MEMORANDUM OF UNDERSTANDING BETWEEN THE
FOOD AND DRUG ADMINISTRATION
AND THE CENTERS FOR DISEASE CONTROL AND PREVENTION
This Memorandum of Understanding (MOU) between the Food and Drug Administration (FDA) and the Centers for Disease Control and Prevention (CDC) provides a framework for coordination and collaborative efforts between these two agencies, which are both components of the Department of Health and Human Services. This MOU also provides the principles and procedures by which information exchanges between FDA and CDC shall take place.
This memorandum supersedes MOU 225-09-0002 between the Centers for Disease Control and the Food and Drug Administration, dated June 25, 2009, regarding the exchange of Information and coordination of actions.
FDA and CDC are sister agencies within the Department of Health and Human Services. Both FDA and CDC exist and work to protect the public health but have different statuary mandates and responsibilities.
FDA is a regulatory agency responsible for protecting the public health through the regulation of food, cosmetics, tobacco, and medical products, including drugs, biological products, animal drugs, and medical devices. FDA administers the Federal Food, Drug, and Cosmetic Act and relevant sections of the Public Health Service Act, among other statutes. Among its duties, FDA approves pre-market applications, conducts inspections of manufacturing facilities, and monitors post-marketing adverse events. FDA also initiates civil and criminal litigation to enforce applicable Laws and regulations.
CDC's mission is collaborating to create the expertise, information,and tools that people and communities need to protect their health through health promotion, prevention of disease, injury and disability, and preparedness for new health threats. CDC seeks to accomplish its mission by working with partners throughout the nation and the world to monitor health, detect and investigate health problems, conduct research to enhance prevention, develop and advocate sound public health policies, implement prevention strategies, promote healthy behaviors, foster safe and healthful environments, and provide leadership and training. CDC conducts its activities under the authority of the Public Health Service Act and several other federal statutes.
CDC's and FDA's respective missions to protect the public health may overlap in a variety of ways depending upon the subject matter. Each agency has a responsibility to work collaboratively to protect and improve public health. It may sometimes be the case that FDA or CDC will be in possession of information that could be useful to the other agency in that agency's performance of its responsibilities. Timely sharing of information between CDC and
FDA is therefore critical to protecting the public health.
III. SUBSTANCE OF AGREEMENT AND RESPONSIBILITIES OF EACH AGENCY
A. Coordinationand Collaboration Relative to Public HealthActivities
Itis mutuallyagreed that:
1. Each agency will coordinateand collaborate with the other agency to protectand improve the public health. To achieve this, each agencywill utilize the expertise, resources,and relationshipsof the other agency in order to increase its own capability and readiness to respond to emergency situations. In addition, each agency will designate central contact points where communications from the other agency,dealing with matters covered by this agreement, should be referred.
2. Each agency will participatein periodic joint meetings to promote better communication and understanding of regulations, policies, and statutory responsibilities,and to serveas a forum for questionsand problems that may arise.
3. Each agencywill notify the other agencyas soon as possible whenissues of mutual concern become evident.
4. Each agency will collaborate with the other agencyin all investigations of mutual concern. Such collaboration may include providing alerts to theother agency when issues are identified; providing technical advice in areas of recognized expertise; providing results of analysis; coordinating health protection information and recommendations provided to the public; making available expert witnesses; and exchanging information as described in section III. B.
5. Each agency will consultnwith the other before issuing press or scientific releases or publications that may have a significant impact on the other agency.
6. Each agency will refer its proposed regulations, guidances, or recommendations that may have a significant impact on the other agency for review and comment by that agency before publication.
7. This agreement does not preclude CDC or FDA from entering into other agreements which may set forth procedures for special programs which can be handled more efficiently and expertly by other agreements.
