A picture of Representative Patrick Meehan
Patrick M.
Republican PA 7

About Rep. Patrick
  • Chemical Facility Anti-Terrorism Standards Program Authorization and Accountability Act of 2014

    by Representative Patrick Meehan

    Posted on 2014-12-11

    submit to reddit

    Read More about Chemical Facility Anti-Terrorism Standards Program Authorization and Accountability Act of 2014

    MEEHAN. Mr. Speaker, I move to suspend the rules and concur in the Senate amendment to the bill (H.R. 4007) to recodify and reauthorize the Chemical Facility Anti-Terrorism Standards Program.



    The Clerk read the title of the bill.

    The text of the Senate amendment is as follows: Senate amendment: In lieu of the matter proposed to be inserted, insert the following: SECTION 1. SHORT TITLE.

    This Act may be cited as the ``Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014''.

    SEC. 2. CHEMICAL FACILITY ANTI-TERRORISM STANDARDS PROGRAM.

    (a) In General.--The Homeland Security Act of 2002 (6 U.S.C. 101 et seq.) is amended by adding at the end the following: ``TITLE XXI--CHEMICAL FACILITY ANTI-TERRORISM STANDARDS ``SEC. 2101. DEFINITIONS.

    ``In this title-- ``(1) the term `CFATS regulation' means-- ``(A) an existing CFATS regulation; and ``(B) any regulation or amendment to an existing CFATS regulation issued pursuant to the authority under section 2107; ``(2) the term `chemical facility of interest' means a facility that-- ``(A) holds, or that the Secretary has a reasonable basis to believe holds, a chemical of interest, as designated under Appendix A to part 27 of title 6, Code of Federal Regulations, or any successor thereto, at a threshold quantity set pursuant to relevant risk-related security principles; and ``(B) is not an excluded facility; ``(3) the term `covered chemical facility' means a facility that-- ``(A) the Secretary-- ``(i) identifies as a chemical facility of interest; and ``(ii) based upon review of the facility's Top-Screen, determines meets the risk criteria developed under section 2102(e)(2)(B); and ``(B) is not an excluded facility; ``(4) the term `excluded facility' means-- ``(A) a facility regulated under the Maritime Transportation Security Act of 2002 (Public Law 107-295; 116 Stat. 2064); ``(B) a public water system, as that term is defined in section 1401 of the Safe Drinking Water Act (42 U.S.C. 300f); ``(C) a Treatment Works, as that term is defined in section 212 of the Federal Water Pollution Control Act (33 U.S.C. 1292); ``(D) a facility owned or operated by the Department of Defense or the Department of Energy; or ``(E) a facility subject to regulation by the Nuclear Regulatory Commission, or by a State that has entered into an agreement with the Nuclear Regulatory Commission under section 274 b. of the Atomic Energy Act of 1954 (42 U.S.C. 2021(b)) to protect against unauthorized access of any material, activity, or structure licensed by the Nuclear Regulatory Commission; ``(5) the term `existing CFATS regulation' means-- ``(A) a regulation promulgated under section 550 of the Department of Homeland Security Appropriations Act, 2007 (Public Law 109-295; 6 U.S.C. 121 note) that is in effect on the day before the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014; and ``(B) a Federal Register notice or other published guidance relating to section 550 of the Department of Homeland Security Appropriations Act, 2007 that is in effect on the day before the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014; ``(6) the term `expedited approval facility' means a covered chemical facility for which the owner or operator elects to submit a site security plan in accordance with section 2102(c)(4); ``(7) the term `facially deficient', relating to a site security plan, means a site security plan that does not support a certification that the security measures in the plan address the security vulnerability assessment and the risk-based performance standards for security for the facility, based on a review of-- ``(A) the facility's site security plan; ``(B) the facility's Top-Screen; ``(C) the facility's security vulnerability assessment; or ``(D) any other information that-- ``(i) the facility submits to the Department; or ``(ii) the Department obtains from a public source or other source; ``(8) the term `guidance for expedited approval facilities' means the guidance issued under section 2102(c)(4)(B)(i); ``(9) the term `risk assessment' means the Secretary's application of relevant risk criteria identified in section 2102(e)(2)(B); ``(10) the term `terrorist screening database' means the terrorist screening database maintained by the Federal Government Terrorist Screening Center or its successor; ``(11) the term `tier' has the meaning given the term in section 27.105 of title 6, Code of Federal Regulations, or any successor thereto; ``(12) the terms `tiering' and `tiering methodology' mean the procedure by which the Secretary assigns a tier to each covered chemical facility based on the risk assessment for that covered chemical facility; ``(13) the term `Top-Screen' has the meaning given the term in section 27.105 of title 6, Code of Federal Regulations, or any successor thereto; and ``(14) the term `vulnerability assessment' means the identification of weaknesses in the security of a chemical facility of interest.

    ``SEC. 2102. CHEMICAL FACILITY ANTI-TERRORISM STANDARDS PROGRAM.

    ``(a) Program Established.-- ``(1) In general.--There is in the Department a Chemical Facility Anti-Terrorism Standards Program.

    ``(2) Requirements.--In carrying out the Chemical Facility Anti-Terrorism Standards Program, the Secretary shall-- ``(A) identify-- ``(i) chemical facilities of interest; and ``(ii) covered chemical facilities; ``(B) require each chemical facility of interest to submit a Top-Screen and any other information the Secretary determines necessary to enable the Department to assess the security risks associated with the facility; ``(C) establish risk-based performance standards designed to address high levels of security risk at covered chemical facilities; and ``(D) require each covered chemical facility to-- ``(i) submit a security vulnerability assessment; and ``(ii) develop, submit, and implement a site security plan.

