You are here

Chemical-terrorism Vulnerability Information (CVI)

Chemical-terrorism Vulnerability Information (CVI) is the information protection regime authorized by Section 550 of Public Law 109-295 to protect from inappropriate public disclosure any information developed or submitted pursuant to Section 550. This includes information that is developed and/or submitted to DHS pursuant to the Chemical Facility Anti-Terrorism Standards (CFATS) regulation which implements Section 550.

Chemical facilities expect that the information provided to DHS will be protected from public disclosure or misuse. The Department expects individuals in possession of CVI to safeguard it with equal care. Following the requirements in 6 CFR § 27.400 and the guidance in the CVI Procedures Manual will ensure sensitive information about the Nation's high-risk chemical facilities is safeguarded.

Defining Chemical-terrorism Vulnerability Information

The following information (whether written, verbal, electronic, digital, or otherwise) is CVI:

  • Security Vulnerability Assessments under 6 CFR § 27.215
  • Site Security Plans under 6 CFR § 27.225
  • Documents relating to the Department's review and approval of Security Vulnerability Assessments and Site Security Plans, including Letters of Authorization, Letters of Approval, and responses thereto; written notices; and other documents developed pursuant to 6 CFR §§ 27.240 or 27.245
  • Alternative Security Programs under 6 CFR § 27.235
  • Documents relating to inspections or audits under 6 CFR § 27.250
  • Any records required to be created or retained by a covered facility under 6 CFR § 27.255
  • Sensitive portions of orders, notices or letters under 6 CFR § 27.300
  • Information developed pursuant to 6 CFR §§ 27.200 or 27.205 (such as the CSAT Top-Screen and the determination by the Assistant Secretary that a chemical facility presents a high level of security risk)
  • Other information developed for chemical facility security purposes that the Secretary, in his discretion, determines is similar to the information protected in 6 CFR § 27.400(b)(1) through (8)

Facilities shall designate information about the facility that is specified in 6 CFR § 27.400(b)(1) to (8) as CVI. The process for a facility to seek designation of CVI under 6 CFR § 27.400(b)(9) is described in Section 5.3 of the Revised CVI Procedures Manual.

Handling Chemical-terrorism Vulnerability Information

Anyone with access to Chemical-terrorism Vulnerability Information (CVI) must follow the specific requirements established in the implementing regulations (6 CFR Part 27) and should be familiar with the CVI Procedural Manual and any additional directive or policy.

Generally, materials containing CVI must be appropriately designated and withheld from public disclosure. CVI must also be physically controlled and protected. The protections include:

  • Storage of CVI
  • Marking of CVI
  • Transmission of CVI
  • Responsibilities when in transit with CVI
  • Destruction of CVI

Sharing Chemical-terrorism Vulnerability Information

Access to and/or disclosure of CVI is based on the following general principles:

  1. Except in exigent or emergency circumstances, CVI may only be disclosed to CVI Authorized Users with a need to know.
  2. A need to know should be assessed on a case-by-case basis (typically including an individualized assessment of the documents involved).
  3. A covered person in possession of CVI should take reasonable steps to confirm that any individual seeking access to CVI is a CVI Authorized User and has a need to know.

DHS provides each CVI Authorized User with an unique identification number. Before sharing Chemical-terrorism Vulnerability Information, ask for this number. You can contact the CSAT Help Desk at 866-323-2957 to confirm a person's CVI Authorized User status.

Additional Resources

For more information, contact the CFATS Help Desk at or 866-323-2957. The Help Desk is available Monday to Friday (except federal holidays) from 8:30 a.m. to 5 p.m. (ET).

Last Published Date: October 4, 2016

Was this page helpful?

This page was not helpful because the content:
Back to Top