SSBA Newsletter Issue 21 - August 2013

Security Sensitive Biological Agents Regulatory Scheme Newsletter

Page last updated: 13 May 2014

SSBA Newsletter Issue 21 - August 2013 (PDF 250 KB)

New NHS Legislation

In late 2012 and  early 2013, changes were made to the National Health Security Act 2007 (NHS Act), the National Health Security Regulations 2008 (NHS Regulations) and the SSBA Standards.

The amendments to the NHS Act and NHS Regulations came into effect on 31 March 2013. The revised SSBA Standards came into effect on 20 June 2013.

A full explanation of the changes can be found in the new Fact Sheet 17 - Changes to the National Health Security Legislation.

Copies of the new legislation

Copies of the amended NHS Act and NHS Regulations can be found at ComLaw.

A copy of the new SSBA Standards and fact sheet can be found on the SSBA website.

DCS Passwords

The SSBA Regulatory Scheme has implemented changes to the Online Data Collection System (DCS) to allow for automatic password resets.

A new password can be requested through the DCS log on screen and the new password information will be sent to the email address of the Responsible Officer or Contact Officer. Reset passwords are a single use only and users will be prompted to create a new password for the facility.

New passwords at a minimum must:

  • be 7 or more characters long
  • have one uppercase and one lowercase character
  • have one numeric character
  • not contain any special characters
  • be different to the current password and different from the last 8 passwords

If the email of the person who receives the password notifications changes, please let DoHA know as soon as possible by contacting us at SSBA

Change of the Purpose for Handling

All changes to the purpose for handling an SSBA, as listed on the National Register of SSBAs, must be reported to DoHA. This is especially important where the purpose has been listed as ‘Research’.

All purposes listed as research are assessed prior to inclusion on the National Register to ensure that the research is responsible and legitimate under of the SSBA Regulatory Scheme.

If changes are made to the purpose for handling, including any changes to the research being conducted that may mean that the research no longer matches the description given to DoHA for assessment, a reassessment of the research to ensure it continues to meet the requirements of the scheme will be required.

Changes can be reported to DoHA via the Change of Purpose for Handling an SSBA form.

Authorised and Approved Persons Lists

Under the SSBA Standards, the Responsible Officer of a registered facility must develop and maintain lists of authorised and approved persons.

These lists must include details of:

  • the period of a persons authorisation or approval
  • the review date of the authorisation or approval
  • what the person is authorised or approved to do

Further details about the requirements for these lists can be found under clause 3.2 of the Standards.

Clause 3.2 of the SSBA Standards outlines the requirements for Responsible Officers.

Non-Registered Facility Inspections

Non-Registered Facility inspections focus on Parts 9 and 9A of the SSBA Standards, facility documentation and other SSBA Regulatory Scheme processes, such as reporting.

A Non-Registered Facility Inspection will involve a half-day physical inspection of the facility and a post inspection follow up.

Inspections comprise:

  • liaison with the Contact Officer
  • a physical inspection of the facility, including a review of paper-based records and discussions with relevant staff
  • a letter provided to the facility outlining the outcome of the inspection including any Corrective Action Requests
  • if required, a follow-up inspection that reviews paper-based evidence supplied by the facility

Post inspection

The entity may be required to provide further information following an inspection. Following provision of the findings to the relevant DoHA delegate, a letter of response will be sent to the facility outlining the outcome/s of the inspection and any Corrective Action Requests.

Unannounced Spot Checks

At least 24 hours notice will be provided to the facility to ensure security arrangements associated with inspectors being on site are met.

How the day will go

Below is an outline of how the inspection may go on the day the Inspectors visit the facility:

  • explanation of the inspection process
  • discussion of any problems experienced with the scheme
  • discussion of the SSBA Standards (Parts 9 and 9A)
  • sampling of records
  • inspection of facility (some inspections may not involve this)
  • review of findings (this discussion is undertaken by the inspectors alone)
  • presentation of preliminary findings of inspection
  • exit meeting

Annual and Biannual reports no longer required.

An amendment to the NHS Regulations removes the requirement for entities to report annually or biannually to DoHA. Changes to entity and facility details must now be reported within two business days of the event occurring.

A new form, Changes to Entity and Facility Details, will soon be available on the website and via the DCS to inform DoHA of any administrative changes. Until this form is available, entities can continue to change administrative details by filling in the relevant fields on the Regular Report (Annual and Bi-annual) form and submitting within two business day of the change in details.

Reminder - Submitting Reports

Under the SSBA Regulatory Scheme, it is mandatory that all reportable event reports are submitted to DoHA either via the Data Collection System or as a hard copy sent by registered post. Reports that are emailed or faxed to the SSBA Regulatory Scheme can not be accepted.

Contact Us


Email: SSBA

Phone: 02 6289 7477