ML112101776: Difference between revisions
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
StriderTol (talk | contribs) (Created page by program invented by StriderTol) |
||
| Line 18: | Line 18: | ||
=Text= | =Text= | ||
{{#Wiki_filter:UNITED STATES | {{#Wiki_filter:UNITED STATES | ||
NUCLEAR REGULATORY COMMISSION | |||
REGION II | |||
245 PEACHTREE CENTER AVENUE NE, SUITE 1200 | |||
-1257 July 28, 2011 | ATLANTA, GEORGIA 30303-1257 | ||
July 28, 2011 | |||
- Nuclear Operations | Mr. Thomas D. Gatlin | ||
Vice President - Nuclear Operations | |||
South Carolina Electric & Gas Company | |||
Virgil C. Summer Nuclear Station | |||
P.O. Box 88 | |||
Jenkinsville, SC 29065 | |||
STATION) | SUBJECT: UPDATE OF NUCLEAR REGULATORY COMMISSION (NRC) DISTRIBUTION | ||
LIST FOR DOCUMENTS CONTAINING SAFEGUARDS (SGI), OFFICIAL USE | |||
I am writing to request current information on those individuals authorized to receive documents containing Safeguards (SGI), Official Use Only (OUO), and Routine information on issues relating to your facility. | ONLY (OUO), AND ROUTINE INFORMATION (VIRGIL C. SUMMER NUCLEAR | ||
STATION) | |||
information (e.g., privacy and proprietary information). | Dear Mr. Gatlin: | ||
I am writing to request current information on those individuals authorized to receive documents | |||
-to-know basis. | containing Safeguards (SGI), Official Use Only (OUO), and Routine information on issues | ||
relating to your facility. Safeguards information is a special category of sensitive unclassified | |||
information authorized by Section 147 of the Atomic Energy Act of 1954, as amended (the Act), | |||
-0001; with a copy to the Regional Administrator Region II, so that we can verify and/or update our distribution | to be protected. While SGI is considered sensitive unclassified information, it is handled and | ||
information. | protected more like classified confidential information than like other sensitive unclassified | ||
information (e.g., privacy and proprietary information). | |||
NRC Regulatory Issue Summary 2005 | Access to SGI is controlled by a valid need-to-know basis. It is the responsibility of the NRC to | ||
-26 defining control of sensitive unclassified non | maintain the integrity of SGI distribution, therefore we are currently in the process of verifying | ||
the identity, and contact information of individuals designated to receive documents with SGI, | |||
OUO, and Routine information for your facility. | |||
You are requested to provide an updated distribution list of those persons who should receive | |||
documents containing SGI, OUO, and Routine information within 20 days of the date of this | |||
letter to: ATTN: Document Control Desk, Washington, D.C. 20555-0001; with a copy to the | |||
Regional Administrator Region II, so that we can verify and/or update our distribution | |||
information. | |||
Please ensure that each list clearly specifies the individuals who are authorized to receive | |||
matter specific correspondence. To facilitate this request, I have enclosed a copy of the NRCs | |||
official distribution list on file, which has been organized by category. Additionally, you will find | |||
NRC Regulatory Issue Summary 2005-26 defining control of sensitive unclassified non- | |||
safeguards information related to nuclear power reactors, and NRC Regulatory Issue Summary | |||
2003-08, Summary of Safeguards Information Requirements. | |||
SCE&G 2 | |||
In accordance with 10 CFR 2.390 of the NRCs Rules of Practice, a copy of this letter and its | |||
enclosures will be available electronically for public inspection in the NRC Public Document | |||
Room or from the Publicly Available Records (PARS) component of NRCs document system | |||
SCE&G 2 | (ADAMS). ADAMS is accessible from the NRC Web site at http://www.nrc.gov/reading- | ||
rm/adams.html (the Public Electronic Room). | |||
Should you have any questions concerning this letter, please contact us. | Should you have any questions concerning this letter, please contact us. | ||
Sincerely, | |||
/ RA / | |||
Michael E. Ernstes, Chief | |||
Plant Support Branch 2 | |||
Division of Reactor Safety | |||
Docket No.: 50-395 | |||
License No.: NPF-12 | |||
Enclosure: | |||
1. Current Official Distribution List | |||
-26 3. NRC Regulatory Issue Summary 2003 | 2. NRC Regulatory Issue Summary 2005-26 | ||
-08 | 3. NRC Regulatory Issue Summary 2003-08 | ||
ML112101776 X SUNSI REVIEW COMPLETE X FORM 665 ATTACHED | |||
OFFICE RII: DRS RII: DRS RII:DRP | |||
SIGNATURE RA/ME For JC ME RA | |||
NAME J. CALLOWAY M. ERNSTES G. MCCOY | |||
DATE 07/27/22011 07/27/2011 07/27/2011 | |||
E-MAIL COPY? YES NO YES NO YES NO YES NO YES NO YES NO YES NO | |||
OFFICIAL DISTRIBUTION LIST | |||
Virgil C. Summer Nuclear Station | |||
ROUTINE DISTRIBUTION: | |||
cc w/encl: | |||
Division of Radiological Health Robert M. Fowlkes | |||
TN Dept. of Environment & Conservation General Manager | |||
401 Church Street Engineering Services | |||
Nashville, TN 37243-1532 South Carolina Electric & Gas Company | |||
Electronic Mail Distribution | |||
J. B. Archie | |||
Senior Vice President Senior Resident Inspector | |||
OFFICIAL DISTRIBUTION LIST | Nuclear Operations Virgil C. Summer Nuclear Station | ||
South Carolina Electric & Gas Company U.S. NRC | |||
Electronic Mail Distribution 576 Stairway Road | |||
Jenkinsville, SC 29065 | |||
Sandra Threatt, Manager | |||
Nuclear Response and Emergency R. J. White | |||
Environmental Surveillance Nuclear Coordinator | |||
Bureau of Land and Waste Management S.C. Public Service Authority Mail Code 802 | |||
Department of Health and Environmental Electronic Mail Distribution | |||
-1532 | Control | ||
Electronic Mail Distribution Robin R. Haselden | |||
General Manager | |||
Kathryn M. Sutton, Esq. Organizational Development & | |||
Morgan, Lewis & Bockius LLP Effectiveness | |||
Electronic Mail Distribution South Carolina Electric & Gas Company | |||
Electronic Mail Distribution | |||
Richard Haynes | |||
Director, Division of Waste Management George A. Lippard, III | |||
Control Electronic Mail Distribution | Bureau of Land and Waste Management General Manager | ||
S.C. Department of Health and Nuclear Plant Operations | |||
Environmental Control South Carolina Electric & Gas Company | |||
Electronic Mail Distribution Electronic Mail Distribution | |||
Mark Yeager Moses Coleman | |||
Division of Radioactive Waste Mgmt. Manager, Health Physics and Safety | |||
S.C. Department of Health and South Carolina Electric & Gas Company | |||
Environmental Control | Environmental Control Electronic Mail Distribution | ||
Electronic Mail Distribution | |||
Robert L. Justice | |||
Mark Yeager | Andy T. Barbee Manager | ||
Director Nuclear Operations | |||
Nuclear Training South Carolina Electric & Gas Company | |||
South Carolina Electric & Gas Company Electronic Mail Distribution | |||
Electronic Mail Distribution | |||
Donald D. Shue | |||
Bruce L. Thompson Manager | |||
Manager Maintenance Services | |||
Nuclear Licensing (Mail Code 830) South Carolina Electric & Gas Company | |||
South Carolina Electric & Gas Company Electronic Mail Distribution | |||
Electronic Mail Distribution | |||
Enclosure 1 | |||
OFFICIAL DISTRIBUTION LIST | |||
Virgil C. Summer Nuclear Station | |||
OFFICIAL USE ONLY (OUO) DISTRIBUTION | |||
cc w/encl: | |||
Bruce L. Thompson | |||
Manager | |||
Nuclear Licensing (Mail Code 830) | |||
South Carolina Electric & Gas Company | |||
Virgil C. Summer Nuclear Station | |||
P.O. Box 88 | |||
Jenkinsville, SC 29065 | |||
George A. Lippard, III | |||
General Manager | |||
Nuclear Plant Operations | |||
South Carolina Electric & Gas Company | |||
Virgil C. Summer Nuclear Station | |||
P.O. Box 88 | |||
Jenkinsville, SC 29065 | |||
R. J. White | R. J. White | ||
Nuclear Coordinator | |||
S.C. Public Service Authority Mail Code 802 | |||
Virgil C. Summer Nuclear Station | |||
P.O. Box 88 | |||
Jenkinsville, SC 29065 | |||
Enclosure 1 | |||
OFFICIAL DISTRIBUTION LIST | |||
Virgil C. Summer Nuclear Station | |||
