constructed laboratories did not optimize their design or operations with
biosafety as a priority. He articulated challenges that, unfortunately, remain familiar
to today’s lab directors: “They frequently nd themselves without sufcient informa-
tion on laboratory hazards, on the frequency of laboratory illness, or about recent
developments in building design—information which is needed to present cogent
arguments for increased building funds” (Phillips 1961). As far back as 1961, Phillips
recognized that a well- designed building can and should support the safe and secure
execution of work by the end user. The building layout, and resulting workows, is
the dening element in the creation of public and private zones that are critical for
both safety and security.
Arnold Wedum, director of Industrial Health and Safety at the US Army
Biological Research Laboratories from 1944 to 1969, has been recognized as one of
the pioneers of biosafety who, according to the BMBL, “provided the foundation for
evaluating the risks of handling infectious micro organ isms and for recognizing bio-
logical hazards and developing practices, equipment, and facility safeguards for their
control” (US Department of Health and Human Services 2009). In 1966, Wedum
and his Fort Detrick colleague, microbiologist Morton Reitman, analyzed multiple
epidemiological studies of laboratory- based outbreaks, and showed that no infec-
tions occurred in people outside of the building that were not associated with the
laboratory. They concluded that primary containment is sufcient for most research
and diagnostic activities, and ltering the exhaust air is unnecessary except for situ-
ations such as laboratories that work with dry micronized microbial particles or pilot
6Laboratory Biorisk Management
plants that grow pathogens in aerated tanks with agitators. The fundamental point
articulated by Wedum and Reitman was that laboratories should be designed based
on a risk assessment that is specic for the work to be conducted at that particular
facility (Reitman and Wedum 1966).
Wedum and Reitman were not alone in promoting this perspective. As far back
as 1954, Rolf Saxholm identied the risk of laboratory- acquired infection of tuber-
culosis during centrifugation. To mitigate this risk, he developed a procedure that
eliminated the need to centrifuge tuberculosis specimens. Although he demonstrated
the utility of his method, his procedure never became widely accepted outside of
Norway (Saxholm 1954). In 1961, Brooks Phillips documented how different labora-
tories developed different technical solutions to effectively mitigate the same risks.
For example, to mitigate the risk of aerosol exposure to tuberculosis during cen-
trifugation of sputum samples, the Imperial Chemical Industries Laboratory in the
United Kingdom located their centrifuges in ventilated hoods, while other laboratories
placed centrifuge tubes in protective cases before centrifuging (Phillips 1961).
Despite the publication of these foundational biosafety works, the predened,
biosafety- levels paradigm that was promulgated almost 20 years later seemingly
eliminated the expectation for a site- specic and work- specic risk assessment.
Instead, a facility operator could rely on the predetermined agent risk groups and
biosafety levels for design guidance. Risk assessments became the equivalent of iden-
tifying the material safety data sheet of the agent that would be used in a particular
experiment. Comprehensive risk assessments, as advocated by Wedum and Reitman,
became increasingly rare. And, as a result, many laboratories in the United States
and elsewhere were “overdesigned,” wasting precious resources that could have been
allocated to other, perhaps more effective, biosafety control measures.
A Short hiStory of LAborAtory bioSecurity
This agent- or prescribed level- based risk perspective bled over into the laboratory
biosecurity realm once the concern about the misuse of dangerous pathogens became
more commonplace. After Larry Wayne Harris ordered Yersinia pestis under false
pretenses, the US government enacted the so- called select agent regulations in 1996
to regulate the transfer of a select list of biological agents from one facility to another
(US Code of Federal Regulations 1996). If a facility transferred an agent on this list,
then the regulations determined that there was risk of misuse. If a facility did not
ship a pathogen on the government list, then the government believed there was no
risk of misuse. The US government changed its perspective slightly after the terrorist
attacks and the Amerithrax attacks of 2001: the revised select agent regulations now
required specic security measures for any facility in the United States that used
or stored one or more agents on the new, longer list of agents (US Code of Federal
Regulations 2005). Again, however, the government took responsibility for deter-
mining the risk, and the risk was deemed the same for all the agents on the list. The
security risk of an agent not on the list was determined to be so low or nonexistent
that security measures were not required for that particular agent. After years of
complaints from the bioscience community about this simplistic dichotomy between
biosecurity risk for those agents on the list and no biosecurity risk for those agents
7Introduction
off the list, the select agent regulations were revised in 2012 to create two tiers of
select agents: Tier 1 agents that pose the greatest risk of deliberate misuse, and the
remaining select agents. This change was intended to make the regulations more risk
based, mandating additional security measures for Tier 1 agents (US White House
2010). Yet the explicit message to the bioscience community remained that it was
not necessary for individual facilities to conduct their own security risk assessments,
or to design the most appropriate security systems to mitigate their unique risks.
