1. Purpose
This Policy establishes the requirements for accessing Fermi National Accelerator Laboratory (Fermilab), which is managed and operated by Fermi Research Alliance, LLC (FRA). The Prime Contract between FRA and the Department of Energy (DOE) requires FRA to develop and maintain a program to comply with requirements in the Unclassified Foreign Visits and Assignments (UFVA) Program (DOE O 142.3A) and Safeguards and Security Program (SSP) (DOE O 470.4B) directives for Fermilab. This policy establishes FRA’s policy framework for physical and computing access to the Fermilab sites (Batavia, IL and/or all associated spaces leased by DOE for FRA use in Lead, SD), facilities, and resources (referred to in this policy as “Fermilab”).
2. Scope
This policy applies to everyone accessing the Fermilab site(s) and information. In cases of emergency, external emergency responders shall coordinate onsite arrival with the appropriate security and fire departments (e.g., Fermilab Security or Fire Departments at the campus).
3. Applicability
This policy applies to all of FRA, all its employees, users, visitors, subcontractors, and authorized guests to Fermilab.
4. Effective Date and Date Reviewed/Updated
This policy went into effect on May 1, 2017 and its update was effective on June 23, 2020.
5. Policy
a. Access to Fermilab is allowed in accordance with applicable federal and DOE laws, regulations, orders, requirement of the Management and Operations Contract, and FRA policies. Approval for physical and/or remote access shall be based on information submitted in advance and may include consideration of the purpose of access, the citizenship and security background of the individual, eligibility to be or work in the U.S., and aspects of their home-institution or other affiliations. Hosts of foreign nationals will be assigned as applicable by the FVA Office in coordination with the appropriate Division/Section/Project leadership. The nature of the approved work shall also determine the levels of access, review, or approval.
b. FRA provides site access control for business and general public purposes while maintaining responsibility to protect employees, visitors, government property, and the environment. Everyone entering the site, regardless of how they enter and regardless of their relationship with FRA or Fermilab (i.e. employee, user, visitor, member of the public, etc.) is required to follow all site signs, postings, and instructions of Security and other laboratory officers, as well as the Illinois Rules of the Road. FRA may deny access to Fermilab to individuals who do not possess the required documentation, training, qualification, and/or authorization. FVA verification and the Fermilab Policy on Export Control apply. Case-by-case exceptions from the Fermilab Site Security Plan may be made at the discretion of the Fermilab Director and FRA Chief Safety Officer. The FRA Chief Safety Officer will ensure that the DOE Fermi Site Office (FSO) is advised, and exceptions are documented. Access privileges are organized in six categories. All individuals accessing the Fermilab site are required to follow this policy.
1. Employees, subcontractors and users: FRA employees are required to follow the WDRS on-boarding process to obtain site-access privileges. Subcontractors and users who will be conducting work at or on Fermilab sites are required to provide valid government-issued identification and complete site access forms approval prior to performing work, accessing information, or conducting business.
2. Conference, workshop, and meeting (business) visitors: Access determinations for individuals attending conferences, workshops, or other business meetings at Fermilab will include consideration of the need for access to non-public areas, access after public hours, and the topics and nature of the visit.
3. Public visitors: Individuals on site for the sole purpose of attending Fermilab public tours or events; school visits; attending public lectures, performances, symposia, or colloquia; visiting Fermilab’s public exhibits in the Lederman Center or Wilson Hall; or visiting Fermilab’s outdoor areas are required to remain in public areas unless they are escorted by a trained escort.
4. Foreign Nationals: Individuals from around the globe who support the science and research mission in accordance with federal and DOE regulations are subject to approval.
5. Authorized Guests: Authorized guests are required to obtain approval and provide valid government-issued identification.
6. Federal Employees: Non-FSO personnel on official business are permitted to use their HSPD-12 identification to gain visitor access to the site; however, for additional privileges they must coordinate with the DOE FSO prior to accessing the Fermilab site.
c. Remote Access: Non-badged individuals requesting only remote access to Fermilab resources are required to follow the process for remote access referenced on the Global Services webpage.