    ``(b) Security Measures.-- ``(1) In general.--A facility, in developing a site security plan as required under subsection (a), shall include security measures that, in combination, appropriately address the security vulnerability assessment and the risk-based performance standards for security for the facility.

    ``(2) Employee input.--To the greatest extent practicable, a facility's security vulnerability assessment and site security plan shall include input from at least 1 facility employee and, where applicable, 1 employee representative from the bargaining agent at that facility, each of whom possesses, in the determination of the facility's security officer, relevant knowledge, experience, training, or education as pertains to matters of site security.

    ``(c) Approval or Disapproval of Site Security Plans.-- ``(1) In general.-- ``(A) Review.--Except as provided in paragraph (4), the Secretary shall review and approve or disapprove each site security plan submitted pursuant to subsection (a).

    ``(B) Bases for disapproval.--The Secretary-- ``(i) may not disapprove a site security plan based on the presence or absence of a particular security measure; and ``(ii) shall disapprove a site security plan if the plan fails to satisfy the risk-based performance standards established pursuant to subsection (a)(2)(C).

    ``(2) Alternative security programs.-- ``(A) Authority to approve.-- ``(i) In general.--The Secretary may approve an alternative security program established by a private sector entity or a Federal, State, or local authority or under other applicable laws, if the Secretary determines that the requirements of the program meet the requirements under this section.

    ``(ii) Additional security measures.--If the requirements of an alternative security program do not meet the requirements under this section, the Secretary may recommend additional security measures to the program that will enable the Secretary to approve the program.

    ``(B) Satisfaction of site security plan requirement.--A covered chemical facility may satisfy the site security plan requirement under subsection (a) by adopting an alternative security program that the Secretary has-- ``(i) reviewed and approved under subparagraph (A); and ``(ii) determined to be appropriate for the operations and security concerns of the covered chemical facility.

    ``(3) Site security plan assessments.-- ``(A) Risk assessment policies and procedures.--In approving or disapproving a site security plan under this subsection, the Secretary shall employ the risk assessment policies and procedures developed under this title.

    ``(B) Previously approved plans.--In the case of a covered chemical facility for which the Secretary approved a site security plan before the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014, the Secretary may not require the facility to resubmit the site security plan solely by reason of the enactment of this title.

    ``(4) Expedited approval program.-- ``(A) In general.--A covered chemical facility assigned to tier 3 or 4 may meet the requirement to develop and submit a site security plan under subsection (a)(2)(D) by developing and submitting to the Secretary-- ``(i) a site security plan and the certification described in subparagraph (C); or ``(ii) a site security plan in conformance with a template authorized under subparagraph (H).

    [[Page H9054]] ``(B) Guidance for expedited approval facilities.-- ``(i) In general.--Not later than 180 days after the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014, the Secretary shall issue guidance for expedited approval facilities that identifies specific security measures that are sufficient to meet the risk-based performance standards.

    ``(ii) Material deviation from guidance.--If a security measure in the site security plan of an expedited approval facility materially deviates from a security measure in the guidance for expedited approval facilities, the site security plan shall include an explanation of how such security measure meets the risk-based performance standards.

    ``(iii) Applicability of other laws to development and issuance of initial guidance.--During the period before the Secretary has met the deadline under clause (i), in developing and issuing, or amending, the guidance for expedited approval facilities under this subparagraph and in collecting information from expedited approval facilities, the Secretary shall not be subject to-- ``(I) section 553 of title 5, United States Code; ``(II) subchapter I of chapter 35 of title 44, United States Code; or ``(III) section 2107(b) of this title.

    ``(C) Certification.--The owner or operator of an expedited approval facility shall submit to the Secretary a certification, signed under penalty of perjury, that-- ``(i) the owner or operator is familiar with the requirements of this title and part 27 of title 6, Code of Federal Regulations, or any successor thereto, and the site security plan being submitted; ``(ii) the site security plan includes the security measures required by subsection (b); ``(iii)(I) the security measures in the site security plan do not materially deviate from the guidance for expedited approval facilities except where indicated in the site security plan; ``(II) any deviations from the guidance for expedited approval facilities in the site security plan meet the risk- based performance standards for the tier to which the facility is assigned; and ``(III) the owner or operator has provided an explanation of how the site security plan meets the risk-based performance standards for any material deviation; ``(iv) the owner or operator has visited, examined, documented, and verified that the expedited approval facility meets the criteria set forth in the site security plan; ``(v) the expedited approval facility has implemented all of the required performance measures outlined in the site security plan or set out planned measures that will be implemented within a reasonable time period stated in the site security plan; ``(vi) each individual responsible for implementing the site security plan has been made aware of the requirements relevant to the individual's responsibility contained in the site security plan and has demonstrated competency to carry out those requirements; ``(vii) the owner or operator has committed, or, in the case of planned measures will commit, the necessary resources to fully implement the site security plan; and ``(viii) the planned measures include an adequate procedure for addressing events beyond the control of the owner or operator in implementing any planned measures.

    ``(D) Deadline.-- ``(i) In general.--Not later than 120 days after the date described in clause (ii), the owner or operator of an expedited approval facility shall submit to the Secretary the site security plan and the certification described in subparagraph (C).

    ``(ii) Date.--The date described in this clause is-- ``(I) for an expedited approval facility that was assigned to tier 3 or 4 under existing CFATS regulations before the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014, the date that is 210 days after the date of enactment of that Act; and ``(II) for any expedited approval facility not described in subclause (I), the later of-- ``(aa) the date on which the expedited approval facility is assigned to tier 3 or 4 under subsection (e)(2)(A); or ``(bb) the date that is 210 days after the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014.

