Wisconsin Legislature: DHS 157.9704(2)(e)

(3) Procedures for processing of fingerprint checks.

(a) To comply with this subchapter, a licensee shall submit all of the following to the NRC:

1. One completed, legible standard fingerprint card.

2. An electronic fingerprint scan or, where practicable, other fingerprint record for each individual requiring unescorted access to category 1 or category 2 quantities of radioactive material.

Note: Materials shall be submitted to : U.S. Nuclear Regulatory Commission, Director, Division of Physical and Cyber Security Policy, ATTN: Criminal History Program/Mail Stop T-07D04M, 11545 Rockville Pike, Rockville, Maryland 20852. The standard fingerprint card, Form FD–258, ORIMDNRCOOOZ), may be obtained by emailing MAILSVS.Resource@nrc.gov. Guidance on submitting electronic fingerprints can be found at https://www.nrc.gov/security/chp.html.

(b) Fees for the processing of fingerprint checks are due upon application. The licensee shall submit payment with the application for the processing of fingerprints through corporate check, certified check, cashier’s check, money order, or electronic payment, made payable to “U.S. NRC.”

Note: For guidance on making electronic payments, contact the Division of Physical and Cyber Security Policy by emailing Crimhist.Resource@nrc.gov. Combined payment for multiple applications is acceptable. The nuclear regulatory commission publishes the amount of the fingerprint check application fee on the NRC’s public website. To find the current fee amount, visit https://www.nrc.gov/security/chp.html, and follow the link titled “How do I determine how much to pay for the request?”

(c) The nuclear regulatory commission will forward to the submitting licensee all data received from the FBI as a result of a licensee’s application for criminal history records checks.

History: CR 16-078: cr. Register January 2018 No. 745, eff. 2-1-18; renumbered from DHS 157.103 under s. 13.92 (4) (b) 1., Stats., and correction in (1) (a), (d) made under s. 13.92 (4) (b) 7., Stats., Register January 2018 No. 745; CR 22-015: r. and recr. (3) Register June 2023 No. 810, eff. 7-1-23.

DHS 157.9704 Relief from fingerprinting, identification, and criminal history records checks and other elements of background investigation.

(1) Fingerprinting, and the identification and criminal history records checks required by section 149 of the Atomic Energy Act of 1954, as amended, and other elements of the background investigation are not required for the following individuals before granting unescorted access to category 1 or category 2 quantities of radioactive materials:

(a) An employee of the commission or of the executive branch of the U.S. government who has undergone fingerprinting for a prior U.S. government criminal history records check.

(b) A member of Congress.

(c) An employee of a member of Congress or congressional committee who has undergone fingerprinting for a prior U.S. government criminal history records check.

(d) The Governor of a state or his or her designated state employee representative.

(e) Federal, state, or local law enforcement personnel.

(f) State radiation control program directors and state homeland security advisors or their designated state employee representatives.

(g) Agreement state employees conducting security inspections on behalf of the NRC under an agreement executed under section 274.i. of the Atomic Energy Act.

(h) Representatives of the International Atomic Energy Agency (IAEA) engaged in activities associated with the U.S. IAEA Safeguards Agreement who have been certified by the NRC.

(i) Emergency response personnel who are responding to an emergency.

(j) Commercial vehicle drivers for road shipments of category 1 and category 2 quantities of radioactive material.

(k) Package handlers at transportation facilities such as freight terminals and railroad yards.

(L) Any individual who has an active federal security clearance, provided that he or she makes available to the licensee the appropriate documentation. Written confirmation from the agency or employer or both that granted the federal security clearance or reviewed the criminal history records check shall be provided to a licensee. The licensee shall retain documentation of an individual’s federal security clearance and written confirmation from the agency, employer, or both that granted the federal security clearance or reviewed the criminal history records check for 3 years from the date the individual no longer requires unescorted access to category 1 or category 2 quantities of radioactive material.

(m) Any individual employed by a service provider licensee for which the service provider licensee has conducted the background investigation for the individual and approved the individual for unescorted access to category 1 or category 2 quantities of radioactive material. The service provider license shall provide written verification to the licensee. The licensee shall retain the documentation of the written verification for 3 years from the date the individual no longer requires unescorted access to category 1 or category 2 quantities of radioactive material.

(2) Fingerprinting, and the identification and criminal history records checks required by section 149 of the Atomic Energy Act of 1954, as amended, are not required for an individual who has had a favorably adjudicated U.S. Government criminal history records check within the last 5 years, under a comparable U.S. Government program involving fingerprinting and a FBI identification and criminal history records check provided that he or she makes available the appropriate documentation. Written confirmation from the agency or employer or both that reviewed the criminal history records check shall be provided to the licensee. A licensee shall retain the provided documentation for 3 years from the date the individual no longer requires unescorted access to category 1 or category 2 quantities of radioactive material. These programs include, but are not limited to the following:

(a) National Agency Check.