Instead, the message was that compliance with regulations was a sufcient form of
risk mitigation. Security risk management was hardly necessary.
Other countries have also implemented relatively simplistic and prescriptive
biosecurity regulations for bioscience facilities. Singapore’s Biological Agents and
Toxins Act is similar in scope to the US regulations, but with more severe penalties
for noncompliance (Republic of Singapore 2005). South Korea amended its Act on
Prevention of Infectious Diseases in 2005 to require institutions that work with listed
“highly dangerous pathogens” to implement laboratory biosafety and biosecurity
requirements to prevent loss, theft, diversion, release, or other misuse (Government
of South Korea 2005). Under Japan’s recently amended infectious disease control
law, Japan’s Ministry of Health, Labor, and Welfare established four schedules of
select agents that are subject to different reporting and handling requirements for
possession, transport, and other activities (Government of Japan 2007). Canada
certies Canadian containment level (CL) 3 and CL4 facilities that work with risk
group 3 or 4 human pathogens (Public Health Agency of Canada 2014). In 2008, the
Danish Parliament passed a law that gives the Minister of Health and Prevention
the authority to regulate the possession, manufacture, use, storage, sale, purchase
or other transfer, distribution, transport, and disposal of listed biological agents
(Kingdom of Denmark 2008).
But in all cases, the paradigm of regulated security measures based on a pre-
dened list of agents is the same. All a facility must do, if it is subject to these bio-
security regulations, is implement prescribed security measures if it works with or
stores an agent on the list. Biosecurity implementation has become a purely admin-
istrative activity based on a government- developed checklist. Risk assessment and
management by the principals who work with, own, and are ultimately responsible
for those agents are superuous activities. Why do it if it is not required?
recent bioSAfety And bioSecurity incidentS
We believe that the bioscience community depends too heavily on predened solu-
tions sets, known as agent risk groups, biosafety levels, and biosecurity regulations.
This dependence has relegated laboratory biosafety and biosecurity to the adminis-
trative basements of bioscience facilities. These generic agent risk groups, biosafety
levels, and biosecurity regulations have almost eliminated the pursuit of the intellec-
tually rigorous, risk- based assessments and solutions of the 1960s—when the eld
was in its infancy. Instead, we now often have complacency in laboratory biosafety
and biosecurity, and the general absence of comprehensive management systems to
mitigate these risks.
8Laboratory Biorisk Management
Such complacency has contributed directly to a series of safety and security inci-
dents in bioscience facilities, especially since the eld began to expand and advance
signicantly in the mid to late 1990s. The nature of these incidents demonstrates the
fundamental weakness of the biosafety and biosecurity paradigm based on agent
risk groups, biosafety levels, and biosecurity regulations. The increasing frequency
of these incidents portends disaster for the bioscience eld unless the biosafety and
biosecurity paradigm changes dramatically.