    ``(iii) Notice.--An owner or operator of an expedited approval facility shall notify the Secretary of the intent of the owner or operator to certify the site security plan for the expedited approval facility not later than 30 days before the date on which the owner or operator submits the site security plan and certification described in subparagraph (C).

    ``(E) Compliance.-- ``(i) In general.--For an expedited approval facility submitting a site security plan and certification in accordance with subparagraphs (A), (B), (C), and (D)-- ``(I) the expedited approval facility shall comply with all of the requirements of its site security plan; and ``(II) the Secretary-- ``(aa) except as provided in subparagraph (G), may not disapprove the site security plan; and ``(bb) may audit and inspect the expedited approval facility under subsection (d) to verify compliance with its site security plan.

    ``(ii) Noncompliance.--If the Secretary determines an expedited approval facility is not in compliance with the requirements of the site security plan or is otherwise in violation of this title, the Secretary may enforce compliance in accordance with section 2104.

    ``(F) Amendments to site security plan.-- ``(i) Requirement.-- ``(I) In general.--If the owner or operator of an expedited approval facility amends a site security plan submitted under subparagraph (A), the owner or operator shall submit the amended site security plan and a certification relating to the amended site security plan that contains the information described in subparagraph (C).

    ``(II) Technical amendments.--For purposes of this clause, an amendment to a site security plan includes any technical amendment to the site security plan.

    ``(ii) Amendment required.--The owner or operator of an expedited approval facility shall amend the site security plan if-- ``(I) there is a change in the design, construction, operation, or maintenance of the expedited approval facility that affects the site security plan; ``(II) the Secretary requires additional security measures or suspends a certification and recommends additional security measures under subparagraph (G); or ``(III) the owner or operator receives notice from the Secretary of a change in tiering under subsection (e)(3).

    ``(iii) Deadline.--An amended site security plan and certification shall be submitted under clause (i)-- ``(I) in the case of a change in design, construction, operation, or maintenance of the expedited approval facility that affects the security plan, not later than 120 days after the date on which the change in design, construction, operation, or maintenance occurred; ``(II) in the case of the Secretary requiring additional security measures or suspending a certification and recommending additional security measures under subparagraph (G), not later than 120 days after the date on which the owner or operator receives notice of the requirement for additional security measures or suspension of the certification and recommendation of additional security measures; and ``(III) in the case of a change in tiering, not later than 120 days after the date on which the owner or operator receives notice under subsection (e)(3).

    ``(G) Facially deficient site security plans.-- ``(i) Prohibition.--Notwithstanding subparagraph (A) or (E), the Secretary may suspend the authority of a covered chemical facility to certify a site security plan if the Secretary-- ``(I) determines the certified site security plan or an amended site security plan is facially deficient; and ``(II) not later than 100 days after the date on which the Secretary receives the site security plan and certification, provides the covered chemical facility with written notification that the site security plan is facially deficient, including a clear explanation of each deficiency in the site security plan.

    ``(ii) Additional security measures.-- ``(I) In general.--If, during or after a compliance inspection of an expedited approval facility, the Secretary determines that planned or implemented security measures in the site security plan of the facility are insufficient to meet the risk-based performance standards based on misrepresentation, omission, or an inadequate description of the site, the Secretary may-- ``(aa) require additional security measures; or ``(bb) suspend the certification of the facility.

    ``(II) Recommendation of additional security measures.--If the Secretary suspends the certification of an expedited approval facility under subclause (I), the Secretary shall-- ``(aa) recommend specific additional security measures that, if made part of the site security plan by the facility, would enable the Secretary to approve the site security plan; and ``(bb) provide the facility an opportunity to submit a new or modified site security plan and certification under subparagraph (A).

    ``(III) Submission; review.--If an expedited approval facility determines to submit a new or modified site security plan and certification as authorized under subclause (II)(bb)-- ``(aa) not later than 90 days after the date on which the facility receives recommendations under subclause (II)(aa), the facility shall submit the new or modified plan and certification; and ``(bb) not later than 45 days after the date on which the Secretary receives the new or modified plan under item (aa), the Secretary shall review the plan and determine whether the plan is facially deficient.

    ``(IV) Determination not to include additional security measures.-- ``(aa) Revocation of certification.--If an expedited approval facility does not agree to include in its site security plan specific additional security measures recommended by the Secretary under subclause (II)(aa), or does not submit a new or modified site security plan in accordance with subclause (III), the Secretary may revoke the certification of the facility by issuing an order under section 2104(a)(1)(B).

    ``(bb) Effect of revocation.--If the Secretary revokes the certification of an expedited approval facility under item (aa) by issuing an order under section 2104(a)(1)(B)-- ``(AA) the order shall require the owner or operator of the facility to submit a site security plan or alternative security program for review by the Secretary review under subsection (c)(1); and ``(BB) the facility shall no longer be eligible to certify a site security plan under this paragraph.

    ``(V) Facial deficiency.--If the Secretary determines that a new or modified site security plan submitted by an expedited approval facility under subclause (III) is facially deficient-- ``(aa) not later than 120 days after the date of the determination, the owner or operator of the facility shall submit a site security plan or alternative security program for review by the Secretary under subsection (c)(1); and ``(bb) the facility shall no longer be eligible to certify a site security plan under this paragraph.