(b) Transportation Worker Identification Credentials (TWIC) under 49 CFR 1572.

(d) Health and Human Services security risk assessments for possession and use of select agents and toxins under 42 CFR 73.

(e) Hazardous Material security threat assessment for hazardous material endorsement to commercial driver’s license under 49 CFR 1572.

(f) Customs and Border Protection’s Free and Secure Trade (FAST) Program.

History: CR 16-078: cr. Register January 2018 No. 745, eff. 2-1-18; renumbered from DHS 157.104 under s. 13.92 (4) (b) 1., Stats., Register January 2018 No. 745.

DHS 157.9705 Protection of information.

(1) Any licensee who obtains background investigation information on an individual under this subchapter shall establish and maintain a system of files and written procedures for protection of the record and the personal information from unauthorized disclosure.

(2) A licensee may not disclose the background investigation record or personal history information collected and maintained to persons other than the subject individual, the individual’s representative, or to persons who need access to the information in order to perform assigned duties in the process of granting or denying unescorted access to category 1 or category 2 quantities of radioactive material, safeguards information, or safeguards information-modified handling. No individual authorized to have access to the information may disseminate the information to any other individual who does not have a need to know.

(3) The personal information obtained on an individual from a background investigation may be provided to another licensee under the following conditions:

(a) Upon the individual’s written request to a licensee holding the data to disseminate the information contained in the individual’s file.

(b) The recipient licensee verifies information such as name, date of birth, social security number, gender, and other applicable physical characteristics.

(4) The licensee shall make background investigation records obtained under this subchapter available for examination by the department.

(5) The licensee shall retain all fingerprint and criminal history records received from the FBI, including data indicating no record, , or a copy of these records if the individual’s file has been transferred, for 3 years from the date the individual no longer requires unescorted access to category 1 or category 2 quantities of radioactive material.

History: CR 16-078: cr. Register January 2018 No. 745, eff. 2-1-18; renumbered from DHS 157.105 under s. 13.92 (4) (b) 1., Stats., Register January 2018 No. 745.

DHS 157.9706 Access authorization program review.

(1) Each licensee shall be responsible for the continuing effectiveness of its access authorization program. Each licensee shall ensure that its access authorization program is reviewed for compliance with the requirements of this subchapter and that comprehensive actions are taken to correct any noncompliance that is identified. The licensee shall evaluate all program performance objectives and requirements. Each licensee shall periodically, and at least annually, at intervals not to exceed 13 months, review its access authorization program content and implementation.

(2) The licensee shall document the results of its access authorization program review and any recommendations. Documentation of the review shall identify conditions that are adverse to the proper performance of the access authorization program, the cause of the conditions, and, when appropriate, recommended corrective actions, and corrective actions taken. A licensee shall review the results of its access authorization program review and take any additional corrective actions necessary to preclude repetition of the condition, including additional review.

(3) The licensee shall maintain it access authorization program review records for 3 years.

History: CR 16-078: cr. Register January 2018 No. 745, eff. 2-1-18; renumbered from DHS 157.106 under s. 13.92 (4) (b) 1., Stats., Register January 2018 No. 745; CR 22-015: am. (1) Register June 2023 No. 810, eff. 7-1-23.

DHS 157.9707 Security program.

(1) Applicability.

(a) Any licensee that possesses a category 1 or category 2 quantity of radioactive material shall establish, implement, and maintain a security program under the requirements of this subchapter.

(b) An applicant for a new license and any licensee that would become newly subject to the requirements of this subchapter upon application for amendment of its license shall implement the applicable requirements of this subchapter and be inspected by the department, before taking possession of a category 1 or category 2 quantity of radioactive material.

(c) Any licensee that has not previously implemented the physical protection license condition requirements or been subject to ss. DHS 157.9707 to 157.9715 shall provide written notification to the department at least 90 days before aggregating radioactive material to a quantity that equals or exceeds the category 2 threshold.

(2) General performance objective. . Each licensee shall establish, implement, and maintain a security program that is designed to monitor and immediately detect, assess, and respond to an actual or attempted unauthorized access to category 1 or category 2 quantities of radioactive material.

(3) Program features. Each licensee’s security program shall comply with ss. DHS 157.9708 to 157.9714, as applicable.

