Published October 3, 2025, via Research News
The NIH has issued a new policy, effective October 24, 2025, to enhance security measures for all NIH-supported human biospecimens collected from U.S. persons. The policy aims to protect sensitive personal health data from misuse by foreign adversaries and is in line with the DOJ’s Final Rule Preventing Access to U.S. Sensitive Personal Data and Government-Related Data.
Applicability
The NIH Biospecimens Security Policy applies to all human clinical and research biospecimens obtained from U.S. persons – regardless of identifiability – if collected, stored, used, or distributed with ongoing or new NIH funding.
Requirements
Any entity (e.g., biorepository, institution, investigator) that holds NIH-supported biospecimens are prohibited from sharing them, directly or indirectly, with any institution or party located in a Country of Concern.
Limited exceptions exist, such as when sharing is mandated by federal law, specifically required for global health, needed in rare and compelling circumstances with unique capabilities abroad, or requested by the donor for personal medical purposes – all in compliance with federal law and participant consent.
If biospecimens are shared with an entity or individual located in a Country of Concern in accordance with one of the limited exceptions, documentation related to the sharing must be retained.
Questions
For questions about the applicability of this policy to any proposed transaction to share biospecimens, please contact Melanie Roewe, Associate Vice Chancellor, Research Administration (roewem@wustl.edu).