    [[Page H9055]] ``(H) Templates.-- ``(i) In general.--The Secretary may develop prescriptive site security plan templates with specific security measures to meet the risk-based performance standards under subsection (a)(2)(C) for adoption and certification by a covered chemical facility assigned to tier 3 or 4 in lieu of developing and certifying its own plan.

    ``(ii) Applicability of other laws to development and issuance of initial site security plan templates and related guidance.--During the period before the Secretary has met the deadline under subparagraph (B)(i), in developing and issuing, or amending, the site security plan templates under this subparagraph, in issuing guidance for implementation of the templates, and in collecting information from expedited approval facilities, the Secretary shall not be subject to-- ``(I) section 553 of title 5, United States Code; ``(II) subchapter I of chapter 35 of title 44, United States Code; or ``(III) section 2107(b) of this title.

    ``(iii) Rule of construction.--Nothing in this subparagraph shall be construed to prevent a covered chemical facility from developing and certifying its own security plan in accordance with subparagraph (A).

    ``(I) Evaluation.-- ``(i) In general.--Not later than 18 months after the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014, the Secretary shall take any appropriate action necessary for a full evaluation of the expedited approval program authorized under this paragraph, including conducting an appropriate number of inspections, as authorized under subsection (d), of expedited approval facilities.

    ``(ii) Report.--Not later than 18 months after the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014, the Secretary shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security and the Committee on Energy and Commerce of the House of Representatives a report that contains-- ``(I)(aa) the number of eligible facilities using the expedited approval program authorized under this paragraph; and ``(bb) the number of facilities that are eligible for the expedited approval program but are using the standard process for developing and submitting a site security plan under subsection (a)(2)(D); ``(II) any costs and efficiencies associated with the expedited approval program; ``(III) the impact of the expedited approval program on the backlog for site security plan approval and authorization inspections; ``(IV) an assessment of the ability of expedited approval facilities to submit facially sufficient site security plans; ``(V) an assessment of any impact of the expedited approval program on the security of chemical facilities; and ``(VI) a recommendation by the Secretary on the frequency of compliance inspections that may be required for expedited approval facilities.

    ``(d) Compliance.-- ``(1) Audits and inspections.-- ``(A) Definitions.--In this paragraph-- ``(i) the term `nondepartmental'-- ``(I) with respect to personnel, means personnel that is not employed by the Department; and ``(II) with respect to an entity, means an entity that is not a component or other authority of the Department; and ``(ii) the term `nongovernmental'-- ``(I) with respect to personnel, means personnel that is not employed by the Federal Government; and ``(II) with respect to an entity, means an entity that is not an agency, department, or other authority of the Federal Government.

    ``(B) Authority to conduct audits and inspections.--The Secretary shall conduct audits or inspections under this title using-- ``(i) employees of the Department; ``(ii) nondepartmental or nongovernmental personnel approved by the Secretary; or ``(iii) a combination of individuals described in clauses (i) and (ii).

    ``(C) Support personnel.--The Secretary may use nongovernmental personnel to provide administrative and logistical services in support of audits and inspections under this title.

    ``(D) Reporting structure.-- ``(i) Nondepartmental and nongovernmental audits and inspections.--Any audit or inspection conducted by an individual employed by a nondepartmental or nongovernmental entity shall be assigned in coordination with a regional supervisor with responsibility for supervising inspectors within the Infrastructure Security Compliance Division of the Department for the region in which the audit or inspection is to be conducted.

    ``(ii) Requirement to report.--While an individual employed by a nondepartmental or nongovernmental entity is in the field conducting an audit or inspection under this subsection, the individual shall report to the regional supervisor with responsibility for supervising inspectors within the Infrastructure Security Compliance Division of the Department for the region in which the individual is operating.

    ``(iii) Approval.--The authority to approve a site security plan under subsection (c) or determine if a covered chemical facility is in compliance with an approved site security plan shall be exercised solely by the Secretary or a designee of the Secretary within the Department.

    ``(E) Standards for auditors and inspectors.--The Secretary shall prescribe standards for the training and retraining of each individual used by the Department as an auditor or inspector, including each individual employed by the Department and all nondepartmental or nongovernmental personnel, including-- ``(i) minimum training requirements for new auditors and inspectors; ``(ii) retraining requirements; ``(iii) minimum education and experience levels; ``(iv) the submission of information as required by the Secretary to enable determination of whether the auditor or inspector has a conflict of interest; ``(v) the proper certification or certifications necessary to handle chemical-terrorism vulnerability information (as defined in section 27.105 of title 6, Code of Federal Regulations, or any successor thereto); ``(vi) the reporting of any issue of non-compliance with this section to the Secretary within 24 hours; and ``(vii) any additional qualifications for fitness of duty as the Secretary may require.

    ``(F) Conditions for nongovernmental auditors and inspectors.--If the Secretary arranges for an audit or inspection under subparagraph (B) to be carried out by a nongovernmental entity, the Secretary shall-- ``(i) prescribe standards for the qualification of the individuals who carry out such audits and inspections that are commensurate with the standards for similar Government auditors or inspectors; and ``(ii) ensure that any duties carried out by a nongovernmental entity are not inherently governmental functions.

    ``(2) Personnel surety.-- ``(A) Personnel surety program.--For purposes of this title, the Secretary shall establish and carry out a Personnel Surety Program that-- ``(i) does not require an owner or operator of a covered chemical facility that voluntarily participates in the program to submit information about an individual more than 1 time; ``(ii) provides a participating owner or operator of a covered chemical facility with relevant information about an individual based on vetting the individual against the terrorist screening database, to the extent that such feedback is necessary for the facility to be in compliance with regulations promulgated under this title; and ``(iii) provides redress to an individual-- ``(I) whose information was vetted against the terrorist screening database under the program; and ``(II) who believes that the personally identifiable information submitted to the Department for such vetting by a covered chemical facility, or its designated representative, was inaccurate.