There have been many recent incidents of laboratory- acquired infections that can
be attributed to a failure to wear basic personal protective equipment and follow
simple good laboratory practices. For instance, in 2001, the New England Journal of
Medicine published a report of the rst human case of glanders in the United States
in over 50years. A 33-year- old microbiologist, who worked with Burkholderia mal-
lei at the US Army Medical Research Institute of Infectious Diseases (USAMRIID)
in Frederick, Maryland, did not routinely wear gloves. It is believed that his exposed
skin was the means of infection. His illness persisted and grew more severe after
several months, and his treatment was complicated by the lack of clinical experi-
ence with glanders (Srinivansan et al. 2001). In 1996, 6 of 19 medical technologists
who worked in a clinical microbiology laboratory in Rhode Island were infected
and became ill with Shigella sonnei. Study of the cultured isolates indicated that the
Shigella strain in question was nearly identical to a control strain kept by the labora-
tory, and which was in use at the time of exposure by one of the unaffected medical
technology students. The student was the only member of the laboratory to routinely
wear gloves. However, he did not follow other laboratory protocols, including the
use of a separate processing sink for disposal of work samples. Instead, he utilized a
more convenient hand washing sink, which he contaminated with S. sonnei. In turn,
his colleagues who used the sink’s faucet handles were infected with S. sonnei. If
laboratory management had insisted on the proper use of gloves and sinks, those six
accidental infections would not likely have occurred (Mermel et al. 1997).
Needle sticks have continued to be problematic in laboratories. Over the past
decade, there have been multiple signicant needle stick incidents. For instance, in
2004, a researcher at USAMRIID received a needle prick in biosafety level 4 contain-
ment while using a syringe on mice infected with a mouse- adapted variant of Ebola
Zaire (Kortepeter et al. 2008). Also in 2004, a researcher at VECTOR in Russia
died after pricking herself with a needle laden with the Ebola virus (Miller 2004). A
researcher at the University of New Mexico was reportedly “jabbed with an anthrax-
laden needle” in 2004 (The Sunshine Project 2007). A worker at the University of
Chicago in 2005 reportedly “punctured his or her skin with an infected instrument
bearing a BSL-3 select agent. It was likely a needle contaminated with either anthrax
or plague” (The Sunshine Project 2007). A researcher at the Bernard Nocht Institute
for Tropical Medicine in Hamburg, Germany, accidently pricked herself with a nee-
dle while working with Ebola virus in 2009 (The Canadian Press 2009).
Recent lapses in containment have also led to the introduction of disease into the
community beyond the laboratory facility. In 2000, in Vladivostok, Russia, eight
children ages 11–14 became ill after playing with discarded smallpox vaccine vials.
The cause was most likely improper decontamination and disposal procedures by a
nearby public health station (Byers 2009). Two laboratory workers in the National
9Introduction
Institute of Virology in Beijing contracted severe acute respiratory syndrome (SARS)
between March and May 2004 after working with improperly inactivated virus. This
led to seven additional people being infected in the community (US Centers for
Disease Control and Prevention 2004). In August 2007, foot and mouth disease virus
was released into the environment from a laboratory in the village of Pirbright in the
United Kingdom, resulting in a signicant local outbreak of the disease. The most
likely cause of this release was determined to be improper liquid waste disposal as
a result of the deteriorated condition of the site drainage system (Health and Safety
Executive 2007).
There were also several notable security incidents at major bioscience facilities
during this same time period. The US Federal Bureau of Investigations accused Bruce
Ivins, a researcher at USAMRIID, of manipulating and distributing anthrax to cause
harm. Specically, the FBI claimed that, in 2001, Ivins mailed several letters that
contained anthrax spores through the US Postal Service to various recipients across
the United States, resulting in the deaths of 5 people and the sickening of 17 others
(Federal Bureau of Investigation 2011). In 2004, Texas Tech University professor
Thomas Butler was sentenced to two years in jail and multiple nes after he reported
that 30 vials of plague bacteria were missing from his laboratory. After setting off a
bioterrorism scare, he signed a statement that he accidentally destroyed the samples
during the cleanup of a prior accident in his laboratory. However, it remains unclear
what happened to those samples. Butler later recanted his signed statement and indi-
cated it was possible that the samples had been destroyed, but he could not remember
(Tanne 2003). During a general inspection of Texas A&M University in 2007, the
CDC cited the university for failure to inform the CDC’s Division of Select Agents
and Toxins of a series of restricted aerosolization experiments with Coxiella burnetii
on nine occasions from May 2003 to June 2005 (US Centers for Disease Control
and Prevention, DSAT 2007). A former researcher at the National Microbiology
Laboratory in Winnipeg, Canada, stole 22 vials of Ebola virus genetic material,
which was discovered as he attempted to cross the US- Canada border in May 2009
(CBC News 2009). There is also a series of documented inventory discrepancies in
a variety of US laboratories (US Centers for Disease Control and Prevention, DSAT
2007; Palk 2009; Sherman 2009; Margolin and Sherman 2005).
