Life Sciences Horizons Brochure 2025 - Flipbook - Page 35
34
2025 Horizons Life Sciences and Health Care
Navigating evolving U.S. national security laws: Implications for
biologics companies
With the growing emphasis on reducing U.S.
reliance on and threats from foreign adversaries,
pharmaceutical companies must navigate evolving
laws and policies designed to protect national security
by prescribing the role of certain foreign companies in
the U.S. biotech industry and by safeguarding the data
of U.S. persons from weaponization by countries
of concern. This is particularly important in sectors
like biotechnology and genomics, where sensitive
personal data are at risk. As the U.S. government
seeks to impose new statutory, regulatory, and policy
mandates aimed at these objectives, such as the
proposed BIOSECURE Act and the Department
of Justice (DOJ) final rule on data transfers,
pharmaceutical companies must ensure compliance
with increasingly strict laws and regulations.
Although the BIOSECURE Act did not pass in 2024, it remains
a strong possibility for future legislation. The Act would have
prohibited U.S. government contracts, loans, grants, and
subcontracts involving the "knowing use" of services from
companies of concern. By targeting companies perceived to be
advancing interests of foreign adversary regimes, BIOSECURE
aimed to reduce the risk of compromising national security
through foreign influence or data misuse of U.S. citizens’ data.
Also this past year, the DOJ finalized its rule to restrict
transactions involving sensitive U.S. personal and genomic data,
including biospecimens from which genomic data can be derived.
The rule also establishes bulk data thresholds, including
transactions involving bulk human genomic, epigenomic,
proteomic, or transcriptomic data. While the rule includes certain
exemptions, involving regulated clinical trials, biospecimens
intended to be manufacturing into finished medical products, and
requirements associated with obtaining and maintaining
regulatory approval, these exemptions may not cover all necessary
data transfers or vendor agreements.
Pharmaceutical companies should proactively assess vendor
agreements, supply chain dependencies, and data management
practices to mitigate the risk of disruption from such national
security laws and mandates. It is essential to review the
destinations of products containing human genomic data and
ensure the data are pseudonymized or de-identified as required.
Companies should also implement ongoing policies, controls, and
audits while strengthening due diligence processes to manage
risks from these new regulatory frameworks. Changes in contract
manufacturing and research organizations may require
supplemental regulatory submissions to FDA. Adapting to
emerging U.S. national security laws will be critical for mitigating
legal and regulatory risks, maintaining supply chain stability, and
ensuring compliance with evolving requirements.
Michael Druckman
Partner
Washington, D.C.
Ashley Grey
Associate
Washington, D.C.
