Certifications and Regulatory Expertise
As part of the Homeland Security Act of 2002, Public Law 107-296, Congress enacted the Support Anti-Terrorism by Fostering Effective Technologies Act (SAFETY Act) of 2002. The SAFETY Act provides incentives for the development and deployment of anti-terrorism technologies by creating systems of risk and litigation management. The program is managed by the Office of SAFETY Act Implementation within the Science and Technology Directorate. The Under Secretary for Science and Technology is the deciding official for SAFETY Act applications.
The Maritime Transportation Security Act of 2002 (MTSA), signed on November 25, 2002, is designed to protect the nation’s ports and waterways from a terrorist attack. It requires vessels and port facilities to conduct vulnerability assessments and develop security plans that may include passenger, vehicle and baggage screening procedures; security patrols; establishing restricted areas; personnel identification procedures; access control measures; and/or installation of surveillance equipment.
The NERC CIP (North American Electric Reliability Corporation critical infrastructure protection) plan is a set of requirements designed to secure the assets required for operating North America's bulk electric system. The NERC CIP plan consists of 9 standards and 45 requirements covering the security of electronic perimeters and the protection of critical cyber assets as well as personnel and training, security management and disaster recovery planning.
The Federal Energy Regulatory Commission, or FERC, is an independent agency that regulates the interstate transmission of electricity, natural gas, and oil. FERC also reviews proposals to build liquefied natural gas (LNG) terminals and interstate natural gas pipelines as well as licensing hydropower projects. The Energy Policy Act of 2005 gave FERC additional responsibilities as outlined and updated Strategic Plan.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the Secretary of the U.S. Department of Health and Human Services (HHS) to develop regulations protecting the privacy and security of certain health information. The goal of the Security Rule is to protect the privacy of individuals’ health information while allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care.