Bill summaries are authored by CRS.

Shown Here:
Public Law (12/18/2014)

(This measure has not been amended since it was passed by the Senate on December 10, 2014. The summary of that version is repeated here.)

Protecting and Securing Chemical Facilities from Terrorist Attacks Act of 2014 - Amends the Homeland Security Act of 2002 to: (1) reestablish the Chemical Facility Anti-Terrorism Standards (CFATS) Program in the Department of Homeland Security (DHS), and (2) authorize such Program for four years.

Directs the Secretary of Homeland Security to:

  • identify chemical facilities of interest and covered chemical facilities;
  • require each chemical facility of interest to submit a Top-Screen and any other information the Secretary determines necessary to enable DHS to assess the facility's security risks;
  • establish risk-based performance standards designed to address high levels of security risk at covered chemical facilities; and
  • require each covered chemical facility to submit a security vulnerability assessment and develop, submit, and implement a site security plan..

Defines: (1) a "chemical facility of interest" to mean a facility that holds a chemical of interest at a threshold quantity set pursuant to relevant risk-related security principles and that is not an excluded facility; (2) a "covered chemical facility" to mean a chemical facility of interest that the Secretary determines meets risk criteria under this Act based upon a review of the facility's Top-Screen; and (3) an "excluded facility" to mean a facility regulated under the Maritime Transportation Security Act of 2002, a public water system, a treatment works, a facility owned or operated by the Department of Defense (DOD) or the Department of Energy (DOE), or a facility subject to regulation by the Nuclear Regulatory Commission (NRC).

Requires a covered chemical facility, in developing a site security plan, to include security measures that appropriately address the security vulnerability assessment and the risk-based performance standards for security for the facility.

Directs the Secretary to review and approve or disapprove each site security plan. Authorizes the Secretary to approve an alternative security program established by a private sector entity or a federal, state, or local authority that meets the requirements of this Act.

Provides for expedited approval of site security plans for covered chemical facilities assigned to tier 3 or 4 (expedited approval facilities). Directs the Secretary to issue guidance for expedited approval facilities that identifies specific security measures that are sufficient to meet the risk-based performance standards. Requires the owner or operator of an expedited approval facility to certify that: (1) its site security plan includes required security measures, (2) such security measures do not materially deviate from such guidance except where indicated, (3) any deviations meet the risk-based performance standards for the tier to which the facility is assigned, (4) the owner or operator will commit necessary resources to fully implement the plan, and (5) planned measures include an adequate procedure for addressing events beyond the control of the owner or operator.

Authorizes the Secretary: (1) to audit and inspect an expedited approval facility to verify its compliance with its site security plan; (2) to enforce compliance with such plan; (3) to suspend the facility's authority to certify a site security plan upon determining that its plan is facially deficient; (4) upon determining that security measures in such plan are insufficient to meet risk-based performance standards, to require additional security measures or suspend the facility's certification and provide the facility an opportunity to submit a new or modified site security plan and certification; and (5) revoke a facility's certification if it does not agree to include recommended additional security measures in its site security plan or does not submit a new or modified plan. Prohibits a facility whose certification has been revoked from being eligible to certify a site security plan.

Authorizes the Secretary to develop prescriptive site security plan templates with specific security measures to meet risk-based performance standards for adoption and certification by a covered chemical facility assigned to tier 3 or 4 in lieu of developing and certifying its own plan.

Directs the Secretary, within 18 months after this Act's enactment, to evaluate the expedited approval program and report to specified congressional committees on any costs and efficiencies of such program and on its impact on the backlog for site security plan approval and authorization inspections and on the security of chemical facilities.

Directs the Secretary to: (1) conduct audits or inspections using DHS employees or nondepartmental or nongovernmental personnel approved by the Secretary, and (2) prescribe standards for the training and retraining of each individual used by DHS as an auditor or inspector.

Directs the Secretary to establish and carry out a Personnel Surety Program (a program used by covered chemical facilities to determine whether persons with access to their facility may have ties to terrorism) that: (1) does not require an owner or operator of a facility that voluntarily participates in the Program to submit information about an individual more than one time, (2) provides a participating owner or operator with relevant information based on vetting the individual against the terrorist screening database, and (3) provides redress to an individual who believes that the personally identifiable information submitted to DHS by a facility for such vetting was inaccurate.

Requires the Secretary to consult with the heads of other federal agencies, states, political subdivisions, relevant business associations, and public and private labor organizations to identify all chemical facilities of interest.