SAFEGUARDS (SGI) DISTRIBUTION: | |||
cc w/encl: | |||
Bruce L. Thompson | |||
Manager | |||
Nuclear Licensing (Mail Code 830) | |||
South Carolina Electric & Gas Company | |||
Virgil C. Summer Nuclear Station | |||
P.O. Box 88 | |||
Jenkinsville, SC 29065 | |||
George A. Lippard, III | |||
General Manager | |||
Nuclear Plant Operations | |||
South Carolina Electric & Gas Company | |||
Virgil C. Summer Nuclear Station | |||
P.O. Box 88 | |||
Jenkinsville, SC 29065 | |||
cc w/Inspection Summary: | |||
OFFICIAL DISTRIBUTION LIST | |||
R. J. White | R. J. White | ||
Nuclear Coordinator | |||
S.C. Public Service Authority Mail Code 802 | |||
Virgil C. Summer Nuclear Station | |||
P.O. Box 88 | |||
Jenkinsville, SC 29065 | |||
Kathryn M. Sutton, Esq. | |||
Morgan, Lewis & Bockius LLP | |||
111 Pennsylvania Avenue, NW | |||
Washington, DC 20004 | |||
Richard Haynes | Richard Haynes | ||
Director, Division of Waste Management | |||
Bureau of Land and Waste Management | |||
S.C. Department of Health and Environmental Control | |||
2600 Bull Street | |||
Columbia, SC 29201 | |||
Enclosure 1 | |||
UNITED STATES | |||
NUCLEAR REGULATORY COMMISSION | |||
OFFICE OF NUCLEAR REACTOR REGULATION | |||
WASHINGTON, D.C. 20555-0001 | |||
November 7, 2005 | |||
NRC REGULATORY ISSUE SUMMARY 2005-26 | |||
CONTROL OF SENSITIVE UNCLASSIFIED NONSAFEGUARDS | |||
INFORMATION RELATED TO NUCLEAR POWER REACTORS | |||
ADDRESSEES | |||
All holders of operating licenses for nuclear power reactors and holders of and applicants for | |||
certificates for reactor designs. | |||
INTENT | |||
The U.S. Nuclear Regulatory Commission (NRC) is issuing this regulatory issue summary (RIS) | |||
to inform the addressees of the appropriate handling of information that warrants controls | |||
because of continuing concerns about terrorist attacks against the critical infrastructure of the | |||
United States. The NRC intends to balance its responsibility to preserve public access to | |||
information and support meaningful participation in NRCs regulatory processes against its | |||
responsibility to withhold information that might unnecessarily compromise the security of | |||
nuclear facilities. Licensees for operating nuclear power plants and reactor facility designers | |||
may need to assess their document control procedures to ensure they protect sensitive | |||
information. Although no specific action or written response is required, the NRC encourages | |||
the addressees for this RIS, vendors and contractors, and others who may possess sensitive | |||
information to destroy, mark, or otherwise control the information to avoid inadvertently | |||
providing assistance to those who might use the information for malevolent acts. | |||
BACKGROUND INFORMATION | |||
NRC traditionally has given the public access to a significant amount of information about the | |||
facilities and materials the agency regulates. Openness has been and remains a cornerstone | |||
of NRCs regulatory philosophy. The Atomic Energy Act, subsequent legislation, and various | |||
NRC regulations have given the public the right to participate in the licensing and oversight | |||
process for nuclear power reactors and other NRC licensees. To participate in a meaningful | |||
way, the public must have access to information about the design and operation of regulated | |||
facilities and use of nuclear materials. However, NRC and other Government agencies have | |||
always withheld some information from public disclosure for reasons of security, personal | |||
privacy, or commercial or trade secret protection. In light of increased terrorist activity | |||
worldwide, NRC reexamined its document disclosure policies. | |||
ML051430228 | ML051430228 | ||
Enclosure 2 | |||
RIS 2005-26 | |||
Page 2 of 5 | |||
Since the events of September 11, 2001, NRC has issued advisories and taken specific actions | |||
regarding the security of its licensed facilities. NRC has also assessed and revised its policies | |||
and practices for control of information so that information that could reasonably be expected to | |||
be useful to terrorists in planning or executing an attack against nuclear power plants or other | |||
NRC-licensed facilities will be withheld from public disclosure. The most recent and detailed | |||
guidance on the control of information related to operating nuclear power plants is provided in | |||
the Commission paper SECY-04-0191, Withholding Sensitive Unclassified Information | |||
Concerning Nuclear Power Reactors From Public Disclosure, dated October 19, 2004, and the | |||
associated staff requirements memorandum dated November 9, 2004. Also see | |||
SECY-05-0091, Task Force Report on Public Disclosure of Security-Related Information, | |||
dated May 18, 2005, and the associated staff requirements memorandum dated June 30, 2005. | |||
The NRC staff is preparing similar guidance for materials licensees and expects to make it | |||
available to the public in early 2006. | |||
SUMMARY OF ISSUE | |||
Considering the various reviews, legislation, and other changes since September 11, 2001, the | |||
NRC staff believes that clarifying NRCs current procedures and policies regarding the control | |||
of information will be beneficial to stakeholders. NRC will continue to make available to the | |||
public most of the information that the agency receives from or sends to its licensees. In | |||
addition, the public will have access to a large amount of information included in various reports | |||
produced by the NRC staff. Much of NRCs information also will be readily available to the | |||
public via the NRC Web site (www.nrc.gov) and the NRCs electronic document management | |||
system (ADAMS) (www.nrc.gov/reading-rm/adams.html). In addition, other information may be | |||
released to the public in response to formal or informal requests. The exceptions for certain | |||
information to be withheld from public disclosure for reasons other than security (e.g., privacy, | |||
proprietary, and pre-decisional information) have not changed as a result of recent events. The | |||
appropriate handling of Safeguards Information (SGI) is discussed in RIS-2003-08, Protection | |||
of Safeguards Information From Unauthorized Disclosure, dated April 30, 2003, and more | |||
specific SGI designation guidance documents. | |||
NRC withheld from public disclosure some information related to protecting operating nuclear | |||
power plants although it does not meet the existing criteria for designation as SGI. This type of | |||
information was recognized before September 11, 2001, and, when submitted to NRC by a | |||
licensee, was withheld from public disclosure according to the provisions of 10 CFR | |||
2.390(d)(1). This regulation states: | |||
(d) The following information is considered commercial or financial information within the | |||
meaning of §9.17(a)(4) of this chapter and is subject to disclosure only in accordance | |||
with the provisions of §9.19 of this chapter. | |||
(1) Correspondence and reports to or from the NRC which contain information or | |||
records concerning a licensees or applicants physical protection, classified matter | |||
protection, or material control and accounting program for special nuclear material not | |||
otherwise designated as Safeguards Information or classified as National Security | |||
Information or Restricted Data. | |||
Enclosure 2 | |||
RIS | RIS 2005-26 | ||
Page 3 of 5 | |||
NRC expects that licensees will continue to request NRC withhold some information citing | |||
10 CFR 2.390(d)(1) and that the volume of material requested to be withheld from public | |||
disclosure under this provision will increase as the NRC staff and licensees implement the | |||
guidance in this RIS. NRC changed its procedures shortly after September 11, 2001, to | |||
withhold from public disclosure various categories of documents likely to include individual | |||
records that warrant withholding under 10 CFR 2.390. The NRC staff will assess the need to | |||
