6 C.F.R. § 29.4 Protected Critical Infrastructure Information Program administration.
Title 6 - Homeland Security
(a) IAIP Directorate Program Management. The Secretary of the Department of Homeland Security hereby designates the Under Secretary of the Information Analysis and Infrastructure Protection (IAIP) Directorate as the senior DHS official responsible for the direction and administration of the Protected CII Program. (b) Appointment of a Protected CII Program Manager. The Under Secretary for IAIP shall: (1) Appoint a Protected CII Program Manager within the IAIP Directorate who is responsible to the Under Secretary for the administration of the Protected CII Program; (2) Commit resources necessary to the effective implementation of the Protected CII Program; (3) Ensure that sufficient personnel, including such detailees or assignees from other Federal national security, homeland security, or law enforcement entities as the Under Secretary deems appropriate, are assigned to the Protected CII Program to facilitate the expeditious and secure sharing with appropriate authorities, including Federal national security, homeland security, and law enforcement entities and, consistent with the CII Act of 2002, with State and local officials, where doing so may reasonably be expected to assist in preventing, preempting, or disrupting terrorist threats to our homeland; and (4) Promulgate implementing directives and prepare training materials as appropriate for the proper treatment of Protected CII. (c) Appointment of Protected CII Officers. The Protected CII Program Manager shall establish procedures to ensure that any DHS component or other Federal, State, or local entity that works with Protected CII appoints one or more employees to serve as a Protected CII Officer for the activity in order to carry out the responsibilities stated in paragraph (d) of this section. Persons appointed to these positions shall be fully familiar with these procedures. (d) Responsibilities of Protected CII Officers. Protected CII Officers shall: (1) Oversee the handling, use, and storage of Protected CII; (2) Ensure the expeditious and secure sharing of Protected CII with appropriate authorities, as set forth in §29.1(a) and paragraph (b)(3) of this section; (3) Establish and maintain an ongoing self-inspection program, to include periodic review and assessment of the entity's handling, use, and storage of Protected CII; (4) Establish additional procedures as necessary to prevent unauthorized access to Protected CII; and (5) Ensure prompt and appropriate coordination with the Protected CII Program Manager regarding any request, challenge, or complaint arising out of the implementation of these procedures. (e) Protected Critical Infrastructure Information Management System (PCIIMS). The Protected CII Program Manager or the Protected CII Program Manager's designees shall develop and use an electronic database, to be known as the “Protected Critical Infrastructure Information Management System” (PCIIMS), to record the receipt, acknowledgement, validation, storage, dissemination, and destruction of Protected CII. This compilation of Protected CII shall be safeguarded and protected in accordance with the provisions of the CII Act of 2002.
Title 6: Homeland Security
PART 29—PROTECTED CRITICAL INFRASTRUCTURE INFORMATION
§ 29.4 Protected Critical Infrastructure Information Program administration.
