DHS/CISA/PIA-034 Protected Critical Infrastructure Information Program

The Protected Critical Infrastructure Information (PCII) Program, part of the Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), Infrastructure Security Division (ISD), Infrastructure Assessments and Analysis (IAA) Sub-Division, facilitates the sharing of PCII between the Government and the private sector. CISA has conducted this privacy impact assessment (PIA) to analyze and evaluate the privacy impact of the PCII Program’s overall operations, including the PCII submission and validation process, and user access management. Most of this work occurs on the Protected Critical Infrastructure Information Management System (PCIIMS). PCIIMS is an Information Technology (IT) system and the means by which PCII submissions from non-federal critical infrastructure owners and operators are received and cataloged, and PCII Authorized Users are registered, trained, and managed. This system receives, provides validation processes, and securely stores critical infrastructure information (physical and cyber systems and assets) meeting the PCII program definition for validation. This PIA replaces DHS/NPPD/PIA-006 Protected Critical Infrastructure Information Management System, published July 13, 2011. December 2019

Associated SORN(s):

• DHS/ALL-004 General Information Technology Access Account Records System