withhold such document categories if licensees routinely identify specific documents containing | |||
sensitive information. The NRC staff will interact with licensees on a case-by-case basis | |||
regarding the use of the provisions of 10 CFR 2.390(d)(1) to assure that information is properly | |||
controlled, under either Section 2.390(d)(1) or one of the other Freedom of Information Act | |||
(FOIA) exemptions that might be applicable. Licensees that identify information to be withheld | |||
from public disclosure in accordance with 10 CFR 2.390(d)(1) or other provision in the | |||
regulation should use the same general practices as used for proprietary commercial or | |||
financial information. As shown on the attached diagram, the cover letter should clearly state | |||
that the document includes sensitive information and the affected pages should include the | |||
marking Security-Related Information Withhold Under 10 CFR 2.390. Unlike the | |||
requirements for withholding proprietary information, licensees are not required to provide an | |||
affidavit for sensitive information withheld under 10 CFR 2.390(d) and related to (1) physical | |||
protection or (2) material control and accounting. | |||
Most information received and generated by NRC deals with design, operations, or other | |||
matters not directly related to the physical security of nuclear facilities or radioactive materials. | |||
This information, if not protected as proprietary or under another exception, is generally made | |||
available to the public. After September 11, 2001, NRC and other Government agencies | |||
responded to concerns that some information easily available on public Web sites or by other | |||
means might be useful to terrorists. SECY-04-0191 provides the primary NRC guidance on | |||
whether information related to operating nuclear power plants should be withheld from public | |||
disclosure in light of the post-September 11 concerns. The NRC staff has posted the guidance | |||
and related material within the public reading room (http://www.nrc.gov/reading-rm.html) on the | |||
NRC Web site, and stakeholders can ask questions or make suggestions about the guidance | |||
and the examples. | |||
As discussed in SECY-04-0191, other Government agencies have issued regulations or | |||
guidance for protecting information that could be reasonably expected to be useful to terrorists | |||
in planning or executing an attack on critical infrastructure. | |||
* Protected critical infrastructure information (PCII) is information related to the security of | |||
critical infrastructure that is voluntarily provided to the Department of Homeland Security | |||
(DHS). | |||
* Critical energy infrastructure information (CEII) is defined in Federal Energy Regulatory | |||
Commission (FERC) regulations as information related to energy-related infrastructure | |||
(e.g., hydroelectric dams and electric transmission systems). | |||
* Sensitive security information (SSI) is defined in Transportation Safety Administration | |||
(TSA) and Department of Transportation (DOT) regulations as information about the | |||
security of transportation assets, including pipelines. | |||
Enclosure 2 | |||
RIS 2005-26 | |||
Page 4 of 5 | |||
Licensees may need to assess and revise their procedures for handling sensitive unclassified | |||
nonsafeguards information in their normal activities and interactions with parties other than | |||
NRC. During discussions of existing practices with various licensees, the NRC staff discovered | |||
that licensees vary in how they treat and protect information that was previously unprotected but | |||
now is considered sensitive. Some licensees have instituted more restrictive controls. Some | |||
have determined that their routine business practices provide an appropriate level of protection | |||
for the sensitive information. | |||
As described in 10 CFR 2.390, information deemed sensitive because it relates to physical | |||
protection or material control and accounting is protected in much the same way as commercial | |||
or financial information. As with proprietary information, licensees are expected to have | |||
sufficient internal controls to keep the information confidential. Possible methods to prevent the | |||
inadvertent release of sensitive unclassified nonsafeguards information include marking | |||
documents as described in 10 CFR 2.390, restricting access to electronic recordkeeping | |||
systems, and controlling the reproduction, distribution, and destruction of potentially sensitive | |||
the top of all | records. NRC uses the marking Security-Related Information Withhold Under | ||
10 CFR 2.390 and encourages the use of this marking by licensees and others possessing | |||
Access: Need-to-know | information deemed sensitive using the guidance in SECY-04-0191. Licensees should ensure | ||
that similar controls are in place when sensitive information is provided to outside parties such | |||
as contractors or other Government agencies. The NRC staff posted information on NRCs | |||
functions. | Web site (http://www.nrc.gov/reading-rm.html) and included a feedback form for questions or | ||
Storage: Openly | suggestions on how to effectively control sensitive information. | ||
BACKFIT DISCUSSION | |||
This RIS requires no action or written response. Any action on the part of addressees to | |||
assess and revise their document control procedures in accordance with the guidance | |||
contained in this RIS is strictly voluntary and, therefore, is not a backfit under 10 CFR 50.109. | |||
Mail: U.S. | Consequently, the NRC staff did not perform a backfit analysis. | ||
FEDERAL REGISTER NOTIFICATION | |||
2.390 contents. | A notice of opportunity for public comment on this RIS was not published in the Federal | ||
Electronic | Register because it is informational and pertains to a staff position that does not represent a | ||
departure from current regulatory requirements and practice. NRC intends to work with the | |||
Nuclear Energy Institute, industry representatives, members of the public, and other | |||
stakeholders in modifying related guidance documents. | |||
SMALL BUSINESS REGULATORY ENFORCEMENT FAIRNESS ACT OF 1996 | |||
be present to | The NRC has determined that this action is not a rule and thus is not subject to the Small | ||
Business Regulatory Enforcement Fairness Act of 1996. | |||
RIS 2003-08 | Enclosure 2 | ||
Page 1 of | |||
et seq. (Act), grants | RIS 2005-26 | ||
Page 5 of 5 | |||
PAPERWORK REDUCTION ACT STATEMENT | |||
This RIS does not contain information collections and, therefore, is not subject to the | |||
requirements of the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.). | |||
CONTACT | |||
Please direct any questions about this matter to the technical contacts listed below or to the | |||
appropriate Office of Nuclear Reactor Regulation (NRR) project manager. | |||
/RA/ By Patrick L. Hiland For/ | |||
Michael J. Case, Director | |||
Division of Inspection and Regional Support | |||
Office of Nuclear Reactor Regulation | |||
Technical Contacts: William Reckley, NRR Margie Kotzalas, NRR | |||
301-415-1323 301-415-2737 | |||
E-mail: wdr@nrc.gov E-mail: mxk5@nrc.gov | |||
Attachment: Marking diagram for documents withheld under 10 CFR 2.390 | |||
Note: NRC generic communications may be found on the NRC public Web site, | |||
http://www.nrc.gov, under Electronic Reading Room/Document Collections. | |||
Enclosure 2 | |||
Attachment | |||
RIS-2005-26 | |||
Page 1 of 1 | |||
SUGGESTED MARKINGS | |||
Withhold From Public Disclosure In Accordance With 10 CFR 2.390 | |||
Overall page marking on the top of all pages | |||
Security-Related Information | |||
Withhold Under 10 CFR 2.390 | |||
Ensure Subject Line is non-sensitive | |||
Subject | |||
XXXXXXXXXX | |||
XXXXXXXXXX | |||
XXXXXXXXXX | |||
XXXXXXXXXX | |||
Appropriate Controls | |||
Access: Need-to-know in order to perform official licensee functions. | |||
Storage: Openly within licensee facilities with electronic or other access | |||