    ``(B) Personnel surety program implementation.--To the extent that a risk-based performance standard established under subsection (a) requires identifying individuals with ties to terrorism-- ``(i) a covered chemical facility-- ``(I) may satisfy its obligation under the standard by using any Federal screening program that periodically vets individuals against the terrorist screening database, or any successor program, including the Personnel Surety Program established under subparagraph (A); and ``(II) shall-- ``(aa) accept a credential from a Federal screening program described in subclause (I) if an individual who is required to be screened presents such a credential; and ``(bb) address in its site security plan or alternative security program the measures it will take to verify that a credential or documentation from a Federal screening program described in subclause (I) is current; ``(ii) visual inspection shall be sufficient to meet the requirement under clause (i)(II)(bb), but the facility should consider other means of verification, consistent with the facility's assessment of the threat posed by acceptance of such credentials; and ``(iii) the Secretary may not require a covered chemical facility to submit any information about an individual unless the individual-- ``(I) is to be vetted under the Personnel Surety Program; or ``(II) has been identified as presenting a terrorism security risk.

    ``(C) Rights unaffected.--Nothing in this section shall supersede the ability-- ``(i) of a facility to maintain its own policies regarding the access of individuals to restricted areas or critical assets; or ``(ii) of an employing facility and a bargaining agent, where applicable, to negotiate as to how the results of a background check may be used by the facility with respect to employment status.

    ``(3) Availability of information.--The Secretary shall share with the owner or operator of a covered chemical facility any information that the owner or operator needs to comply with this section.

    ``(e) Responsibilities of the Secretary.-- ``(1) Identification of chemical facilities of interest.-- In carrying out this title, the Secretary shall consult with the heads of other Federal agencies, States and political subdivisions thereof, relevant business associations, and public and private labor organizations to identify all chemical facilities of interest.

    ``(2) Risk assessment.-- ``(A) In general.--For purposes of this title, the Secretary shall develop a security risk assessment approach and corresponding tiering methodology for covered chemical facilities that incorporates the relevant elements of risk, including threat, vulnerability, and consequence.

    ``(B) Criteria for determining security risk.--The criteria for determining the security risk of terrorism associated with a covered chemical facility shall take into account-- ``(i) relevant threat information; ``(ii) potential severe economic consequences and the potential loss of human life in the event of the facility being subject to attack, compromise, infiltration, or exploitation by terrorists; and [[Page H9056]] ``(iii) vulnerability of the facility to attack, compromise, infiltration, or exploitation by terrorists.

    ``(3) Changes in tiering.-- ``(A) Maintenance of records.--The Secretary shall document the basis for each instance in which-- ``(i) tiering for a covered chemical facility is changed; or ``(ii) a covered chemical facility is determined to no longer be subject to the requirements under this title.

    ``(B) Required information.--The records maintained under subparagraph (A) shall include information on whether and how the Secretary confirmed the information that was the basis for the change or determination described in subparagraph (A).

    ``(4) Semiannual performance reporting.--Not later than 6 months after the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014, and not less frequently than once every 6 months thereafter, the Secretary shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security and the Committee on Energy and Commerce of the House of Representatives a report that includes, for the period covered by the report-- ``(A) the number of covered chemical facilities in the United States; ``(B) information-- ``(i) describing-- ``(I) the number of instances in which the Secretary-- ``(aa) placed a covered chemical facility in a lower risk tier; or ``(bb) determined that a facility that had previously met the criteria for a covered chemical facility under section 2101(3) no longer met the criteria; and ``(II) the basis, in summary form, for each action or determination under subclause (I); and ``(ii) that is provided in a sufficiently anonymized form to ensure that the information does not identify any specific facility or company as the source of the information when viewed alone or in combination with other public information; ``(C) the average number of days spent reviewing site security or an alternative security program for a covered chemical facility prior to approval; ``(D) the number of covered chemical facilities inspected; ``(E) the average number of covered chemical facilities inspected per inspector; and ``(F) any other information that the Secretary determines will be helpful to Congress in evaluating the performance of the Chemical Facility Anti-Terrorism Standards Program.

    ``SEC. 2103. PROTECTION AND SHARING OF INFORMATION.

    ``(a) In General.--Notwithstanding any other provision of law, information developed under this title, including vulnerability assessments, site security plans, and other security related information, records, and documents shall be given protections from public disclosure consistent with the protection of similar information under section 70103(d) of title 46, United States Code.

    ``(b) Sharing of Information With States and Local Governments.--Nothing in this section shall be construed to prohibit the sharing of information developed under this title, as the Secretary determines appropriate, with State and local government officials possessing a need to know and the necessary security clearances, including law enforcement officials and first responders, for the purpose of carrying out this title, provided that such information may not be disclosed pursuant to any State or local law.

    ``(c) Sharing of Information With First Responders.-- ``(1) Requirement.--The Secretary shall provide to State, local, and regional fusion centers (as that term is defined in section 210A(j)(1)) and State and local government officials, as the Secretary determines appropriate, such information as is necessary to help ensure that first responders are properly prepared and provided with the situational awareness needed to respond to security incidents at covered chemical facilities.

    ``(2) Dissemination.--The Secretary shall disseminate information under paragraph (1) through a medium or system determined by the Secretary to be appropriate to ensure the secure and expeditious dissemination of such information to necessary selected individuals.

