Chapter 1301:18-7 | Testing Laboratory Certification

(A) Unless otherwise authorized by the division of cannabis control, each testing laboratory shall not engage in any activity authorized under this chapter until the division issues the testing laboratory a certificate of operation.

(B) The division shall not issue a provisional testing laboratory a certificate of operation unless and until the testing laboratory meets all requirements outlined under division 1301:18 of the Administrative Code.

(C) Each testing laboratory shall have twelve months from the date the testing laboratory is issued a provisional license pursuant to this chapter to obtain a certificate of operation.

(D) Upon receipt of its certificate of operation, a testing laboratory may engage in the following activities:

(1) Obtain cannabis from a cultivator, processor, or dispensary licensed under division 1301:18 of the Administrative Code for testing purposes only; and

(2) Conduct laboratory testing, research, and development in accordance with division 1301:18 of the Administrative Code.

(E) A certificate of operation shall be issued to, and valid only for, the designated business entity, owners, and licensed premises specified within the testing laboratory's initial application for licensure pursuant to rule 1301:18-2-02 of the Administrative Code.

(A) Within two calendar years of the date of issuance of a provisional license, each testing laboratory shall receive accreditation to the ISO/IEC 17025 "General Requirements for the Competence of Testing and Calibration Laboratories" standard by a non-profit accreditation body that is signatory to the "International Laboratory Accreditation Cooperation (ILAC) Mutual Recognition Agreement (MRA)" and which operates in accordance with ISO/IEC 17011 "General Requirements for accreditation Bodies Accrediting Conformity Assessment Bodies."

Each testing laboratory shall ensure the accrediting agency provides a copy of all inspections and reports pertaining to certification and accreditation directly to the division.

(B) A testing laboratory may petition the division to toll computation of the timeframes provided in paragraph (A) of this rule. Such a petition shall be in writing and provide:

(1) An explanation of the facts and circumstances that prevent the laboratory's compliance with paragraph (A) of this rule; and

(2) A written plan, outlined in specific detail with the laboratory's intended actions and projected timeline, to ensure the laboratory complies with this rule.

(3) Upon receipt of a petition under this paragraph, the division may stay the requirement of paragraph (A) of this rule for the laboratory. A division order staying the requirement of paragraph (A) of this rule will state the date upon which the stay is lifted.

(A) The division of cannabis control may require a testing laboratory to participate in third-party proficiency testing programs.

In the event the division determines that proficiency testing is necessary, each testing laboratory shall adhere to all mandates outlined under this rule.

(B) At least once every twenty-four months, each testing laboratory is to successfully participate in a proficiency testing program for all test analytes outlined under this chapter.

(1) A third-party proficiency program mandated pursuant to paragraph (A) of this rule, is to be administered by an organization accredited to ISO/IEC 17043 "Conformity Assessment - General Requirements for Proficiency Testing" and provide rigorously controlled and standardized analysis of the following:

(a) Proficiency testing samples;

(b) Reports of associated proficiency testing directly to the laboratory and the division; and

(c) Statistical evaluation of the collective demographics and results of all cannabis testing facilities

(2) Successful participation includes an acceptable score for each and every target analyte that the testing laboratory reports to include quantitative results when applicable.

Failure to provide a result for a required analyte will be considered an unacceptable result.

(C) Pursuant to third-party proficiency testing, each testing laboratory is to:

(1) Analyze proficiency testing samples utilizing the same procedures, including the number of replicate analyses, standards, testing analysts, and equipment, as used for routine required testing pursuant to these rules at the licensed premises.

(2) When possible, integrate all proficiency testing samples within the day-to-day operations of the laboratory.

(D) All proficiency testing results are to be reviewed by the scientific director and appropriate employees and:

(1) Evaluate the testing laboratory's performance and perform corrective action for any unsatisfactory results received; and

(2) If applicable:

(a) Investigate any unsatisfactory results, to include a retrospective review of potentially affected cannabis samples.

(b) Document the investigation findings and any resultant corrective actions.

(E) A testing laboratory who fails to achieve an acceptable score for any state-required test mandated pursuant to division 1301:18 of the Administrative Code shall do the following:

(1) Notify the division in writing within twenty-four hours of receipt of the score; and

(2) Unless authorized by the division, repeat the proficiency testing of any failed tests within thirty calendar days of receipt of the failed score.