controls, for example, key cards, guards, alarms. | |||
Mail: U.S. Postal Service first class mail, single opaque envelope with | |||
no markings to indicate 10 CFR 2.390 contents. | |||
Electronic Transmission: Over encrypted phone, facsimile, computer, if available; | |||
otherwise over non-encrypted circuits where recipient will | |||
be present to receive the transmission. | |||
Enclosure 2 | |||
RIS 2003-08 | |||
Page 1 of 4 | |||
SUMMARY OF SAFEGUARDS INFORMATION REQUIREMENTS | |||
I. AUTHORITY | |||
The Atomic Energy Act of 1954, as amended, 42 U.S.C. §§ 2011 et seq. (Act), grants the | |||
Nuclear Regulatory Commission broad and unique authority to prohibit the unauthorized | |||
disclosure of Safeguards Information upon a determination that the unauthorized disclosure of | |||
such information could reasonably be expected to have a significant adverse effect on the | such information could reasonably be expected to have a significant adverse effect on the | ||
health and safety of the public or the common defense and security by significantly increasing | health and safety of the public or the common defense and security by significantly increasing | ||
the likelihood of theft, diversion, or sabotage of materials or facilities subject to NRC jurisdiction. | the likelihood of theft, diversion, or sabotage of materials or facilities subject to NRC jurisdiction. | ||
Section 147 of the Act, 42 U.S.C. § 2167. | Section 147 of the Act, 42 U.S.C. § 2167. | ||
defined by NRC regulation as follows:Safeguards Information means information not otherwise classified as | For licensees and any other person, whether or not a licensee (primarily 10 C.F.R. Part 50 | ||
or applicant's detailed, (1) security measures for the physical protection of | reactor licensees, 10 C.F.R. Part 70 licensees for special nuclear material, and their employees | ||
special nuclear material, or (2) security measures for the physical protection and | and contractors) subject to the requirements in 10 C.F.R. Part 73, Safeguards Information is | ||
location of certain plant equipment vital to the safety of production or utilization | defined by NRC regulation as follows: | ||
facilities. | Safeguards Information means information not otherwise classified as National | ||
unless the person has an established "need to know" for the information and is: (i) An employee, agent, or contractor of an applicant, a licensee, | Security Information or Restricted Data which specifically identifies a licensee's | ||
authorized access to Safeguards Information by a nuclear power reactor | or applicant's detailed, (1) security measures for the physical protection of | ||
applicant or licensee must undergo a Federal Bureau of Investigation criminal | special nuclear material, or (2) security measures for the physical protection and | ||
history check to the extent required by 10 CFR 73.57; (ii) A member of a duly authorized committee of the Congress; (iii) The Governor of a State or designated representatives; | location of certain plant equipment vital to the safety of production or utilization | ||
facilities. | |||
RIS 2003-08 | 10 C.F.R. § 73.2. | ||
Page 2 of 4 (v) A member of a state or local law enforcement authority that is responsible | Specific requirements for the protection of Safeguards Information are contained in | ||
(c)(1) of this section. | 10 C.F.R. § 73.21. Access to Safeguards Information is limited as follows: | ||
or licensee duties of employment.10 C.F.R. § 73.2.Thus, unless otherwise authorized by the Commission, NRC regulations limit access | (c) Access to Safeguards Information. (1) Except as the Commission may | ||
otherwise authorize, no person may have access to Safeguards Information | |||
in the performance of official, contractual or licensee duties of employment. | unless the person has an established "need to know" for the information and is: | ||
persons listed in 10 C.F.R. § 73.21(c)(1) and that person also has a | (i) An employee, agent, or contractor of an applicant, a licensee, the | ||
10 C.F.R. § 73.21(c)(2). | Commission, or the United States Government. However, an individual to be | ||
Safeguards Information are applicable to all licensees and all individuals:This part [10 C.F.R. Part 73] prescribes requirements for the protection of | authorized access to Safeguards Information by a nuclear power reactor | ||
Safeguards Information in the hands of any person, whether or not a licensee of | applicant or licensee must undergo a Federal Bureau of Investigation criminal | ||
the Commission, who produces, receives, or acquires Safeguards Information.10 C.F.R. § 73.1(b)(7).The | history check to the extent required by 10 CFR 73.57; | ||
the Act grants the Commission explicit authority to | (ii) A member of a duly authorized committee of the Congress; | ||
the unauthorized disclosure of safeguards information . . . . | (iii) The Governor of a State or designated representatives; | ||
(iv) A representative of the International Atomic Energy Agency (IAEA) engaged | |||
in activities associated with the U.S./IAEA Safeguards Agreement who has been | |||
certified by the NRC; | |||
Enclosure 3 | |||
RIS 2003-08 | |||
Page 2 of 4 | |||
(v) A member of a state or local law enforcement authority that is responsible for | |||
responding to requests for assistance during safeguards emergencies; or | |||
(vi) An individual to whom disclosure is ordered pursuant to § 2.744(e) of this | |||
chapter [10 CFR 2.744(e)]. | |||
(2) Except as the Commission may otherwise authorize, no person may disclose | |||
Safeguards Information to any other person except as set forth in paragraph | |||
(c)(1) of this section. | |||
10 C.F.R. § 73.21(c). | |||
The need to know requirement is specified by NRC regulation as follows: | |||
Need to know means a determination by a person having responsibility for | |||
protecting Safeguards Information that a proposed recipient's access to | |||
Safeguards Information is necessary in the performance of official, contractual, | |||
or licensee duties of employment. | |||
10 C.F.R. § 73.2. | |||
Thus, unless otherwise authorized by the Commission, NRC regulations limit access to | |||
Safeguards Information to certain specified individuals who have been determined to have a | |||
need to know, i.e., specified individuals whose access has been determined to be necessary | |||
in the performance of official, contractual or licensee duties of employment. | |||
Furthermore, except as otherwise authorized by the Commission, no person may disclose | |||
Safeguards Information to any other person unless that other person is one of the specified | |||
persons listed in 10 C.F.R. § 73.21(c)(1) and that person also has a need to know. | |||
10 C.F.R. § 73.21(c)(2). These regulations and prohibitions on unauthorized disclosure of | |||
Safeguards Information are applicable to all licensees and all individuals: | |||
This part [10 C.F.R. Part 73] prescribes requirements for the protection of | |||
Safeguards Information in the hands of any person, whether or not a licensee of | |||
the Commission, who produces, receives, or acquires Safeguards Information. | |||
10 C.F.R. § 73.1(b)(7). | |||
The Commissions statutory authority to protect and prohibit the unauthorized disclosure of | |||
Safeguards Information is even broader than is reflected in these regulations. Section 147 of | |||
the Act grants the Commission explicit authority to issue such orders, as necessary to prohibit | |||
the unauthorized disclosure of safeguards information . . . . This authority extends to | |||
information concerning special nuclear material, source material, and byproduct material, as | information concerning special nuclear material, source material, and byproduct material, as | ||
well as production and utilization facilities. | well as production and utilization facilities. | ||
RIS 2003-08 | Enclosure 3 | ||
Page 3 of | |||
RIS 2003-08 | |||
Page 3 of 4 | |||
The Act explicitly provides: Any person, whether or not a licensee of the Commission, who | |||