Directs the Secretary to develop a security risk assessment approach and corresponding tiering methodology for covered chemical facilities that incorporates the relevant elements of risk, including threat, vulnerability, and consequence. Requires the criteria for determining the security risk of terrorism associated with a covered chemical facility to take into account: (1) relevant threat information; (2) potential economic consequences and the potential loss of human life in the event of the facility being subject to an act of terrorism; and (3) vulnerability of the facility to an act of terrorism.

Requires the Secretary to document the basis for each instance in which: (1) tiering for a covered chemical facility is changed, or (2) a covered chemical facility is determined to no longer be subject to the requirements under this Act.

Directs the Secretary to report every six months on: (1) the number of covered chemical facilities in the United States, (2) the number of instances in which the Secretary placed a facility in a lower risk tier or determined that a facility that had previously met the criteria for a covered chemical facility no longer met the criteria, (3) the average number of days spent reviewing site security or an alternative security program for a covered chemical facility prior to approval, and (4) the number of facilities inspected and the average number of facilities inspected per inspector.

Requires that information developed under this Act be given protection from public disclosure consistent with the protection of similar information in the National Maritime Transportation Security Plan. Exempts any such protected information from disclosure under the Freedom of Information Act.

Permits the sharing of information under this Act, as the Secretary determines appropriate, with state and local government officials possessing a need to know and the necessary security clearances, including law enforcement officials and first responders. Directs the Secretary to provide to state, local, and regional fusion centers and state and local government officials such information as is necessary to help ensure that first responders are properly prepared and provided with the situational awareness needed to respond to security incidents at covered chemical facilities.

Directs the Secretary, upon determining that a covered chemical facility is not in compliance with this Act, to: (1) provide the facility owner or operator a written notification of noncompliance that includes a clear explanation of any deficiency in the security vulnerability assessment or site security plan and an opportunity for consultation with the Secretary; and (2) issue to the owner or operator an order to comply by a specified date. Authorizes the Secretary to enter an order assessing a civil penalty, an order to cease operations, or both if an owner or operator continues to be in noncompliance after such date. Directs the Secretary, upon determining that there is a reasonable likelihood that a violation of this Act or the CFATS regulations by a chemical facility could result in death, serious illness, severe personal injury, or substantial endangerment to the public, to direct the facility to cease some or all operations or to implement appropriate emergency security measures.

Directs the Secretary to:

  • establish a procedure under which any employee or contractor of a chemical facility of interest may report a violation of a requirement under this Act,
  • keep confidential the identity of an individual who makes such a report and treat any such report as protected information to the extent it does not consist of publicly available information,
  • respond to and acknowledge receipt of the report promptly, and
  • review the information provided in such report and take steps necessary to address any violation.

Prohibits an owner or operator of a covered chemical facility from discharging or otherwise discriminating against an employee because the employee makes such a report, with exceptions for reports involving fraudulent statements or documents.

Directs the Secretary to make publicly available the rights that an individual who discloses information regarding problems, deficiencies, or vulnerabilities at a covered chemical facility would have under federal whistleblower protection laws or this Act.

Authorizes the Secretary to promulgate regulations or amend existing CFATS regulations to implement this Act. Provides that each existing CFATS regulation shall remain in effect unless the Secretary amends, consolidates, or repeals it. Directs the Secretary to repeal any existing CFATS regulation that is duplicative of, or that conflicts with, this Act.

Authorizes the Secretary to provide guidance and tools, methodologies, or computer software to assist small covered chemical facilities (chemical facilities with fewer than 100 employees that are owned and operated by a small business concern) in developing physical security, cybersecurity, recordkeeping, and reporting procedures required under this Act. Directs the Secretary to report on best practices that may assist such facilities in the development of physical security best practices.

Directs the Secretary to: (1) establish an outreach implementation plan to identify chemical facilities of interest and make available compliance assistance materials and information on education and training, and (2) commission a third-party study to assess vulnerabilities of covered chemical facilities to acts of terrorism.

Requires the Secretary, within 18 months after enactment of this Act, to report to specified congressional committees on the Chemical Facility Anti-Terrorism Standards Program, including: (1) a certification that the Secretary has made significant progress in the identification of all chemical facilities of interest, (2) a certification that the Secretary has developed a risk assessment approach and corresponding tiering methodology, (3) an assessment of DHS implementation of the recommendations made by the Homeland Security Studies and Analysis Institute as outlined in the Institute's Tiering Methodology Peer Review, and (4) a description of best practices that may assist small covered chemical facilities in the development of physical security best practices.

Requires the Comptroller General, during the three-year period beginning with this Act's enactment, to submit annual reports assessing the implementation of this Act.