    ``(d) Enforcement Proceedings.--In any proceeding to enforce this section, vulnerability assessments, site security plans, and other information submitted to or obtained by the Secretary under this title, and related vulnerability or security information, shall be treated as if the information were classified information.

    ``(e) Availability of Information.--Notwithstanding any other provision of law (including section 552(b)(3) of title 5, United States Code), section 552 of title 5, United States Code (commonly known as the `Freedom of Information Act') shall not apply to information protected from public disclosure pursuant to subsection (a) of this section.

    ``(f) Sharing of Information With Members of Congress.-- Nothing in this section shall prohibit the Secretary from disclosing information developed under this title to a Member of Congress in response to a request by a Member of Congress.

    ``SEC. 2104. CIVIL ENFORCEMENT.

    ``(a) Notice of Noncompliance.-- ``(1) Notice.--If the Secretary determines that a covered chemical facility is not in compliance with this title, the Secretary shall-- ``(A) provide the owner or operator of the facility with-- ``(i) not later than 14 days after date on which the Secretary makes the determination, a written notification of noncompliance that includes a clear explanation of any deficiency in the security vulnerability assessment or site security plan; and ``(ii) an opportunity for consultation with the Secretary or the Secretary's designee; and ``(B) issue to the owner or operator of the facility an order to comply with this title by a date specified by the Secretary in the order, which date shall be not later than 180 days after the date on which the Secretary issues the order.

    ``(2) Continued noncompliance.--If an owner or operator remains noncompliant after the procedures outlined in paragraph (1) have been executed, or demonstrates repeated violations of this title, the Secretary may enter an order in accordance with this section assessing a civil penalty, an order to cease operations, or both.

    ``(b) Civil Penalties.-- ``(1) Violations of orders.--Any person who violates an order issued under this title shall be liable for a civil penalty under section 70119(a) of title 46, United States Code.

    ``(2) Non-reporting chemical facilities of interest.--Any owner of a chemical facility of interest who fails to comply with, or knowingly submits false information under, this title or the CFATS regulations shall be liable for a civil penalty under section 70119(a) of title 46, United States Code.

    ``(c) Emergency Orders.-- ``(1) In general.--Notwithstanding subsection (a) or any site security plan or alternative security program approved under this title, if the Secretary determines that there is an imminent threat of death, serious illness, or severe personal injury, due to a violation of this title or the risk of a terrorist incident that may affect a chemical facility of interest, the Secretary-- ``(A) shall consult with the facility, if practicable, on steps to mitigate the risk; and ``(B) may order the facility, without notice or opportunity for a hearing, effective immediately or as soon as practicable, to-- ``(i) implement appropriate emergency security measures; or ``(ii) cease or reduce some or all operations, in accordance with safe shutdown procedures, if the Secretary determines that such a cessation or reduction of operations is the most appropriate means to address the risk.

    ``(2) Limitation on delegation.--The Secretary may not delegate the authority under paragraph (1) to any official other than the Under Secretary responsible for overseeing critical infrastructure protection, cybersecurity, and other related programs of the Department appointed under section 103(a)(1)(H).

    ``(3) Limitation on authority.--The Secretary may exercise the authority under this subsection only to the extent necessary to abate the imminent threat determination under paragraph (1).

    ``(4) Due process for facility owner or operator.-- ``(A) Written orders.--An order issued by the Secretary under paragraph (1) shall be in the form of a written emergency order that-- ``(i) describes the violation or risk that creates the imminent threat; ``(ii) states the security measures or order issued or imposed; and ``(iii) describes the standards and procedures for obtaining relief from the order.

    ``(B) Opportunity for review.--After issuing an order under paragraph (1) with respect to a chemical facility of interest, the Secretary shall provide for review of the order under section 554 of title 5 if a petition for review is filed not later than 20 days after the date on which the Secretary issues the order.

    ``(C) Expiration of effectiveness of order.--If a petition for review of an order is filed under subparagraph (B) and the review under that paragraph is not completed by the last day of the 30-day period beginning on the date on which the petition is filed, the order shall vacate automatically at the end of that period unless the Secretary determines, in writing, that the imminent threat providing a basis for the order continues to exist.

    ``(d) Right of Action.--Nothing in this title confers upon any person except the Secretary or his or her designee a right of action against an owner or operator of a covered chemical facility to enforce any provision of this title.

    ``SEC. 2105. WHISTLEBLOWER PROTECTIONS.

    ``(a) Procedure for Reporting Problems.-- ``(1) Establishment of a reporting procedure.--Not later than 180 days after the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014, the Secretary shall establish, and provide information to the public regarding, a procedure under which any employee or contractor of a chemical facility of interest may submit a report to the Secretary regarding a violation of a requirement under this title.

    ``(2) Confidentiality.--The Secretary shall keep confidential the identity of an individual who submits a report under paragraph (1) and any such report shall be treated as a record containing protected information to the extent that the report does not consist of publicly available information.

    ``(3) Acknowledgment of receipt.--If a report submitted under paragraph (1) identifies the individual making the report, the Secretary shall promptly respond to the individual directly and shall promptly acknowledge receipt of the report.

    ``(4) Steps to address problems.--The Secretary-- ``(A) shall review and consider the information provided in any report submitted under paragraph (1); and ``(B) may take action under section 2104 of this title if necessary to address any substantiated violation of a requirement under this title identified in the report.

    [[Page H9057]] ``(5) Due process for facility owner or operator.-- ``(A) In general.--If, upon the review described in paragraph (4), the Secretary determines that a violation of a provision of this title, or a regulation prescribed under this title, has occurred, the Secretary may-- ``(i) institute a civil enforcement under section 2104(a) of this title; or ``(ii) if the Secretary makes the determination under section 2104(c), issue an emergency order.

