Section



[Code of Federal Regulations]
[Title 6, Volume 1]
[Revised as of January 1, 2007]
From the U.S. Government Printing Office via GPO Access
[CITE: 6CFR29.1]

[Page 118]
 
                       TITLE 6--HOMELAND SECURITY
 
   CHAPTER I--DEPARTMENT OF HOMELAND SECURITY, OFFICE OF THE SECRETARY
 
PART 29_PROTECTED CRITICAL INFRASTRUCTURE INFORMATION--Table of Contents
 
Sec.  29.1  Purpose and scope.

    (a) Purpose of this Part. This Part implements sections 211 through 
215 of the Homeland Security Act of 2002 (HSA) through the establishment 
of uniform procedures for the receipt, care, and storage of Critical 
Infrastructure Information (CII) voluntarily submitted to the Department 
of Homeland Security (DHS). Title II, Subtitle B, of the Homeland 
Security Act is referred to herein as the Critical Infrastructure 
Information Act of 2002 (CII Act). Consistent with the statutory mission 
of DHS to prevent terrorist attacks within the United States and reduce 
the vulnerability of the United States to terrorism, DHS will encourage 
the voluntary submission of CII by safeguarding and protecting that 
information from unauthorized disclosure and by ensuring that such 
information is, as necessary, securely shared with State and local 
government pursuant to section 214(a) through (g) of the CII Act. As 
required by the CII Act, these rules establish procedures regarding:
    (1) The acknowledgement of receipt by DHS of voluntarily submitted 
CII;
    (2) The receipt, validation, handling, storage, proper marking and 
use of information as PCII;
    (3) The safeguarding and maintenance of the confidentiality of such 
information, appropriate sharing of such information with State and 
local governments pursuant to section 214(a) through (g) of the HSA.
    (4) The issuance of advisories, notices and warnings related to the 
protection of critical infrastructure or protected systems in such a 
manner as to protect from unauthorized disclosure the source of critical 
infrastructure information that forms the basis of the warning, and any 
information that is proprietary or business sensitive, might be used to 
identify the submitting person or entity, or is otherwise not 
appropriately in the public domain.
    (b) Scope. The regulations in this Part apply to all persons and 
entities that are authorized to handle, use, or store PCII or that 
otherwise accept receipt of PCII.