On July 9, 2024, the White House Office of Science and Technology Policy (“OSTP”) issued highly anticipated final guidelines setting forth a framework under which academic research institutions must establish and operate formal research security programs (the “Final Guidelines”).1 These final guidelines will be critically important to research operations at universities, academic medical centers, and other research institutions, and will affect the daily operations of, for example, such institutional offices as information technology, privacy, sponsored research, international programs, in-house legal counsel, export controls, and faculty affairs. Specifically, the Final Guidelines establish a definition of “Covered Institution” and outline standardized requirements that institutions must adopt relating to (1) cybersecurity; (2) foreign travel security; (3) research security training; and (4) export control training.

We have prepared a timeline of the implementation deadlines set forth in the Final Guidelines at the end of this Alert. Click here to read.