violates any regulations adopted under this section shall be subject to the civil monetary | violates any regulations adopted under this section shall be subject to the civil monetary | ||
penalties of Section 234 of this Act. | penalties of Section 234 of this Act. Section 147a of the Act. Section 234a of the Act | ||
provides for a civil monetary penalty not to exceed $120,000 for each violation. See | |||
imprisonment, or both. | 10 C.F.R. § 2.205(j) (2003). Furthermore, a willful violation of any regulation or order governing | ||
See Sections 147b and 223a of the Act. The NRC Enforcement Policy outlines potential NRC actions against both licensees | Safeguards Information is a felony subject to criminal penalties in the form of fines or | ||
details and severity of the violation. | imprisonment, or both. See Sections 147b and 223a of the Act. | ||
The NRC Enforcement Policy outlines potential NRC actions against both licensees and | |||
individuals for violations of the regulations and Orders using criteria that evaluate both the | |||
details and severity of the violation. | |||
II. DISCUSSION | |||
All licensees and all other persons who now have, or in the future may have, access to | |||
Safeguards Information must comply with all applicable requirements delineated in regulations | Safeguards Information must comply with all applicable requirements delineated in regulations | ||
and Orders governing the handling and unauthorized disclosure of Safeguards Information. | and Orders governing the handling and unauthorized disclosure of Safeguards Information. As | ||
stipulated in 10 C.F.R. § 73.21(a), licensees and persons who produce, receive or acquire | stipulated in 10 C.F.R. § 73.21(a), licensees and persons who produce, receive or acquire | ||
Safeguards Information are required to ensure that Safeguards Information is protected against | Safeguards Information are required to ensure that Safeguards Information is protected against | ||
unauthorized disclosure. | unauthorized disclosure. To meet this requirement, licensees and persons subject to | ||
10 C.F.R. § 73.21(a) shall establish and maintain an information protection system governing | 10 C.F.R. § 73.21(a) shall establish and maintain an information protection system governing | ||
the proper handling and unauthorized disclosure of Safeguards Information. | the proper handling and unauthorized disclosure of Safeguards Information. All licensees | ||
should be aware that since the requirements of 10 C.F.R. § 73.21(a) apply to all persons who | should be aware that since the requirements of 10 C.F.R. § 73.21(a) apply to all persons who | ||
receive Safeguards Information, they apply to all contractors whose employees may | receive Safeguards Information, they apply to all contractors whose employees may have | ||
access to Safeguards Information and they must either adhere to the licensees policies and | |||
procedures on Safeguards Information or develop, maintain and implement their own | |||
information protection system, but the licensees remain responsible for the conduct of their | information protection system, but the licensees remain responsible for the conduct of their | ||
contractors. | contractors. The elements of the required information protection system are specified in | ||
10 C.F.R. § 73.21(b) through (i). | 10 C.F.R. § 73.21(b) through (i). The information protection system must address, at a | ||
minimum, the following: the general performance requirement that each person who produces, | minimum, the following: the general performance requirement that each person who produces, | ||
receives, or acquires Safeguards Information shall ensure that Safeguards Information is | receives, or acquires Safeguards Information shall ensure that Safeguards Information is | ||
| Line 863: | Line 522: | ||
containing Safeguards Information; access to Safeguards Information; preparation, marking, | containing Safeguards Information; access to Safeguards Information; preparation, marking, | ||
reproduction and destruction of documents; external transmission of documents; use of | reproduction and destruction of documents; external transmission of documents; use of | ||
automatic data processing systems; and removal of the Safeguards Information category.As noted above, in addition to the responsibility of each licensee to ensure that all of | automatic data processing systems; and removal of the Safeguards Information category. | ||
As noted above, in addition to the responsibility of each licensee to ensure that all of its | |||
employees, contractors and subcontractors, and their employees comply with applicable | |||
requirements, all contractors, subcontractors, and individual employees also are individually | requirements, all contractors, subcontractors, and individual employees also are individually | ||
responsible for complying with applicable requirements and all are subject to civil and criminal | responsible for complying with applicable requirements and all are subject to civil and criminal | ||
sanctions for failures to comply. | sanctions for failures to comply. The NRC considers that violations of the requirements | ||
applicable to the handling of Safeguards Information are a serious breach of adequate | applicable to the handling of Safeguards Information are a serious breach of adequate | ||
protection of the public health and safety and the common defense and security of the United | protection of the public health and safety and the common defense and security of the United | ||
States. | States. | ||
RIS 2003-08 | Enclosure 3 | ||
Page 4 of | |||
RIS 2003-08 | |||
Page 4 of 4 | |||
As a result, the staff intends to use the NRC Enforcement Policy, including the discretion to | |||
increase penalties for violations, to determine appropriate sanctions against licensees and | increase penalties for violations, to determine appropriate sanctions against licensees and | ||
individuals who violate these requirements. | individuals who violate these requirements. In addition, the Commission may use its discretion, | ||
based on the severity of the violation, to further increase the penalty for any violation up to the | |||
statutory maximum. Willful violations of these requirements will also be referred to the | |||
Department of Justice for a determination of whether criminal penalties will be pursued. | Department of Justice for a determination of whether criminal penalties will be pursued. | ||
Enclosure 3 | |||
}} | }} | ||
Latest revision as of 17:54, 12 November 2019
| ML112101776 | |
| Person / Time | |
|---|---|
| Site: | Summer  |
| Issue date: | 07/28/2011 |
| From: | Emstes M NRC/RGN-I/DRS/PSB2 |
| To: | Gatlin T South Carolina Electric & Gas Co |
| References | |
| RIS-03-008, RIS-05-026 | |
| Download: ML112101776 (16) | |
See also: RIS 2003-08
Text
UNITED STATES
NUCLEAR REGULATORY COMMISSION
REGION II
245 PEACHTREE CENTER AVENUE NE, SUITE 1200
ATLANTA, GEORGIA 30303-1257
July 28, 2011
Mr. Thomas D. Gatlin
Vice President - Nuclear Operations
South Carolina Electric & Gas Company
Virgil C. Summer Nuclear Station
P.O. Box 88
Jenkinsville, SC 29065
SUBJECT: UPDATE OF NUCLEAR REGULATORY COMMISSION (NRC) DISTRIBUTION
LIST FOR DOCUMENTS CONTAINING SAFEGUARDS (SGI), OFFICIAL USE
ONLY (OUO), AND ROUTINE INFORMATION (VIRGIL C. SUMMER NUCLEAR
STATION)
Dear Mr. Gatlin:
I am writing to request current information on those individuals authorized to receive documents
containing Safeguards (SGI), Official Use Only (OUO), and Routine information on issues
relating to your facility. Safeguards information is a special category of sensitive unclassified
information authorized by Section 147 of the Atomic Energy Act of 1954, as amended (the Act),
to be protected. While SGI is considered sensitive unclassified information, it is handled and
protected more like classified confidential information than like other sensitive unclassified
information (e.g., privacy and proprietary information).