B. Principles and Procedures for the Exchangeof information that is not publically available FDA and CDC agree that the following principles and procedures will govern the exchange of nonpublic information between the two agencies. Although there is no legal requirement that FDA and CDC exchange information in all cases, FDA and CDC agree that there should be a presumption in favor of full and free sharing of information between FDA and CDC. As sister public health agencies within the Department of Health and Human Services, there are no legal prohibitions that preclude FDA or CDC from sharing with each other most agency records in the possession of either agency. Both agencies recognize and acknowledge, however, that itis essential that any confidential information that is shared between FDA and CDC must be protected from unauthorized public disclosure. See e.g., 21 U.S.C. section 331 u;
18 U.S.C. section 1905; 21 C.P.R. Parts 20 and 21; 45 C.F.R. Parts 5and 5b, and 42 U.S.C. section 241(d). Safeguards are important to protect the interests of, among others, owners and submitters of trade secrets and confidential commercial information; patient identities and other personal privacy information; privileged and/or pre-decisional agency records; and information protected for national security reasons. Such safeguards also help ensure FDA's and CDC's compliance with applicable laws and regulations.
To facilitate the sharing of information with each other, it is necessary that FDA and CDC implement procedures to ensure, at a minimum, that such sharing of information is indeed appropriate and that the recipient agency appropriately guards the confidentiality of all nonpublic information received. There are separate procedures, as described below, for routine requests for information and for emergency requests. It is incumbent upon both agencies to respond to requests for information in a timely manner. Any unauthorized disclosure of shared confidential information by the agency receiving the information shall be the responsibility of that agency, so long as the agency providing such information conveys the confidential nature of the information to the receiving agency, in accordance with the terms of this MOU, or the receiving agency otherwise has knowledge that such information is confidential.
1. Routine Requests for Non-Public Information
a. The requesting agency must demonstrate, in writing, why it is necessary for it to obtain the requested information. The demonstration should consist of a summary that describes in detail the information requested (to facilitate identification of relevant records) and a brief statement of the purpose for which the information is needed. This request shall state which internal agency offices and/or individuals requested the information. A model request letter is attached.
b. The agency receiving the request for information shall, based upon the sufficiency of the need-to-know demonstration described in section III. B. 1. a. above, determine whether it is appropriate to share the requested information with the requesting agency. The need-to-know threshold is a low one. As stated above, there is a presumption in favor of information exchange between FDA and CDC. An agency should only decide not to share recommendations. It is assumed that each agency has implemented or will implement all data and information security requirements and has implemented or will implement, to the extent necessary and practicable all data and information security informationin response to a request if it has credible information and a reasonable belief that the requesting agency may not be able to comply with applicable laws or regulations governing the protection of non-public information or with principles or procedures set forth in the MOU. If an agency decides that it is not appropriate to share information with the requesting agency, it shall describe to the requesting agency the reasons for such decision.
c. The requesting agency agrees that it shall comply with the following conditions:
The requesting agency shall limit the disseminationof shared information it receivesto internal agency offices and/or individuals that have been identified in its written request and/or have a need-to-know. The agency official who signs the request letter will be responsible for ensuring that thereare no other recipientsof the information.
The requesting agency shall agree in writingnot to publicly disclose any shared infomation in any manner including publications and public meetings. If the requesting agency wishes to disclose shared information, including information that it believesis publicly releasable,it shall first requestand obtain the written permission of the agency that has shared the information. If the requesting agency receives a Freedom of Intormation Act (FOlA) request for the shared information, it will refer the request to the information-sharing agency for itto respond directly to the requestor regarding the releaseability of the information. In such cases, the agency making the referral will notify the requestor that a referral has been made and that a response will issue directly from the other agency.
The agency that shares information with the requesting agency shall include a transmittal letter, along with any agency records exchanged. The transmittal letter shall indicate the typeof information being shared (e.g. confidential commercial information, personal privacy, or pre-decisional). A model transmittal letter is attached.