Recognizing the spate of safety and security incidents in bioscience facilities that
had occurred in the late 1990s and the early 2000s, the editors of the fth edition
of the BMBL, which was published in 2007, emphasized the need for more compre-
hensive risk assessments in the eld. It coached practitioners to assess the risk based
on the agent hazards, to consider the hazards from the specic laboratory proce-
dures, and then to “make a nal determination of the appropriate biosafety level and
select additional precautions based on the risk” (US Centers for Disease Control and
Prevention, DSAT 2007). However, this guidance remained embedded in the histori-
cal paradigm of biosafety levels and agent risk groups.
A ModeL of bioriSk MAnAgeMent beginS to eMerge
The following year a bipartisan US congressional commission released the World at
Risk report, which among many recommendations called for bioscience laboratories
10 Laboratory Biorisk Management
that handle dangerous pathogens to implement a unied laboratory bio risk manage-
ment framework to enhance their safety and security (Commission on the Prevention
of WMD Proliferation and Terrorism 2008). Prior to the publication of this report,
a group of experts from 24 different countries gathered to reconsider the traditional
biosafety paradigm. In 2008, the European Committee for Standardization pub-
lished a workshop agreement on laboratory bio risk management that reected an
emphasis on rigorous and experiment- specic and facility- specic risk assessment
and mitigation, and management monitoring of performance with an emphasis on
continual improvement. This document, known as CWA 15793, dismissed the con-
ventional approach based on biosafety levels, received wide acclaim internationally,
and was renewed in 2011 (European Committee for Standardization 2011). No other
document of its kind exists in the international community.
Since its publication, many institutions around the world have initiated the pro-
cess to implement CWA 15793 in order to better manage bio risks in their facili-
ties. However, many organizations in North America, including some governmental
agencies, remain skeptical of the value of bio risk management, and interpret it as
simply an additional nancial burden on the life sciences community (Steenhuysen
and Begley 2014). At the time of this writing, the International Organization for
Standardization (ISO) has initiated a new work item proposal on laboratory bio risk
management. If approved by the member states, this project will pursue the develop-
ment of an ISO international standard in bio risk management—the rst of its kind
in the biosciences.
Despite the publication of CWA 15793, biological scientists and facilities in the
United States have been slow to embrace bio risk management—a culture of rig-
orously assessing risks, deciding how to mitigate those risks deemed to be unac-
ceptable, and establishing mechanisms to constantly evaluate the effectiveness of
the control measures. In 2013, the University of California– Los Angeles released
initial results from its landmark international survey of laboratory safety. Almost
half of the 2,400 scientists who responded had experienced injuries ranging from
animal bites to chemical or biological inhalation. Thirty percent of respondents said
they had witnessed at least one major injury that required attention from medical
professionals. Perhaps most interesting was the discrepancy between US and UK
scientists related to the use of risk assessments. In the United Kingdom, where the
Health and Safety Executive mandates risk assessments, almost two- thirds of scien-
tists said that they regularly execute risk assessments. In the United States, only one-
quarter of scientists acknowledge that they conduct formal risk assessments; more
than half of US scientists said they assessed risk only “informally” (Van Noorden
2013). Clearly, bio risk management is not yet embedded in the bioscience mindset
of the United States.
Unfortunately, and perhaps not surprisingly, high- prole laboratory accidents
remain somewhat commonplace—even in some of the world’s most sophisticated
bioscience facilities. In 2012, the CDC reported that there were 727 incidents of theft,
loss, or release of select agents in the United States between 2004 and 2010, resulting
in 11 laboratory- acquired infections (Henkel et al. 2012). In early 2014, a laboratory
at the US Centers for Disease Control and Prevention in Atlanta, Georgia acciden-
tally and unknowingly cross- contaminated low- pathogenic inuenza samples with
11Introduction
the highly pathogenic H5N1 inuenza, and transferred the material to laboratories
that were not approved to work with H5N1. The CDC did not learn of the mistake
until informed by one of the facilities that had received the sample. Later in the same
year, as many as 84 workers were unknowingly and unintentionally exposed to live
strains of the Bacillus anthracis at the CDC in Atlanta (Russ and Steenhuysen 2014).
