Cyber Security Infrastructure Security Agency


WASHINGTON—Today, the Department of Homeland Security (DHS) and Cybersecurity and Infrastructure Security Agency (CISA) are issuing a technical rule to improve and modernize aspects of the Protected Critical Infrastructure Information (PCII) Program, which provides legal protections for cyber and physical infrastructure information submitted to DHS. These non-substantive, technical edits amend the Protected Critical Infrastructure Information (PCII) Program regulation found at 6 CFR part 29, to help critical infrastructure owner/operators, state and local governments, and other important stakeholders more effectively use the PCII Program.

For info from CISA see these links PCII Program | CISA,

How Does PCII Protect My Information?

Authorities Governing PCII: The CII Act of 2002 and its implementing regulation, 6 CFR part 29, “Procedures for Handling Critical Infrastructure Information” ensure critical infrastructure information voluntarily shared with the government and validated as PCII by DHS/CISA is protected from:

  • Disclosure from Freedom of Information Act (FOIA) requests 
  • Disclosure under state and local disclosure laws 
  • Use in regulatory proceedings 
  • Use in civil actions 

Accessing PCII: Only authorized federal, state, and local government employees or government contracted personnel who are trained and certified in the strict safeguarding and handling requirements, have a need-to-know, have homeland security responsibilities, and sign a Non-Disclosure Agreement (non-federal employees only) may access PCII.

Marking PCII: Only the PCII Program Office or the PCII Program Manager Designees may mark information as PCII and assign a submission identification number. To ensure proper handling and safeguarding from disclosure:

  • PCII documents include a PCII Program Green Cover Sheet outlining protection requirements 
  • PCII is marked with “PROTECTED CRITICAL INFRASTRUCTURE INFORMATION” in the headers and footers to alert users of the information’s status and protection requirements 
  • PCII is labeled with a unique identification number

The PCII marking remains until either the PCII Program Office determines the information no longer qualifies for PCII protection or the submitter requests the removal of protections. PCII is normally labeled with the following statement by the PCII Program Office to ensure the material is safeguarded and handled appropriately.

PCII Program Documents

Hits: 0

Leave a Reply

Your email address will not be published. Required fields are marked *

eleven + 11 =

Your thoughts are important. Leave Your Comment- Good or Bad! Many articles Please check out the sitemap first! Close ESC or X

Leave a Reply

Your email address will not be published. Required fields are marked *

15 − nine =