The requesting agency shall promptly notify the appropriate office of the information-sharing agency when there is any attempt to obtain shared information by compulsory process, including but not limited to, a FOIA request, subpoena, discovery request, or litigation complaint or motion.
The requesting agency shall notify the information-sharing agency before complying with any judicial order that compels the release of such information so that the agencies may determine the appropriate measures to take, including where appropriate the filing of a motion or an appeal with the court.
2. Emergency Requests for Non-Public Information
In cases in which the requesting agency has a need to obtain certain informationas soon as possible due to emergency circumstances, such as an outbreak of illness, FDA and CDC may utilize the following procedures. These procedures are intended for use only in the case of an actual emergency situation and are not appropriate for routine requests for information.
a. The requesting agency shall indicate orally or in writing to the agency in possession of the relevant information that it has the need to obtain certain identifiable information as soon as possible due to the existence of emergency circumstances. The requesting agency shall also describe what the emergency circumstances are.
b. The requesting agency shall verbally agree to protect from unauthorized public disclosure any and all information that is shared, according to all applicable laws and regulations.
c. The existence of an actual emergency situation shall warrant, as determined by the agency in possessionof the requested records, the waiver of the need-to-know demonstration and determination described above in section Ill.
B. I. a. and B. I.
b. However, once the requesting agency has obtained the information it seeks,it shall comply with those proceduresset forth in section III. B. I. c. above.
IV. NAME AND ADDRESS OF PARTICIPATING PARTIES
A. Food and Drug Administration
Depa1imentof Health andHuman Services
10903 New HampshireAvenue
Silver Spring, Maryland 20993
B. Centers for Disease Control and Prevention
Departmentof Healthand HumanServices
1600 Clifton Road,NE Atlanta, Georgia 30333
V. LIAISON OFFICERS
A. Contact for FDA:
Ellen F. Morrison
Assistant Commissioner for Operations
Office of Regulatory Affairs
10903 New Hampshire Avenue
Silver Spring, MD 20993
Phone: (301) 796-8257
B. Contact for CDC:
Ron A.Otten, Ph.D.
Acting Deputy Associate Director for Science
Centers for Disease Control and Prevention
1600 Clifton Road, NE Atlanta, GA 30333
Phone: (404) 639-7220
VI. PERIOD OF AGREEMENT
This agreement becomeseffective upon signatureof both parties and will continue for 5 years. It may be modified by mutual consent or terminatedby either party upon 120 days written notice.
Model Request Letter
Model Transmittal Letter
APPROVED AND ACCEPTED BY THE U.S. FOOD AND DRUG ADMINISTRATION
Margaret A. Hamburg
Commissioner of Food and Drugs
June 13, 2014
APPROVED AND ACCEPTED BY THE CENTERS FOR DISEASE CONTROL AND PREVENTION
Thomas R. Frieden, M.D., M.P.H.
Director, Centers for Disease Control and
June 19, 2014
Reference: Formerly 225-03-8001; 225=00-8000, 225-06-8401 and 225-09-002
Model Language for Requests
The Centers for Disease Control and Prevention (CDC) has requested the following information fromthe Food and Drug Administration (FDA) for the following purposes: [Identify information and purpose]
CDC hereby requests the following information from FDA for the following purposes: [Identify information and purpose]
CDC agrees that itwill not publicly disclose any such information that FDA shares with it without prior written permission fromFDA and that it will comply with the principles and procedures set forth in the Memorandum of Understanding on information sharing between CDC and FDA. Applicable laws and regulations may prohibit the disclosure of such information. See e.g., 21 U.S.C. §33l(j);18 U.S.C. §1905, 21 C.P.R. Parts 20 and 21, 45 C.F.R. Parts 5 and 5b
and 42 U.S.C. §241(d).
CDC will limit dissemination of any shared information to the following CDC offices and/or employees: [Identify office(s) and/or employee(s)].
[Signature and Date by CDC official with requisite responsibility and authority.]