Access to SGI is controlled by a valid need-to-know basis. It is the responsibility of the NRC to
maintain the integrity of SGI distribution, therefore we are currently in the process of verifying
the identity, and contact information of individuals designated to receive documents with SGI,
OUO, and Routine information for your facility.
You are requested to provide an updated distribution list of those persons who should receive
documents containing SGI, OUO, and Routine information within 20 days of the date of this
letter to: ATTN: Document Control Desk, Washington, D.C. 20555-0001; with a copy to the
Regional Administrator Region II, so that we can verify and/or update our distribution
information.
Please ensure that each list clearly specifies the individuals who are authorized to receive
matter specific correspondence. To facilitate this request, I have enclosed a copy of the NRCs
official distribution list on file, which has been organized by category. Additionally, you will find
NRC Regulatory Issue Summary 2005-26 defining control of sensitive unclassified non-
safeguards information related to nuclear power reactors, and NRC Regulatory Issue Summary 2003-08, Summary of Safeguards Information Requirements.
SCE&G 2
In accordance with 10 CFR 2.390 of the NRCs Rules of Practice, a copy of this letter and its
enclosures will be available electronically for public inspection in the NRC Public Document
Room or from the Publicly Available Records (PARS) component of NRCs document system
(ADAMS). ADAMS is accessible from the NRC Web site at http://www.nrc.gov/reading-
rm/adams.html (the Public Electronic Room).
Should you have any questions concerning this letter, please contact us.
Sincerely,
/ RA /
Michael E. Ernstes, Chief
Plant Support Branch 2
Division of Reactor Safety
Docket No.: 50-395
License No.: NPF-12
Enclosure:
1. Current Official Distribution List
2. NRC Regulatory Issue Summary 2005-26
3. NRC Regulatory Issue Summary 2003-08
ML112101776 X SUNSI REVIEW COMPLETE X FORM 665 ATTACHED
OFFICE RII: DRS RII: DRS RII:DRP
SIGNATURE RA/ME For JC ME RA
NAME J. CALLOWAY M. ERNSTES G. MCCOY
DATE 07/27/22011 07/27/2011 07/27/2011
E-MAIL COPY? YES NO YES NO YES NO YES NO YES NO YES NO YES NO
OFFICIAL DISTRIBUTION LIST
Virgil C. Summer Nuclear Station
ROUTINE DISTRIBUTION:
cc w/encl:
Division of Radiological Health Robert M. Fowlkes
TN Dept. of Environment & Conservation General Manager
401 Church Street Engineering Services
Nashville, TN 37243-1532 South Carolina Electric & Gas Company
Electronic Mail Distribution
J. B. Archie
Senior Vice President Senior Resident Inspector
Nuclear Operations Virgil C. Summer Nuclear Station
South Carolina Electric & Gas Company U.S. NRC
Electronic Mail Distribution 576 Stairway Road
Jenkinsville, SC 29065
Sandra Threatt, Manager
Nuclear Response and Emergency R. J. White
Environmental Surveillance Nuclear Coordinator
Bureau of Land and Waste Management S.C. Public Service Authority Mail Code 802
Department of Health and Environmental Electronic Mail Distribution
Control
Electronic Mail Distribution Robin R. Haselden
General Manager
Kathryn M. Sutton, Esq. Organizational Development &
Morgan, Lewis & Bockius LLP Effectiveness
Electronic Mail Distribution South Carolina Electric & Gas Company
Electronic Mail Distribution
Richard Haynes
Director, Division of Waste Management George A. Lippard, III
Bureau of Land and Waste Management General Manager
S.C. Department of Health and Nuclear Plant Operations
Environmental Control South Carolina Electric & Gas Company
Electronic Mail Distribution Electronic Mail Distribution
Mark Yeager Moses Coleman
Division of Radioactive Waste Mgmt. Manager, Health Physics and Safety
S.C. Department of Health and South Carolina Electric & Gas Company
Environmental Control Electronic Mail Distribution
Electronic Mail Distribution
Robert L. Justice
Andy T. Barbee Manager
Director Nuclear Operations
Nuclear Training South Carolina Electric & Gas Company
South Carolina Electric & Gas Company Electronic Mail Distribution
Electronic Mail Distribution
Donald D. Shue
Bruce L. Thompson Manager
Manager Maintenance Services
Nuclear Licensing (Mail Code 830) South Carolina Electric & Gas Company
South Carolina Electric & Gas Company Electronic Mail Distribution
Electronic Mail Distribution
Enclosure 1
OFFICIAL DISTRIBUTION LIST
Virgil C. Summer Nuclear Station
OFFICIAL USE ONLY (OUO) DISTRIBUTION
cc w/encl:
Bruce L. Thompson
Manager
Nuclear Licensing (Mail Code 830)
South Carolina Electric & Gas Company
Virgil C. Summer Nuclear Station
P.O. Box 88
Jenkinsville, SC 29065
George A. Lippard, III
General Manager
Nuclear Plant Operations
South Carolina Electric & Gas Company
Virgil C. Summer Nuclear Station
P.O. Box 88
Jenkinsville, SC 29065
R. J. White
Nuclear Coordinator
S.C. Public Service Authority Mail Code 802
Virgil C. Summer Nuclear Station
P.O. Box 88
Jenkinsville, SC 29065
Enclosure 1
OFFICIAL DISTRIBUTION LIST
Virgil C. Summer Nuclear Station
SAFEGUARDS (SGI) DISTRIBUTION:
cc w/encl:
Bruce L. Thompson
Manager
Nuclear Licensing (Mail Code 830)
South Carolina Electric & Gas Company
Virgil C. Summer Nuclear Station
P.O. Box 88
Jenkinsville, SC 29065
George A. Lippard, III
General Manager
Nuclear Plant Operations
South Carolina Electric & Gas Company
Virgil C. Summer Nuclear Station
P.O. Box 88
Jenkinsville, SC 29065
cc w/Inspection Summary:
R. J. White
Nuclear Coordinator
S.C. Public Service Authority Mail Code 802
Virgil C. Summer Nuclear Station
P.O. Box 88
Jenkinsville, SC 29065
Kathryn M. Sutton, Esq.