6. Definitions
Affiliation: The basis of the relationship between an access requestor and Fermilab. Examples include participation or membership in approved Fermilab experiments, projects, collaborations, approved joint-work activities, or organizations.
Affiliation Approver/Computing Validator: An FRA-approved individual (e.g., spokesperson) who is accountable for verifying the identity and information of an individual requesting access (physical and/or remote) prior to approving Fermilab access. Approvers are required to develop and follow their experiment, project, or division/section approver verification process.
Authorized Guest: An individual who does not have business with the laboratory but is approved to access select Fermilab facilities, such as the Fermilab Children’s Center, Fermilab Village Housing, or Recreation Center.
Business Visitor: An individual who has business with Fermilab that can be achieved in less than one week while being escorted when in non-public access areas. Business visitors do not require training or a Fermilab ID badge, and do not receive payments or reimbursements using DOE funds. This includes but is not limited to:
1. Individuals meeting with researchers, attending collaboration meetings, or participating in reviews.
2. Individuals attending Fermilab/DOE sponsored events such as conferences, seminars, workshops, etc., which are held in general access area of the Laboratory.
3. Individuals attending directorate-approved meetings or tours, such as VIP, Government officials/representatives, etc., which are held in both general and non-public access areas of the Laboratory.
4. Delivery personal/vendors making deliveries to Fermilab or to construction/special projects., and business visitors coming to the lab for meetings for procurement discussions or similar meetings.
DOE FSO Site Office Manager is the person responsible for approving the SSP and explicitly accepts any residual risk involved in operations. The FSO Manager serves as the approval authority for UFVA activities and programs and may curtail or suspend operations when continued operations would result in an unacceptable risk to the national security and/or to the health and safety of DOE and contractor employees, the public, or the environment.
Employee: An individual who is employed by FRA.
Escort: A trained individual who is accountable for the daily activities of a visitor for the duration of a planned visit. Escorts are required to accompany any persons at the lab who are accessing non-public areas and do not have a Fermilab badge.
Export/Import Control Compliance Manager: An FRA-designated employee responsible for export control verification of foreign nationals that are invited to or request access to Fermilab sites or its technology.
Export Control Verification: The review, screening, obtaining of any necessary United States government export authorizations, and approval of exports or releases of information or technology subject to United Sates export control laws and regulations, including export controls administered by the Department of Commerce via the Export Administration Regulations (EAR), the Department of State via the International Traffic in Arms Regulations (ITAR), the Office of Foreign Assets Control (OFAC) via its regulations, and DOE via its policies, orders, and other regulations.
Federal Employee: Employee of the U.S. government. A fulltime federal presence is maintained by the DOE FSO.
Foreign National: An individual who is not a U.S. citizen or certain class of protected persons (e.g., refugees and asylees).
Host of Foreign National: FRA employee approved by the appropriate Division/Section/Project to be responsible for the activities and conduct associated with the successful visit or assignment of a foreign national accessing the Fermilab site or resources.
Non-Proprietary User Agreements (NPUA)/Agreements: Written agreements between institutions and FRA using a DOE-approved template which addresses liability and accountability for accessing Fermilab-associated resources commonly associated with a DOE-approved scientific user facility at the lab.
Non-Public Areas: Areas that are designated restricted from public access by the Fermilab Site Security Plan. Such non-public areas include but are not limited to Property Protection Areas (PPAs) and Areas of Security Interest (ASI).
Officially Designated Federal Security Authority (ODFSA) are Federal employees who possess the appropriate knowledge and responsibilities for each situation to which they are assigned through delegation. Delegation of authority for these positions is originated according to direction from the accountable Program Secretarial Officer (or the Secretary or Deputy Secretary for Departmental Elements not organized under a Program Secretarial Office), who also provides direction for which of the ODFSA positions may be further delegated. Each delegation must be documented in writing. It may be included in other security plans or documentation approved by or according to direction from the accountable principal. Each delegator remains responsible for the delegatee’s acts or omissions in carrying out the purpose of the delegation
Point of Contact (POC): FRA employee or user responsible for confirming an individual's affiliation with Fermilab and home institution.
