|(a) A permit holder must establish and maintain effective
controls and procedures to prevent unauthorized access, theft, or
diversion of any precursor chemical laboratory apparatus (PCLA). The
following constitute the minimum security requirements to protect
these controlled items. The permit holder must:
(1) Establish and maintain a building, an enclosure
within a building, or an enclosed yard that provides reasonably adequate
security against the diversion of a controlled item;
(2) Limit access to each storage area to the minimum
number of individuals or employees necessary for the permit holder's
(3) Designate an individual or a limited number of
individuals with responsibility for each area in which a controlled
item is stored, and authority to enter or control entry into the area.
(b) In the absence of a physical barrier, such as a
wall, partition, fence, or similar divider, the permit holder may
comply with this section by another form of substantially increased
security to limit physical access to the storage area under subsection
(a)(2) of this section.
(c) The permit holder will make the designation required
by subsection (a)(3) of this section in writing and will make the
designation available upon request in the same manner as a record
kept under this chapter. The holder may update the designation record
as necessary to reflect current practice.
(d) When maintenance personnel or a business guest,
visitor, or similar individual is present in or passes through an
area addressed by this section, the permit holder must provide for
reasonably adequate observation of the area by an employee specifically
designated under subsection (a)(3) of this section.
(e) If a permit holder has an alarm system that is
in operation and being monitored, the permit holder must immediately
report each unauthorized intrusion or other security breach to the
department and to the permit holder's local law enforcement agency.
(f) A permit holder is not required to make the alarm
report required under subsection (e) of this section if there is a
reasonable explanation for the security breach that does not involve