111 Pennsylvania Avenue, NW
Washington, DC 20004
Richard Haynes
Director, Division of Waste Management
Bureau of Land and Waste Management
S.C. Department of Health and Environmental Control
2600 Bull Street
Columbia, SC 29201
Enclosure 1
UNITED STATES
NUCLEAR REGULATORY COMMISSION
OFFICE OF NUCLEAR REACTOR REGULATION
WASHINGTON, D.C. 20555-0001
November 7, 2005
NRC REGULATORY ISSUE SUMMARY 2005-26
CONTROL OF SENSITIVE UNCLASSIFIED NONSAFEGUARDS
INFORMATION RELATED TO NUCLEAR POWER REACTORS
ADDRESSEES
All holders of operating licenses for nuclear power reactors and holders of and applicants for
certificates for reactor designs.
INTENT
The U.S. Nuclear Regulatory Commission (NRC) is issuing this regulatory issue summary (RIS)
to inform the addressees of the appropriate handling of information that warrants controls
because of continuing concerns about terrorist attacks against the critical infrastructure of the
United States. The NRC intends to balance its responsibility to preserve public access to
information and support meaningful participation in NRCs regulatory processes against its
responsibility to withhold information that might unnecessarily compromise the security of
nuclear facilities. Licensees for operating nuclear power plants and reactor facility designers
may need to assess their document control procedures to ensure they protect sensitive
information. Although no specific action or written response is required, the NRC encourages
the addressees for this RIS, vendors and contractors, and others who may possess sensitive
information to destroy, mark, or otherwise control the information to avoid inadvertently
providing assistance to those who might use the information for malevolent acts.
BACKGROUND INFORMATION
NRC traditionally has given the public access to a significant amount of information about the
facilities and materials the agency regulates. Openness has been and remains a cornerstone
of NRCs regulatory philosophy. The Atomic Energy Act, subsequent legislation, and various
NRC regulations have given the public the right to participate in the licensing and oversight
process for nuclear power reactors and other NRC licensees. To participate in a meaningful
way, the public must have access to information about the design and operation of regulated
facilities and use of nuclear materials. However, NRC and other Government agencies have
always withheld some information from public disclosure for reasons of security, personal
privacy, or commercial or trade secret protection. In light of increased terrorist activity
worldwide, NRC reexamined its document disclosure policies.
Enclosure 2
Page 2 of 5
Since the events of September 11, 2001, NRC has issued advisories and taken specific actions
regarding the security of its licensed facilities. NRC has also assessed and revised its policies
and practices for control of information so that information that could reasonably be expected to
be useful to terrorists in planning or executing an attack against nuclear power plants or other
NRC-licensed facilities will be withheld from public disclosure. The most recent and detailed
guidance on the control of information related to operating nuclear power plants is provided in
the Commission paper SECY-04-0191, Withholding Sensitive Unclassified Information
Concerning Nuclear Power Reactors From Public Disclosure, dated October 19, 2004, and the
associated staff requirements memorandum dated November 9, 2004. Also see
SECY-05-0091, Task Force Report on Public Disclosure of Security-Related Information,
dated May 18, 2005, and the associated staff requirements memorandum dated June 30, 2005.
The NRC staff is preparing similar guidance for materials licensees and expects to make it
available to the public in early 2006.
SUMMARY OF ISSUE
Considering the various reviews, legislation, and other changes since September 11, 2001, the
NRC staff believes that clarifying NRCs current procedures and policies regarding the control
of information will be beneficial to stakeholders. NRC will continue to make available to the
public most of the information that the agency receives from or sends to its licensees. In
addition, the public will have access to a large amount of information included in various reports
produced by the NRC staff. Much of NRCs information also will be readily available to the
public via the NRC Web site (www.nrc.gov) and the NRCs electronic document management
system (ADAMS) (www.nrc.gov/reading-rm/adams.html). In addition, other information may be
released to the public in response to formal or informal requests. The exceptions for certain
information to be withheld from public disclosure for reasons other than security (e.g., privacy,
proprietary, and pre-decisional information) have not changed as a result of recent events. The
appropriate handling of Safeguards Information (SGI) is discussed in RIS-2003-08, Protection
of Safeguards Information From Unauthorized Disclosure, dated April 30, 2003, and more
specific SGI designation guidance documents.
NRC withheld from public disclosure some information related to protecting operating nuclear
power plants although it does not meet the existing criteria for designation as SGI. This type of
information was recognized before September 11, 2001, and, when submitted to NRC by a
licensee, was withheld from public disclosure according to the provisions of 10 CFR 2.390(d)(1). This regulation states:
(d) The following information is considered commercial or financial information within the
meaning of §9.17(a)(4) of this chapter and is subject to disclosure only in accordance
with the provisions of §9.19 of this chapter.
(1) Correspondence and reports to or from the NRC which contain information or
records concerning a licensees or applicants physical protection, classified matter
protection, or material control and accounting program for special nuclear material not
otherwise designated as Safeguards Information or classified as National Security
Information or Restricted Data.
Enclosure 2
Page 3 of 5
NRC expects that licensees will continue to request NRC withhold some information citing
10 CFR 2.390(d)(1) and that the volume of material requested to be withheld from public
disclosure under this provision will increase as the NRC staff and licensees implement the
guidance in this RIS. NRC changed its procedures shortly after September 11, 2001, to
withhold from public disclosure various categories of documents likely to include individual
records that warrant withholding under 10 CFR 2.390. The NRC staff will assess the need to
withhold such document categories if licensees routinely identify specific documents containing
sensitive information. The NRC staff will interact with licensees on a case-by-case basis
regarding the use of the provisions of 10 CFR 2.390(d)(1) to assure that information is properly
controlled, under either Section 2.390(d)(1) or one of the other Freedom of Information Act
(FOIA) exemptions that might be applicable. Licensees that identify information to be withheld
from public disclosure in accordance with 10 CFR 2.390(d)(1) or other provision in the
regulation should use the same general practices as used for proprietary commercial or
financial information. As shown on the attached diagram, the cover letter should clearly state
that the document includes sensitive information and the affected pages should include the
marking Security-Related Information Withhold Under 10 CFR 2.390. Unlike the
requirements for withholding proprietary information, licensees are not required to provide an
affidavit for sensitive information withheld under 10 CFR 2.390(d) and related to (1) physical
protection or (2) material control and accounting.
Most information received and generated by NRC deals with design, operations, or other
matters not directly related to the physical security of nuclear facilities or radioactive materials.
This information, if not protected as proprietary or under another exception, is generally made
available to the public. After September 11, 2001, NRC and other Government agencies
responded to concerns that some information easily available on public Web sites or by other
means might be useful to terrorists. SECY-04-0191 provides the primary NRC guidance on
whether information related to operating nuclear power plants should be withheld from public
disclosure in light of the post-September 11 concerns. The NRC staff has posted the guidance
and related material within the public reading room (http://www.nrc.gov/reading-rm.html) on the
NRC Web site, and stakeholders can ask questions or make suggestions about the guidance
and the examples.