(3) If the testing laboratory fails to perform satisfactorily for the same state-required testing in two consecutive proficiency testing events, or two out of three proficiency testing events, the testing laboratory may be required to cease the performance of testing for those analytes until it demonstrates to the satisfaction of the division that the nonconformances have been corrected in such a manner as to ensure that they will not recur.

(F) Prior to the renewal of its certificate of operation, each testing laboratory is to ensure proficiency testing includes each matrix within the scope of their ISO accreditation.

(G) A testing laboratory shall not:

(1) Communicate with another licensed laboratory about proficiency testing samples until after the deadline for submission of results to the proficiency testing provider.

(2) Refer proficiency testing samples to another testing laboratory for analysis; or

(3) Accept proficiency testing samples from other testing laboratory for analysis.

(A) Each testing laboratory shall establish, maintain, and comply with written policies and procedures that ensure adequate security, surveillance, and control of the licensed premises that prevent diversion, theft, or loss and meet the minimum requirements outlined under this rule.

(1) Pursuant to rule 1301:18-7-02 of the Administrative Code, each testing laboratory shall petition the division prior to implementing any major modification to the facility's security procedures, systems, or equipment.

(B) Prior to the commencement of business, each testing laboratory shall meet the following security and surveillance requirements that ensure compliance with all standards established by the division:

(1) Designate a secure, limited access area for all equipment maintained pursuant to this rule that is accessible only by authorized registered laboratory employees with foundational training in security and surveillance;

(2) Maintain or construct fencing to prevent unauthorized entry or access to waste disposal containers, disposal areas, or compost areas located outside the facility;

(3) Install a security alarm system with commercial grade equipment that includes the following:

(a) An access alarm on all entry points and windows;

(b) Motion detectors that identify unauthorized access into the facility; and

(c) A silent alarm, which may be utilized during instances of duress that sends a pre-recorded voice message to the facility's designated security personnel and law enforcement, public safety, or emergency services requesting dispatch, which includes the capability to enter a designated code into an arming station to signal that the alarm user is being forced to turn off the system.

(4) Install a video surveillance system that complies with the following:

(a) Capable of electronic monitoring of the facility and real-time access by the division;

(b) Collects twenty-four-hour live video feed with motion-activated recording capabilities for all video cameras that record in at least fifteen frames per second;

(c) Archives and retains recordings for at least forty-five calendar days;

(d) Contains a display monitor with a minimum screen size of twelve inches;

(e) Exports still images in an industry standard format that guarantees authentication and prevents alteration of the recorded images;

(f) Produces clear color still photographs that are a minimum of "600 x 600" dpi from any camera image, live or recorded;

(g) Embeds a date and time stamp on all recordings; and

(h) Includes a failure notification system that provides an audible and visual notification of any failure in the electronic monitoring system.

(5) Install unobstructed, tamper-evident cameras that capture the entirety of the licensed premises and clearly identify all individuals and activities within the surveilled area;

(6) Camera placement at all the following locations:

(a) All points of ingress and egress;

(b) All secure, limited access areas;

(c) Any area where cannabis is tested, stored, or handled;

(d) Any area that stores cannabis or facility inventory;

(e) The facility's cannabis destruction and disposal area; and

(f) All areas where sales proceeds are stored or transferred.

(7) Daily records of all registered employees' access to any secure, limited access area;

(8) Develop emergency policies and procedures for securing all inventory and currency in the event of diversion, theft, or loss; and

(9) Any other requirements the division deems necessary to maintain proper security and surveillance and ensure public safety.

(C) Each testing laboratory shall inspect and test all security and surveillance equipment at least once per thirty calendar days to ensure functionality.

(1) Pursuant to rule 1301:18-3-14 of the Administrative Code, each laboratory shall record and maintain all security and surveillance equipment tests.

(2) Each laboratory shall immediately notify the division of any failure in the facility's security or surveillance system or equipment.

Any necessary repair or replacement shall occur within twenty-four hours of identification.

(3) Each laboratory shall keep all security equipment in good-working order and the systems shall be inspected and all devices tested on an annual basis by a third party.

(D) In the event a testing laboratory is made aware of any pending criminal, civil, or administrative investigations or legal proceedings for which a video recording may contain relevant information, the testing laboratory shall retain an unaltered copy of the recording until the investigation or proceeding is closed or the entity conducting the investigation or proceeding notifies the laboratory that it is not necessary to retain the recording.