Scientists in a BSL3 laboratory failed to inactivate the bacteria, and neglected to
validate the inactivation, before transferring the material to three BSL2 laboratories.
new focuS on riSkS of bioScience reSeArch
This less-than-stellar safety and security record has made the general public, and
even some in the scientic community, question the fundamental rationale for work
with dangerous biological agents. In 2003, Boston University Medical Center won a
grant from the National Institutes of Health to build one of two national biocontain-
ment laboratories—the National Emerging Infectious Disease Laboratory—as part
of the new US biodefense research strategy. Yet in 2014, because of the protracted
public opposition, research had not begun in the biosafety level 4 suites, and the
Boston mayor sought an ordinance “to ban level 4 research as proper precaution in
light of the possibility that safeguards might fail” (Boston Globe Editorial 2014).
In 2011, researchers at the Erasmus Medical Center in Rotterdam, the Netherlands,
led by Ron Fouchier, and the University of Wisconsin– Madison, led by Yoshihiro
Kawaoka, in separate studies articially engineered the H5N1 avian u virus to
transmit easily from one ferret to another (Herfst et al. 2012; Imai et al. 2012). Since
this research used an established animal model for human u, it effectively created
a potentially pandemic strain of inuenza that does not currently exist in nature.
In 2014, the Wisconsin team combined the genes from several avian u viruses to
construct a new organism similar to the 1918 Spanish u virus that also spread ef-
ciently in ferrets (Watanabe et al. 2014). Many scientists have argued that the risk
of accidental release, accidental infection, or intentional misuse of this so- called
gain of function research does not outweigh the scientic benets of increased
knowledge about how avian inuenza might naturally and genetically evolve into
something particularly more dangerous. Based on historical laboratory- associated
infections in BSL3 facilities, Marc Lipsitch and Alison Galvani concluded that over
a 10-year period there would be a 20% risk of at least one laboratory- acquired infec-
tion of a novel pandemic u strain, which could initiate an extensive spread of the
disease (Lipsitch and Galvani 2014). Although there are erce arguments on both
sides regarding the legitimacy of gain of function research, the fundamental concern
about this issue hinges on laboratory biosafety and biosecurity.
The bioscience community has been acutely aware of the risks associated with
biological research, specically that it could be misused for malevolent purposes,
or that it could result in the creation of novel pathogens with unique properties—
perhaps even an entirely new class of threat agents. In 2004, the National Academy
of Sciences published the so- called Fink Report, which dened seven categories of
experiments of concern, and developed a series of recommendations to prevent the
misuse of biology without preventing the conduct of legitimate research (National
Research Council 2004). Unfortunately, the Fink Report did not identify the need
12 Laboratory Biorisk Management
to improve the practice of laboratory biosafety and biosecurity, other than to rec-
ommend “that the federal government rely on implementation of current legislation
and regulation, with periodic review by the National Science Advisory Board on
Biosecurity (NSABB), to provide protection of biological materials and supervi-
sion of personnel working with these materials” (National Research Council 2004).
However, the NSABB has conducted no substantive review of laboratory biosafety
and biosecurity since it was established in 2005.
The rapid advance of synthetic biology further highlights the critical need to
reevaluate the current biosafety and biosecurity system based on agent risk groups,
biosafety levels, and security regulations. Leveraging signicant, recent improve-
ments in the ability to synthesize and sequence DNA, synthetic biology pursues the
creation of technologies for designing and building biological organisms—and often
these organisms are completely novel or have unique characteristics. These new bio-
logical agents obviously do not appear on existing agent risk groups or select agent
lists, or fall neatly into traditional biosafety levels. Arguably and understandably,
the eld of bioethics has become much more robust with the emergence of synthetic
biology: traditional methods of biosafety and biosecurity seem largely irrelevant, so
the public must increasingly rely on the ethical behavior of the scientists involved
to ensure safety and security. Notably, the synthetic biology eld has recently begun
recognizing the need to develop more robust approaches to risk and risk assess-
ment (Pauwels et al. 2013). A study by the Netherlands Commission on Genetic
Modication (COGEM) in 2013 concluded that current risk assessment approaches
may be sufcient for synthetic biology today, but will not be sufcient to address
risks when there is no known reference organism or introduced characteristics are
unpredictable (Commission on Genetic Modication 2013). In 2010, a National
Academy of Sciences report concluded that a “sequence- based prediction system for
oversight of Select Agents is not possible now and will not be possible in the usefully
near future” (National Research Council 2010).