    ``(B) Written orders.--The action of the Secretary under paragraph (4) shall be in a written form that-- ``(i) describes the violation; ``(ii) states the authority under which the Secretary is proceeding; and ``(iii) describes the standards and procedures for obtaining relief from the order.

    ``(C) Opportunity for review.--After taking action under paragraph (4), the Secretary shall provide for review of the action if a petition for review is filed within 20 calendar days of the date of issuance of the order for the action.

    ``(D) Expiration of effectiveness of order.--If a petition for review of an action is filed under subparagraph (C) and the review under that subparagraph is not completed by the end of the 30-day period beginning on the date the petition is filed, the action shall cease to be effective at the end of such period unless the Secretary determines, in writing, that the violation providing a basis for the action continues to exist.

    ``(6) Retaliation prohibited.-- ``(A) In general.--An owner or operator of a chemical facility of interest or agent thereof may not discharge an employee or otherwise discriminate against an employee with respect to the compensation provided to, or terms, conditions, or privileges of the employment of, the employee because the employee (or an individual acting pursuant to a request of the employee) submitted a report under paragraph (1).

    ``(B) Exception.--An employee shall not be entitled to the protections under this section if the employee-- ``(i) knowingly and willfully makes any false, fictitious, or fraudulent statement or representation; or ``(ii) uses any false writing or document knowing the writing or document contains any false, fictitious, or fraudulent statement or entry.

    ``(b) Protected Disclosures.--Nothing in this title shall be construed to limit the right of an individual to make any disclosure-- ``(1) protected or authorized under section 2302(b)(8) or 7211 of title 5, United States Code; ``(2) protected under any other Federal or State law that shields the disclosing individual against retaliation or discrimination for having made the disclosure in the public interest; or ``(3) to the Special Counsel of an agency, the inspector general of an agency, or any other employee designated by the head of an agency to receive disclosures similar to the disclosures described in paragraphs (1) and (2).

    ``(c) Publication of Rights.--The Secretary, in partnership with industry associations and labor organizations, shall make publicly available both physically and online the rights that an individual who discloses information, including security-sensitive information, regarding problems, deficiencies, or vulnerabilities at a covered chemical facility would have under Federal whistleblower protection laws or this title.

    ``(d) Protected Information.--All information contained in a report made under this subsection (a) shall be protected in accordance with section 2103.

    ``SEC. 2106. RELATIONSHIP TO OTHER LAWS.

    ``(a) Other Federal Laws.--Nothing in this title shall be construed to supersede, amend, alter, or affect any Federal law that-- ``(1) regulates (including by requiring information to be submitted or made available) the manufacture, distribution in commerce, use, handling, sale, other treatment, or disposal of chemical substances or mixtures; or ``(2) authorizes or requires the disclosure of any record or information obtained from a chemical facility under any law other than this title.

    ``(b) States and Political Subdivisions.--This title shall not preclude or deny any right of any State or political subdivision thereof to adopt or enforce any regulation, requirement, or standard of performance with respect to chemical facility security that is more stringent than a regulation, requirement, or standard of performance issued under this section, or otherwise impair any right or jurisdiction of any State with respect to chemical facilities within that State, unless there is an actual conflict between this section and the law of that State.

    ``SEC. 2107. CFATS REGULATIONS.

    ``(a) General Authority.--The Secretary may, in accordance with chapter 5 of title 5, United States Code, promulgate regulations or amend existing CFATS regulations to implement the provisions under this title.

    ``(b) Existing CFATS Regulations.-- ``(1) In general.--Notwithstanding section 4(b) of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014, each existing CFATS regulation shall remain in effect unless the Secretary amends, consolidates, or repeals the regulation.

    ``(2) Repeal.--Not later than 30 days after the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014, the Secretary shall repeal any existing CFATS regulation that the Secretary determines is duplicative of, or conflicts with, this title.

    ``(c) Authority.--The Secretary shall exclusively rely upon authority provided under this title in-- ``(1) determining compliance with this title; ``(2) identifying chemicals of interest; and ``(3) determining security risk associated with a chemical facility.

    ``SEC. 2108. SMALL COVERED CHEMICAL FACILITIES.

    ``(a) Definition.--In this section, the term `small covered chemical facility' means a covered chemical facility that-- ``(1) has fewer than 100 employees employed at the covered chemical facility; and ``(2) is owned and operated by a small business concern (as defined in section 3 of the Small Business Act (15 U.S.C. 632)).

    ``(b) Assistance to Facilities.--The Secretary may provide guidance and, as appropriate, tools, methodologies, or computer software, to assist small covered chemical facilities in developing the physical security, cybersecurity, recordkeeping, and reporting procedures required under this title.

    ``(c) Report.--The Secretary shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security and the Committee on Energy and Commerce of the House of Representatives a report on best practices that may assist small covered chemical facilities in development of physical security best practices.

    ``SEC. 2109. OUTREACH TO CHEMICAL FACILITIES OF INTEREST.

    ``Not later than 90 days after the date of enactment of the Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014, the Secretary shall establish an outreach implementation plan, in coordination with the heads of other appropriate Federal and State agencies, relevant business associations, and public and private labor organizations, to-- ``(1) identify chemical facilities of interest; and ``(2) make available compliance assistance materials and information on education and training.''.

