The safety breach at a government lab that may have exposed 84 workers to live anthrax centered on a pivotal lapse in procedure: researchers working with the bacteria waited 24 hours to be sure they had killed the pathogens, half the time required by a new scientific protocol.
The lab designed to handle extremely dangerous pathogens at the U.S. Centers for Disease Control and Prevention in Atlanta unknowingly sent live samples of anthrax to labs with fewer safeguards, where the exposure occurred. No one has died or fallen ill but dozens are being treated with a vaccine and powerful antibiotics to keep them from becoming sick.
The exposure incident is unprecedented in the history of American research on bioweapons and other deadly pathogens, prompting alarm among researchers who have already warned about the consequences of lax laboratory oversight globally. Scientists in and out of the CDC say the process of handling such bacteria and viruses must be improved.
Investigation of the safety lapses are underway, but an initial review of events at the first lab, called a biosafety level 3 facility (BSL-3) suggests that multiple procedures were violated, Reuters has learned.
Scientists at the CDC bioterror lab were preparing anthrax for two laboratories developing quicker methods to detect spores, such as those sent through the U.S. postal service in 2001 that killed five people.
The researchers were supposed to kill the anthrax, since the two other labs were not equipped to work with live bacteria.
The protocol for killing anthrax using a new chemical process required that they put the sample in an incubator, and wait at least 48 hours to check for signs of life.
Instead, the wait ended after 24 hours. They “didn’t see any new growth,” said Dr. Paul Meechan, director of the CDC’s environmental health and safety compliance office, said in an interview. “At that point, they assumed the material was safe.”
“We know that was a mistake,” said agency spokesman Tom Skinner. “What else, I don’t know.”
A week later, scientists in the same lab that prepared the original samples discovered live anthrax growing in lab dishes left in an incubator, kicking off a scramble to contain the exposure.
“If the protocol was already there, then there is really no excuse for it,” said Dr. Amesh Adalja, an infectious disease expert at the University of Pittsburgh Medical Center (UPMC). “The question goes down to personnel and why wasn’t protocol followed.”
The lapse was also noteworthy because the new method of using chemicals instead of radiation to kill the anthrax may not have been validated by rigorous testing to make sure it works.
“That’s also a problem,” Skinner said. “But the investigation we’re going through will tell us that.”
Because the chemical method is less studied, “it would have been prudent to handle the samples as if they were live organisms,” said Stephen Morse of the Columbia University Institutional Biosafety Committee and former program manager for biodefense at the Pentagon’s Defense Advanced Research Projects Agency (DARPA).
The breach likely involved more than one person: When one researcher is working with a microbe such as anthrax, a second person is required to observe. That is to both insure against any unintentional divergence from proper lab procedure and to detect intentional breaches, such as a worker trying to smuggle out a deadly agent.
Meechan repeatedly used a plural pronoun, “they,” describing more than one person’s involvement. The CDC has not identified the researcher or researchers involved.
The anthrax breach is already the subject of two investigations, one led internally by CDC and a second by the U.S. Department of Agriculture. At least two Congressional committees are monitoring developments to see if public hearings are warranted.
The lapse “is not an isolated incident, but instead is part of a continuing pattern of biosafety and biosecurity problems at the CDC,” said Richard Ebright, a molecular biologist and biodefense expert at Rutgers University who for years has raised concerns about biosafety labs.
“Audit after audit, and incident after incident, has documented biosafety and biosecurity training lapses, equipment failures, and procedural violations at the CDC.”
In 2012, for instance, the U.S. House Energy and Commerce Committee launched an investigation into safety lapses at CDC’s Building 18, where this month’s anthrax breach occurred. The labs there had chronic problems with airflow systems designed to contain infectious agents, the committee found. Labs are supposed to have lower pressure than outside rooms, so that air flows in when a door opens, as well as air filters to trap dangerous microbes. At least once, a failure of this safety system sent unfiltered air out into the corridor. No cases of infection were reported.
A 2010 report by the inspector general of the U.S. Department of Health and Human Services, CDC’s parent agency, found the Atlanta labs did not always restrict access properly to pathogens that threaten public health, compromising the “physical security” of the bacteria.
The inspector general also found that CDC did not always obtain “approval to transfer select agents or ensure that only approved individuals accepted delivery of select agents.”
Despite the breach, a dozen experts contacted by Reuters still spoke highly of CDC’s biosafety record. They say the lapse there may be a lesson that other top level labs are even more at risk.
“There are a lot of places where BSL-3 labs are not in very good shape,” said UPMC’s Dr. D.A. Henderson, who was acting director of the Office of Public Health Emergency Preparedness following the 2001 anthrax attacks.
“Clearly something needs to be altered,” said CDC spokesman Skinner.
One change could be to extend the strictest biosafety measures even to labs working with less-dangerous pathogens. If the labs receiving the anthrax had required researchers to wear more personal protective gear, such as a respirator, exposure would have been diminished.
“When people think they’re working with inactive agents, they still need to act with at least a grain of suspicion that the samples might not be inactivated,” said Morse.
“It’s a lot of hassle working in personal protection equipment,” he said, “but an incident like this tells us that even if you think something is inactivated or safe you should err on the side of caution.”
The two-person rule clearly didn’t work, either, and should be revised, said Lynn Klotz, a biosecurity expert at the Center for Arms Control and Non-Proliferation in Washington. “It’s very boring to observe what another person is doing and the second person can get sloppy,” he said.
Additional controls that use technology to back up human oversight could reduce the chances of the accidental or intentional release of anthrax or a more contagious microbe that could harm a much wider population if it left the lab.
“If this had been a highly contagious bird flu that they were working with instead of anthrax, I’d be scared to death,” Klotz said.