University-Wide Visitor Policy

The University of Kansas (KU) is committed to maintaining an open and free academic environment that supports both domestic and international collaborations. In the event such collaborations result in a Visitor to campus, there may be applicable state or federal laws and regulations that apply. To support the University’s interests in collaboration, while complying with laws and regulations, the University sets forth this policy.  

Definition of Visitor (also found in the definitions section)
Individual(s) (international or domestic) who: 1) are not otherwise employed by or have a current formal affiliate status, that are coming to campus, either in person or by way of telecommunication, to conduct business; and 2) who have access to KU intellectual property, research data, research facilities, network access, or access to secure physical spaces. Business includes but may not be limited to: vendors or contractors visiting campus, those conducting collaborative research; providing instruction that is supervised by appropriate KU personnel, or observing KU instruction, administration, or research. KUL and KUMC inter-campus collaborations/activities may subject existing employees, formal affiliates, or students to Visitor status when visiting other campuses.

Scope of Policy
This policy applies to all KU personnel, including personnel of controlled affiliated units, who coordinate, invite, or host individuals from other universities, institutions, and businesses to visit any KU campus. This policy applies to both domestic and international Visitors and other individuals collaborating with KU employees (faculty and staff) who have access to KU intellectual property, research data, research facilities, network access, or access to secure physical spaces. For KUMC, access to any of these items may also be subject to The University of Kansas Health System’s policies.

General Considerations
KU requires that each campus institute processes for Visitors to undergo appropriate due diligence checks to comply with export compliance laws and other regulatory requirements, and execute certain agreements as necessary related to protecting intellectual property (e.g., technology control plans (TCPs), nondisclosure agreements (NDA’s), related training). 

Additionally, KU will require each campus to institute procedures and processes for training requirements, badging or other identification, vetting for provision of network access, licensing (where applicable), and liability coverage as necessary for the type of Visitor. 

Each campus will ensure the following issues are addressed in their procedures and processes:

I. Badging/Identification

• Any Visitor provided access to restricted spaces, such as labs or offices protected by lock or key card access, must have appropriate permissions (e.g., temporary badges, name tags, chaperones), and the hosting unit must maintain a Visitor(s) roster and record for the intent and duration of the visit.

II. Compliance

• Visitors to campus may be required to complete compliance certifications in the form of trainings or attestations, based on the nature of their visit. The hosting unit of the Visitor is responsible for identifying the necessary trainings and ensuring the Visitor is compliant. Examples may include Environmental Health and Safety, Information Security, HIPAA training if accessing protected health information, lab, or other safety trainings. Depending on access requested, training at KUMC may also be subject to The University of Kansas Health System’s training requirements.

III. Export Control 

• This policy is intended to improve compliance with U.S. law, regulatory requirements, and university-wide risk management. U.S. regulations and laws require KU to evaluate collaborative efforts for potential export control issues, the necessity for an export license, and to certify those findings. This policy helps fulfill KU’s compliance requirements as mandated by federal laws and regulations including the Export Administration Regulations (EAR), the International Traffic in Arms Regulations (ITAR), Office of Foreign Assets and Control (OFAC), and all other applicable export and import regulations, in the U.S. and abroad (related Export Compliance materials can be found at https://gos.ku.edu/research-and-contract-compliance).
• In order to comply with export control rules, each campus, at a minimum, must conduct for each Visitor (as defined by this policy), as well as for any other individual given access to information that would not be considered fundamental research, a “due diligence” screening and for KUMC may be subject to relevant University of Kansas Health System policies.   
  • Units conducting their own due diligence screenings are to contact the Office of Global Risk and Security (GRS) (gos@ku.edu) any time there is an alert; in some cases these alerts can be deconflicted and cleared through further review to authorize the visit.

IV. Insurance Coverage, Licensing, etc.

• The hosting unit may require appropriate qualifications for Visitors, pertinent to the purpose of their visit (e.g., insurance coverages, licenses, certifications). The hosting unit is to manage all required documentation.

V. Network and Data Access

• While many visitors may not need or request network access, in the event a Visitor does require access, existing network access policies and procedures are to be followed.
• If a Visitor is to have access to restricted data, the hosting unit must receive appropriate authorization(s) specific to the type of data. Data access may be governed by network access standards and/or export control laws.