    (b) Clerical Amendment.--The table of contents in section 1(b) of the Homeland Security Act of 2002 (Public Law 107- 196; 116 Stat. 2135) is amended by adding at the end the following: ``TITLE XXI--CHEMICAL FACILITY ANTI-TERRORISM STANDARDS ``Sec. 2101. Definitions.

    ``Sec. 2102. Chemical Facility Anti-Terrorism Standards Program.

    ``Sec. 2103. Protection and sharing of information.- ``Sec. 2104. Civil enforcement.

    ``Sec. 2105. Whistleblower protections.

    ``Sec. 2106. Relationship to other laws.

    ``Sec. 2107. CFATS regulations.

    ``Sec. 2108. Small covered chemical facilities.

    ``Sec. 2109. Outreach to chemical facilities of interest.''.

    SEC. 3. ASSESSMENT; REPORTS.

    (a) Definitions.--In this section-- (1) the term ``Chemical Facility Anti-Terrorism Standards Program'' means-- (A) the Chemical Facility Anti-Terrorism Standards program initially authorized under section 550 of the Department of Homeland Security Appropriations Act, 2007 (Public Law 109- 295; 6 U.S.C. 121 note); and (B) the Chemical Facility Anti-Terrorism Standards Program subsequently authorized under section 2102(a) of the Homeland Security Act of 2002, as added by section 2; (2) the term ``Department'' means the Department of Homeland Security; and (3) the term ``Secretary'' means the Secretary of Homeland Security.

    (b) Third-party Assessment.--Using amounts appropriated to the Department before the date of enactment of this Act, the Secretary shall commission a third-party study to assess vulnerabilities of covered chemical facilities, as defined in section 2101 of the Homeland Security Act of 2002 (as added by section 2), to acts of terrorism.

    (c) Reports.-- (1) Report to congress.--Not later than 18 months after the date of enactment of this Act, the Secretary shall submit to the Committee on Homeland Security and Governmental Affairs of the Senate and the Committee on Homeland Security and the Committee on Energy and Commerce of the House of Representatives a report on the Chemical Facility Anti- Terrorism Standards Program that includes-- (A) a certification by the Secretary that the Secretary has made significant progress in the identification of all chemical facilities of interest under section 2102(e)(1) of the Homeland Security Act of 2002, as added by section 2, including-- (i) a description of the steps taken to achieve that progress and the metrics used to measure the progress; (ii) information on whether facilities that submitted Top- Screens as a result of the identification of chemical facilities of interest were tiered and in what tiers those facilities were placed; and (iii) an action plan to better identify chemical facilities of interest and bring those facilities into compliance with title XXI of the Homeland Security Act of 2002, as added by section 2; (B) a certification by the Secretary that the Secretary has developed a risk assessment approach and corresponding tiering methodology under section 2102(e)(2) of the Homeland Security Act of 2002, as added by section 2; (C) an assessment by the Secretary of the implementation by the Department of the recommendations made by the Homeland Security Studies and Analysis Institute as outlined in the Institute's Tiering Methodology Peer Review (Publication Number: RP12-22-02); and (D) a description of best practices that may assist small covered chemical facilities, as defined in section 2108(a) of the Homeland Security Act of 2002, as added by section 2, in the development of physical security best practices.

    (2) Annual gao report.-- (A) In general.--During the 3-year period beginning on the date of enactment of this Act, [[Page H9058]] the Comptroller General of the United States shall submit to Congress an annual report that assesses the implementation of this Act and the amendments made by this Act.

    (B) Initial report.--Not later than 180 days after the date of enactment of this Act, the Comptroller General shall submit to Congress the first report under subparagraph (A).

    (C) Second annual report.--Not later than 1 year after the date of the initial report required under subparagraph (B), the Comptroller General shall submit to Congress the second report under subparagraph (A), which shall include an assessment of the whistleblower protections provided under section 2105 of the Homeland Security Act of 2002, as added by section 2, and-- (i) describes the number and type of problems, deficiencies, and vulnerabilities with respect to which reports have been submitted under such section 2105; (ii) evaluates the efforts of the Secretary in addressing the problems, deficiencies, and vulnerabilities described in subsection (a)(1) of such section 2105; and (iii) evaluates the efforts of the Secretary to inform individuals of their rights, as required under subsection (c) of such section 2105.

    (D) Third annual report.--Not later than 1 year after the date on which the Comptroller General submits the second report required under subparagraph (A), the Comptroller General shall submit to Congress the third report under subparagraph (A), which shall include an assessment of-- (i) the expedited approval program authorized under section 2102(c)(4) of the Homeland Security Act of 2002, as added by section 2; and (ii) the report on the expedited approval program submitted by the Secretary under subparagraph (I)(ii) of such section 2102(c)(4).

    SEC. 4. EFFECTIVE DATE; CONFORMING REPEAL.

    (a) Effective Date.--This Act, and the amendments made by this Act, shall take effect on the date that is 30 days after the date of enactment of this Act.

    (b) Conforming Repeal.--Section 550 of the Department of Homeland Security Appropriations Act, 2007 (Public Law 109- 295; 120 Stat. 1388), is repealed as of the effective date of this Act.

    SEC. 5. TERMINATION.

    The authority provided under title XXI of the Homeland Security Act of 2002, as added by section 2(a), shall terminate on the date that is 4 years after the effective date of this Act.

    The SPEAKER pro tempore. Pursuant to the rule, the gentleman from Pennsylvania (Mr. Meehan) and the gentleman from Mississippi (Mr. Thompson) each will control 20 minutes.

    The Chair recognizes the gentleman from Pennsylvania.

    General Leave

  • submit to reddit
  • Register your constituent account to respond

    Constituent Register