Clearly, the rapid technological advances of the biosciences compel the com-
munity to reconsider the traditional methods of ensuring safety and security. The
power of biotechnology to counter the threat that emerging infectious diseases pose
to public and economic health, and global accessibility to this technology, has also
led to a rapid expansion of sophisticated laboratories around the world (Fonkwo
2008). The risk of a catastrophic biosafety or biosecurity incident seems to increase
on an almost daily basis, especially if the traditional, rule- based biosafety paradigm
remains unchanged. Today, the bioscience community needs to develop and adopt a
new, performance- based method to manage the risks of the biosciences—before it
is responsible for a major catastrophe. This book argues that bio risk management is
the solution.
LEARNING LESSONS FROM OTHER INDUSTRIES
More than half a century ago, in 1961, G.B. Phillips noted that “in a broad sense,
attitudes and activities which create conditions favorable for occupational infections
are similar to those that lead to the occurrence of industrial type accidents” (Phillips
13Introduction
1961). We also believe that much can be learned from understanding how differ-
ent industries approach safety and security. In particular, those industries that have
experienced major accidents, involving large- scale loss of life, have been compelled
to reassess their safety programs, and have almost universally recognized decien-
cies in risk management as a principal cause in those accidents. As a result, those
industries have embraced a performance- based, holistic, risk management paradigm.
Generic, rule- based, administrative systems have been abandoned. The bioscience
community should not wait for a calamity to occur in its eld before learning these
fundamental lessons. The following section describes a number of catastrophic acci-
dents that have compelled widely different industries—outside of the life sciences
community—to embrace broad- ranging risk management systems. It also demon-
strates that industries that have implemented substantive risk management policies,
standards, and expectations have dramatically decreased both the number and sever-
ity of accidents.
union cArbide, bhopAL, 1984
On December3, 1984, a large toxic vapor cloud containing 40 tons of methyl iso-
cyanate (MIC) gas leaked from a Union Carbide pesticide plant in Bhopal, India.
Prevailing winds carried the chemical cloud over the city of Bhopal and exposed
well over 500,000 people. The numbers of reported fatalities and injuries vary
widely, but recent studies indicate that the MIC contamination of Bhopal killed over
10,000 people, caused as many as 20,000 premature deaths, and injured or disabled
another 50,000 (Broughton 2005). This accident is still considered the worst chemi-
cal plant disaster in industrial history.
The leak was caused by water being misdirected to one of the two large MIC
storage tanks during a routine pipework cleaning activity. MIC mixed with water
causes an exothermic reaction, and resulted in a large volume of a toxic mixture
forming and eventually being released into the atmosphere through the plant’s are
tower. There were a number of safeguards at the plant designed to prevent this sort of
release, but almost all of these preventative measures were inactive or not monitored
(American University 2014; Manaan 2005).
The Bhopal disaster was a classic example of egregious mismanagement at every
level of the organization, from executive management to the individual tank opera-
tors. For example, the operators who saw the increased pressure on the MIC tank
pressure gauges thought the poorly maintained gauges were giving false readings.
Although the are tower was designed to are off any vented vapors from the plant,
it did not function properly. At the time of the accident, Union Carbide could not
provide specic details of the effects of MIC and the immediate treatment required
for those exposed. The company had no emergency response plan in place. The plant
management team, all of whom were Indian nationals, was sentenced to two years
in jail, and the CEO of UC Corporation ed the country after being released on bail
(K arasek 2014).
