Home Information Sharing & Analysis Prevention & Protection Preparedness & Response Research Commerce & Trade Travel Security & Procedures Immigration
About the Department Open for Business Press Room
Current National Threat Level is elevated

The threat level in the airline sector is High or Orange. Read more.

Homeland Security 5 Year Anniversary 2003 - 2008, One Team, One Mission Securing the Homeland

« Protected Critical Infrastructure Information (PCII) Program

Who Can Access Protected Critical Infrastructure Information (PCII)

Protected Critical Infrastructure Information (PCII) may be accessed by federal, state or local government employees and their contractors who meet the requirements of the PCII Program standard access policy.

The copy of the critical infrastructure information (CII) that is retained by the submitter is not considered PCII. As such, it is not afforded the protections from disclosure under the Freedom of Information Act or similar State and local disclosure laws, and it is not subject to the PCII safeguarding, handling and access requirements.

Access Policy

Before accessing PCII, federal, state or local government employees or contractors must:

  • Complete training on the proper handling and safeguarding of PCII,
  • Have homeland security responsibilities, 
  • Have a need-to-know the specific information,
  • Sign a non-disclosure agreement (non-federal employees only); and
  • Be certified by the PCII Program Manager or PCII Officer (contractors only).

The PCII Officer manages the PCII program in an accredited entity and ensures that all PCII received is used, safeguarded, stored and disseminated in accordance with specific procedures. Accredited entities must have a PCII Officer.

Government contractors must also modify relevant contracts to comply with requirements of the PCII Program. Contract modification is not a prerequisite to accessing PCII; however, the contractor must contractually acknowledge his or her responsibilities with respect to PCII as soon as practicable. The PCII Officer certifies that contractors are engaged in activities supporting their accredited entity.

Back To Top

PCII Accreditation Program

All government organizations must become accredited to ensure consistent application of uniform PCII Program standards. The following accreditation requirements may be completed in any order:

  • Submit an application,
  • Execute a Memorandum of Agreement (MOA) with the Department of Homeland Security,
  • Nominate a PCII Officer who will be trained to manage the entity's use of PCII, and 
  • Draft a standard operating procedure (SOP) in accordance with the PCII Program Office guidelines.

To centralize and streamline the PCII Program, accreditation is generally granted to the highest governing body. This allows local government entities to be covered under the overarching PCII state accreditation. Individuals within an accredited entity must still meet the standard access requirements before accessing PCII.

For more information on the PCII Accreditation Program, e-mail pcii-info@dhs.gov.

Back To Top

Training Requirements

The PCII Program Office requires that only trained users can access PCII. This ensures that users receive standardized instruction on PCII safeguarding and handling procedures.

There are two types of training:

  • PCII Authorized User Training: Required computer-based training that must be completed by all government employees and contractors before accessing PCII.
  • PCII Officer Training: Required one-day instructor-led course for all nominated PCII Officers followed by a written certification exam. Upon successful completion of the certification exam, the candidate will be appointed by the PCII Program Manager as his or her entity's PCII Officer.

To request PCII training, e-mail pcii-training@dhs.gov.

Back To Top

Congressional and Other Access to PCII

The Critical Infrastructure Information Act of 2002 (PDF, 11 pages - 53 KB). and the Final Rule: Procedures for Handling Protected Critical Infrastructure require the PCII Program Office to release any PCII to the parties listed below upon their request:

  • Law enforcement agencies in furtherance of the investigation or prosecution of a criminal act,
  • Either House of Congress, or to the extent of matter within its jurisdiction, any committee or subcommittee thereof, any joint committee thereof, or subcommittee of any such joint committee, and
  • The Comptroller General, or any authorized representative of the Comptroller General, in the course of the performance of the duties of the Government Accountability Office (GAO).

In addition, PCII may be provided to the DHS Inspector General.

The PCII Program Office will not release PCII under these circumstances without taking measures to ensure that the individuals who receive PCII are authorized to receive it and are properly trained in its protection and use.

Back To Top

This page was last reviewed/modified on August 11, 2008.