Public Areas: Areas designated for public access by the Fermilab Site Security Plan.
Public Visitor: An individual who has no business with Fermilab and is restricted to designated public access areas during public access hours. Public visitors are on site for the sole purpose of attending Fermilab public tours or events; school visits; attending public lectures, performances, symposia, or colloquia; visiting Fermilab’s public exhibits in the Lederman Center or Wilson Hall; or visiting Fermilab’s outdoor areas.
Safety & Security Interface Working Group: An internal FRA group responsible for coordinating and integrating safeguard and security policies, activities, and operational procedures. This group is chaired by the Chief Operating Officer.
Subcontractor: An individual who accesses Fermilab facilities and resources working via a Procurement-managed subcontract with FRA. Subcontractors require subcontractor training to perform work, and a Fermilab ID badge. Subcontractors include individuals who consults on behalf of the Laboratory.
User: An individual who accesses Fermilab facilities and resources for the purpose of advancing the scientific mission of the Laboratory and whose work generally requires unescorted and/or after-hours access to non-public access areas (DOE-Approved User Facilities and/or non-User Facility resources). Users require safety training to perform work, and a Fermilab ID badge and/or access to Fermilab networks or systems. Users can receive payments or reimbursements from Fermilab, which include individuals participating in reviews or committee meetings. There are two types of users:
1. DOE Users: Individuals who access Fermilab’s DOE-approved scientific user facilities. DOE users are required to have a NPUA or other agreement.
2. Fermilab Users: Individuals who accesses one or more Fermilab resources that are not designated by DOE as scientific user facilities.
7. Responsibilities
Fermilab Director is responsible for all programs related to this policy.
FRA Chiefs, Division, and Section Heads and Project Directors are responsible for ensuring that all requirements highlighted in this policy are effectively and consistently implemented and communicated with full adherence within their organizations. They are also responsible for ensuring that individuals invited to visit the Fermilab site or its associated resources are related to their organization’s activities and comply with this policy.
FRA Chief Operating Officer is responsible for ensuring that this policy is current and that there is effective and consistent implementation and adherence to the requirements highlighted in this policy across Fermilab.
FRA Chief Safety Officer is responsible for review, update, and submission of Fermilab's SSP and policies.
FRA Employees, Fermilab Users, Visitors, Authorized Guests, Subcontractors, and Employees of DOE-FSO are responsible for:
a. Adhering to this policy and supporting all processes associated with this policy.
b. Ensuring that when organizing events or meetings with external participants, all visitors and users who attend are made fully aware of requirements highlighted in this policy.
c. Ensuring that when organizing events or meetings with external participants, they provide notification to the Directorate FVA Office of any individual that has citizenship outside of the U.S., and all visitors and users who attend are made fully aware of requirements highlighted in this policy
d. All Fermilab badge holders are required to complete Fermilab Escort training.
FRA Facility Security Officer is responsible for the day-to-day implementation of the SSP and policies.
FRA FVA Office is responsible (in conjunction with the Global Services Department) for all UFVA requirements as they relate to this policy; obtaining access approvals for all individuals who have origins or citizenship outside of the U.S. who are invited to Fermilab or express desire to access/visit Fermilab (or its associated resources); and approving new foreign national hosts and ensuring training requirements are met.
8. Authorities
DOE O 142.3 – Unclassified Foreign Visits and Assignments Program
DOE O 205.1 Department of Energy Cyber Security Management Program
DOE O 470.4 Safeguards and Security Program
FESHM Chapter 2070 – Environmental, Safety, Health & Quality Training
Fermilab Policy on Export Control
Fermilab Site Security Plan (Authorized Access Only)
Fermilab Emergency Management Policy
9. Owner
The Chief Operating Officer is the owner of this policy.
10. Review Cycle
This policy shall be reviewed every three years or more frequently, as needed.
11. Communication Plan
The requirements of this policy shall be made public by the Chief Operating Officer and provided to all Chiefs/Division Heads/Section Heads/Project Directors. This policy shall be available online in the Fermilab policy database.