The most notable positive legacy from Bhopal was the widespread adoption
of process safety as a professional engineering discipline, and as a requirement
14 Laboratory Biorisk Management
throughout the chemical industry worldwide. In 1988, the American Chemistry
Council started to implement a program originally developed in Canada called
Responsible Care to reduce the potential chemical risks to workers and the environ-
ment. Three years later the International Council of Chemical Trade Associations
(ICCTA) was founded, with one of its principal objectives being the promotion of
Responsible Care practices worldwide. The Responsible Care program now extends
to 47 countries, corresponding to 85% of the world’s chemical producers. In 1990,
with the passage of the Clean Air Act Amendments, the US Occupational Safety
and Health Administration (OSHA) was directed to create and enforce the “Process
Safety Management of Highly Hazardous Chemicals” (PSM). This PSM standard is
a comprehensive program that integrates technologies, procedures, and management
practices (Manaan et al. 2005).
chernobyL nucLeAr power pLAnt, 1986
On April 26, 1986, a sudden power output surge occurred during an unauthorized
systems test at the Chernobyl Nuclear Power Plant near the town of Pripyat, Ukraine
(then part of the Soviet Union). During an attempted emergency shutdown, the reactor
vessel ruptured, a radioactive re began, and a plume of radioactive fallout was sent
into the atmosphere. The plume of primarily iodine and cesium radionuclides drifted
over large parts of the western Soviet Union and much of Europe. Approximately
150,000 square kilometers were contaminated, affecting more than 5 million people
in Belarus, Russia, and Ukraine. It is estimated that over 330,000 people were evacu-
ated and resettled from the most severely contaminated areas. About 240,000 workers
took part in the recovery, operating within the 30-kilometer zone surrounding the
reactor that is now uninhabited. More than 30 reactor staff and emergency workers
immediately died from the radiation exposure, and as many as 4,000 people ulti-
mately died from the accident (International Atomic Energy Agency 2006).
The Chernobyl accident was the result of a awed reactor design that was oper-
ated with inadequately trained personnel and the absence of any safety culture.
The design of the plant placed a heavy dependence on adherence to administrative
controls and procedures for safe operation. However, there was very little training
of the plant operators on what these administrative and procedural controls were,
and the safety implications for failing to implement these controls (International
Nuclear Safety Advisory Group 1992; Engineering Failures 2009).
Following the Chernobyl disaster, signicant safety design modications were
made to all nuclear reactors similar in type to those operating in Chernobyl.
Automatic shutdown mechanisms now operated faster, and other safety mechanisms
were improved. Automated inspection equipment was also installed. In addition,
safety training for reactor workers dramatically increased, as well as a heightened
focus on operational and management systems and regulatory oversight. The US
nuclear industry instigated a self- policing agency called the Institute of Nuclear
Power Operations with a mission of promoting the “highest level of safety and reli-
ability” (Karasek 2014). In addition, the US Nuclear Regulatory Commission began
15Introduction
evaluating the role of risk assessment, management systems, and performance- based
indicators and regulatory frameworks (Walker and Wellock 2010).
piper ALphA oiL pLAtforM, 1988
On July6, 1988, a gas explosion occurred on the Piper Alpha Oil Production Platform,
operated by the Occidental Group and located 120 miles northeast of Aberdeen,
Scotland, in the North Sea. In 22 minutes, the subsequent re killed 167 of the 228
people on board the oil platform. The Piper Alpha extracted oil from beneath the
ocean oor, and processed natural gas. It served as a hub, connecting the gas lines
of two other Piper eld platforms. At the time of the accident, Piper Alpha exported
just under 120,000 barrels of oil and approximately 33 million standard cubic feet of
gas per day (National Aeronautics and Space Administration 2013).
On the day of the accident, a worker removed the pressure safety valve on the
Piper Alpha’s Pump A during routine maintenance and replaced it with a round
metal plate—called a blind ange. Since he was not able to nish the maintenance,
he completed a form stating that Pump A was not ready for operation and should
not be activated. During a subsequent shift later that night, Pump B failed, halting
all offshore production unless Pump A could be restarted. Unable to nd the mainte-
nance documentation, and believing that Pump A was safe to use, workers activated
Pump A, which caused a high- pressure gas leak and explosion. Gas production from
the two other Piper eld platforms was not shut down, providing continuous fuel to
a massive re on Piper Alpha (Karasek 2014).