History: CR 16-078: cr. Register January 2018 No. 745, eff. 2-1-18; renumbered from DHS 157.107 under s. 13.92 (4) (b) 1., Stats., and correction in (1) (c), (3) made under s. 13.92 (4) (b) 7., Stats., Register January 2018 No. 745.

DHS 157.9708 General security program requirements.

(1) Security plan.

(a) Any licensee identified in s. DHS 157.9707 (1) shall develop a written security plan specific to its facilities and operations specifying the overall security strategy that ensures the integrated and effective functioning of the security program required by this subchapter. At a minimum, the security plan shall:

1. Describe the measures and strategies used to implement the requirements of this subchapter.

2. Identify the security resources, equipment, and technology used to satisfy the requirements of this subchapter.

(b) The security plan shall be reviewed and approved by the individual with overall responsibility for the security program.

(c) A licensee shall revise its security plan as necessary to ensure the department’s requirements are effectively implemented. A licensee shall ensure all of the following:

1. The revision to the security plan has been reviewed and approved by the individual with overall responsibility for the security program.

2. Individuals affected by the revised security plan are notified and given instruction about changes to the plan before they are implemented.

(d) A licensee shall retain a copy of the current security plan as a record for 3 years after the security plan is no longer required. A licensee shall retain a record of any superseded portion of the security plan for 3 years after it is superseded.

(2) Implementing procedures.

(a) A licensee shall develop and maintain written procedures that document how the requirements of this subchapter and the security plan will be implemented.

(b) The implementing procedures and revisions to these procedures shall be approved in writing by the individual with overall responsibility for the security program.

(c) A licensee shall retain a copy of the current implementing procedures as a record for 3 years after they are no longer required. A licensee shall retain a record of any superseded portion of the implementing procedures for 3 years after they are superseded.

(3) Training.

(a) A licensee shall conduct training to ensure that individuals implementing the security program possess and maintain the knowledge, skills, and abilities required to carry out their assigned duties and responsibilities effectively. The training shall include instruction in all of the following:

1. The licensee’s security program, implementing procedures, and the purposes and functions of the security measures employed to secure category 1 or category 2 quantities of radioactive material.

2. The responsibility to report promptly to the licensee any condition that causes or may cause a violation of the department’s requirements.

3. The responsibility of the licensee to report promptly to the LLEA and licensee any actual or attempted theft, sabotage, or diversion of category 1 or category 2 quantities of radioactive material.

4. The appropriate response to security alarms.

(b) In determining those individuals who will be trained on the security program, a licensee shall consider each individual’s assigned activities during authorized use and response to potential situations involving actual or attempted theft, diversion, or sabotage of category 1 or category 2 quantities of radioactive material. The extent of the training provided to an individual shall be commensurate with the individual’s potential involvement in the security of category 1 or category 2 quantities of radioactive material.

(c) Refresher training shall be provided at a frequency not to exceed 12 months and when significant changes have been made to the security program. Refresher training shall include all of the following:

1. Review of the training requirements under sub. (3) and any changes made to the security program since the last training.

2. Reports on any relevant security issues, problems, and lessons learned.

3. Relevant results of the department’s inspections.

4. Relevant results of the licensee’s program review and testing and maintenance.

(d) A licensee shall maintain records of the initial and refresher training for 3 years from the date of the training. The training records shall include dates of the training, topics covered, a list of licensee personnel in attendance, and related information.

(4) Protection of information.

(a) A licensee authorized to possess category 1 or category 2 quantities of radioactive material shall limit access to and unauthorized disclosure of their security plan, implementing procedures, and the list of individuals that have been approved for unescorted access.

(b) Efforts to limit access shall include the development, implementation, and maintenance of written policies and procedures for controlling access to, and for proper handling and protection against unauthorized disclosure of, the security plan, implementing procedures, and the list of individuals that have been approved for unescorted access.

(c) Before granting an individual access to the security plan, implementing procedures, or the list of individuals that have been approved for unescorted access, a licensee shall do all of the following:

1. Evaluate an individual’s need to know the security plan, implementing procedures, or the list of individuals that have been approved for unescorted access.

2. If the individual has not been authorized for unescorted access to category 1 or category 2 quantities of radioactive material, safeguards information, or safeguards information-modified handling, the licensee shall complete a background investigation to determine the individual’s trustworthiness and reliability. A trustworthiness and reliability determination shall be conducted by the reviewing official and shall include the background investigation elements contained in s. DHS 157.9702 (1) (a) 2. to 6. and (b).

(d) A licensee need not subject any of the following individuals to the background investigation elements for protection of information:

1. The categories of individuals listed in s. DHS 157.9704 (1) (a) to (m).