The escape of gas from Pump A sparked the initial explosion, but the fateful deci-
sion to activate Pump A was caused by the absence of a reliable process to ensure
that workers documented and communicated from shift to shift the maintenance sta-
tus and operability of technical systems. Moreover, the absence of blast walls on the
Piper Alpha platform and the failure to shut down oil and gas supplies from the two
other Piper eld platforms prevented any containment of the initial re and fueled a
much larger conagration (Scott 2011).
The ofcial investigation of the disaster, known as the Lord Cullen Report
(Cullen 1990), resulted in 106 recommendations for changes to North Sea safety
procedures—all of which were accepted by the industry, including the formation of
a new UK government organization, the Health and Safety Executive (HSE). In a
speech commemorating the 25th anniversary of the tragedy, Lord Cullen said, “I dis-
covered it was not just a matter of technical or human failure. As is often the case,
such failures are indicators of underlying weaknesses in management of safety” (Oil
and Gas Industry Association 2013). In addition to many technical and infrastructure
failures, training, monitoring, and auditing had been poor, the lessons from a previ-
ous relevant accident had not been learned, and evacuation procedures had not been
practiced. Perhaps most importantly, Occidental had not conducted a risk assessment
of the major hazards, and determined how to control them. According to Cullen,
“The quality of management safety is fundamental and that depends critically on
effective safe leadership at all levels and the commitment of the whole workforce to
give priority to safety” (Harris 2013).
16 Laboratory Biorisk Management
texAS city refinery, 2005
On March23, 2005, an explosion and re occurred at BP Products North America,
owned and operated by Texas City Renery, killing 15 and injuring 180 people, and
resulting in nancial losses exceeding $1.5 billion. The Texas City Renery was the
third largest oil renery in the United States, with an input capacity of 437,000 bar-
rels per day as of January 2000 (Wikipedia 2014).
The incident occurred after a release of a ammable liquid geyser from a blow-
down stack that was not equipped with a are, leading to an explosion and re.
According to BP’s own accident investigation report, the cause of the accident was
“heavier- than- air hydrocarbon vapors combusting after coming into contact with an
ignition source, probably a running vehicle engine” (British Petroleum 2005).
According to the US Chemical Safety and Hazard Investigative Board, the disas-
ter was caused by both technical mistakes and failures as well as “organizational
and safety deciencies at all levels of the BP Corporation.” In particular, the BP
Board of Directors did not provide effective oversight of the company’s safety cul-
ture and major accident prevention programs; the plant management mistakenly
believed that a low personal injury rate was an accurate indicator of process safety
performance; the mechanical integrity program resulted in a “run to failure” of pro-
cess equipment; the safety policy and procedural requirements were operated with
a “check the box” mentality; the plant lacked a safety reporting and learning cul-
ture; and safety campaigns and goals focused on improving personal safety metrics
rather than process safety and management safety systems (US Chemical Safety and
Hazard Investigation Board 2007).
BP subsequently commissioned an independent report to evaluate BP’s corporate
safety management systems, safety culture, and oversight of the North American
reneries. Known as the Baker Panel Report, it found that an “apparent complacency
toward serious process safety risk existed at each renery,” and BP’s corporate safety
management system “does not ensure adequate identication and rigorous analysis of
risks” and “does not effectively measure and monitor process safety performance.”
The rst two recommendations in the report included providing “process safety
leadership” at the highest levels of BP executive management, and establishing and
implementing an “integrated and comprehensive process safety management system”
(Baker et al. 2007).
fukuShiMA nucLeAr power pLAnt, 2011
On March11, 2011, a magnitude 9.0 earthquake struck the eastern coast of Japan,
triggering a tsunami that ooded 560 square kilometers along the coast under sev-
eral meters of water. The earthquake caused the failure of the safety systems at
the Fukushima Daiichi Nuclear Power Plant, owned and operated by the Tokyo
Electric Power Company (TEPCO). The resulting release of radioactive material
was eventually declared a Level 7 “severe accident” by the International Nuclear
Event Scale—one of only two Level 7 incidents in history. Experts estimate that
900,000 terabecquerels of radioactive material were released during the disas-
ter (Reuters 2012). One hundred sixty thousand people were evacuated from the
17Introduction
are