As discussed in SECY-04-0191, other Government agencies have issued regulations or
guidance for protecting information that could be reasonably expected to be useful to terrorists
in planning or executing an attack on critical infrastructure.
- Protected critical infrastructure information (PCII) is information related to the security of
critical infrastructure that is voluntarily provided to the Department of Homeland Security
(DHS).
- Critical energy infrastructure information (CEII) is defined in Federal Energy Regulatory
Commission (FERC) regulations as information related to energy-related infrastructure
(e.g., hydroelectric dams and electric transmission systems).
- Sensitive security information (SSI) is defined in Transportation Safety Administration
(TSA) and Department of Transportation (DOT) regulations as information about the
security of transportation assets, including pipelines.
Enclosure 2
Page 4 of 5
Licensees may need to assess and revise their procedures for handling sensitive unclassified
nonsafeguards information in their normal activities and interactions with parties other than
NRC. During discussions of existing practices with various licensees, the NRC staff discovered
that licensees vary in how they treat and protect information that was previously unprotected but
now is considered sensitive. Some licensees have instituted more restrictive controls. Some
have determined that their routine business practices provide an appropriate level of protection
for the sensitive information.
As described in 10 CFR 2.390, information deemed sensitive because it relates to physical
protection or material control and accounting is protected in much the same way as commercial
or financial information. As with proprietary information, licensees are expected to have
sufficient internal controls to keep the information confidential. Possible methods to prevent the
inadvertent release of sensitive unclassified nonsafeguards information include marking
documents as described in 10 CFR 2.390, restricting access to electronic recordkeeping
systems, and controlling the reproduction, distribution, and destruction of potentially sensitive
records. NRC uses the marking Security-Related Information Withhold Under
10 CFR 2.390 and encourages the use of this marking by licensees and others possessing
information deemed sensitive using the guidance in SECY-04-0191. Licensees should ensure
that similar controls are in place when sensitive information is provided to outside parties such
as contractors or other Government agencies. The NRC staff posted information on NRCs
Web site (http://www.nrc.gov/reading-rm.html) and included a feedback form for questions or
suggestions on how to effectively control sensitive information.
BACKFIT DISCUSSION
This RIS requires no action or written response. Any action on the part of addressees to
assess and revise their document control procedures in accordance with the guidance
contained in this RIS is strictly voluntary and, therefore, is not a backfit under 10 CFR 50.109.
Consequently, the NRC staff did not perform a backfit analysis.
FEDERAL REGISTER NOTIFICATION
A notice of opportunity for public comment on this RIS was not published in the Federal
Register because it is informational and pertains to a staff position that does not represent a
departure from current regulatory requirements and practice. NRC intends to work with the
Nuclear Energy Institute, industry representatives, members of the public, and other
stakeholders in modifying related guidance documents.
SMALL BUSINESS REGULATORY ENFORCEMENT FAIRNESS ACT OF 1996
The NRC has determined that this action is not a rule and thus is not subject to the Small
Business Regulatory Enforcement Fairness Act of 1996.
Enclosure 2
Page 5 of 5
PAPERWORK REDUCTION ACT STATEMENT
This RIS does not contain information collections and, therefore, is not subject to the
requirements of the Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.).
CONTACT
Please direct any questions about this matter to the technical contacts listed below or to the
appropriate Office of Nuclear Reactor Regulation (NRR) project manager.
/RA/ By Patrick L. Hiland For/
Michael J. Case, Director
Division of Inspection and Regional Support
Office of Nuclear Reactor Regulation
Technical Contacts: William Reckley, NRR Margie Kotzalas, NRR
301-415-1323 301-415-2737
E-mail: wdr@nrc.gov E-mail: mxk5@nrc.gov
Attachment: Marking diagram for documents withheld under 10 CFR 2.390
Note: NRC generic communications may be found on the NRC public Web site,
http://www.nrc.gov, under Electronic Reading Room/Document Collections.
Enclosure 2
Attachment
Page 1 of 1
SUGGESTED MARKINGS
Withhold From Public Disclosure In Accordance With 10 CFR 2.390
Overall page marking on the top of all pages
Security-Related Information
Withhold Under 10 CFR 2.390
Ensure Subject Line is non-sensitive
Subject
XXXXXXXXXX
XXXXXXXXXX
XXXXXXXXXX
XXXXXXXXXX
Appropriate Controls
Access: Need-to-know in order to perform official licensee functions.
Storage: Openly within licensee facilities with electronic or other access
controls, for example, key cards, guards, alarms.
Mail: U.S. Postal Service first class mail, single opaque envelope with
no markings to indicate 10 CFR 2.390 contents.
Electronic Transmission: Over encrypted phone, facsimile, computer, if available;
otherwise over non-encrypted circuits where recipient will
be present to receive the transmission.
Enclosure 2
Page 1 of 4
SUMMARY OF SAFEGUARDS INFORMATION REQUIREMENTS
I. AUTHORITY
The Atomic Energy Act of 1954, as amended, 42 U.S.C. §§ 2011 et seq. (Act), grants the
Nuclear Regulatory Commission broad and unique authority to prohibit the unauthorized
disclosure of Safeguards Information upon a determination that the unauthorized disclosure of
such information could reasonably be expected to have a significant adverse effect on the
health and safety of the public or the common defense and security by significantly increasing
the likelihood of theft, diversion, or sabotage of materials or facilities subject to NRC jurisdiction.
Section 147 of the Act, 42 U.S.C. § 2167.
For licensees and any other person, whether or not a licensee (primarily 10 C.F.R. Part 50
reactor licensees, 10 C.F.R. Part 70 licensees for special nuclear material, and their employees
and contractors) subject to the requirements in 10 C.F.R. Part 73, Safeguards Information is
defined by NRC regulation as follows:
Safeguards Information means information not otherwise classified as National
Security Information or Restricted Data which specifically identifies a licensee's
or applicant's detailed, (1) security measures for the physical protection of
special nuclear material, or (2) security measures for the physical protection and
location of certain plant equipment vital to the safety of production or utilization
facilities.
10 C.F.R. § 73.2.
Specific requirements for the protection of Safeguards Information are contained in
10 C.F.R. § 73.21. Access to Safeguards Information is limited as follows:
(c) Access to Safeguards Information. (1) Except as the Commission may
otherwise authorize, no person may have access to Safeguards Information
unless the person has an established "need to know" for the information and is:
(i) An employee, agent, or contractor of an applicant, a licensee, the
Commission, or the United States Government. However, an individual to be
authorized access to Safeguards Information by a nuclear power reactor
applicant or licensee must undergo a Federal Bureau of Investigation criminal
history check to the extent required by 10 CFR 73.57;
(ii) A member of a duly authorized committee of the Congress;
(iii) The Governor of a State or designated representatives;
(iv) A representative of the International Atomic Energy Agency (IAEA) engaged
in activities associated with the U.S./IAEA Safeguards Agreement who has been
certified by the NRC;
Enclosure 3
Page 2 of 4
(v) A member of a state or local law enforcement authority that is responsible for
responding to requests for assistance during safeguards emergencies; or
(vi) An individual to whom disclosure is ordered pursuant to § 2.744(e) of this
chapter [10 CFR 2.744(e)].
(2) Except as the Commission may otherwise authorize, no person may disclose
Safeguards Information to any other person except as set forth in paragraph
(c)(1) of this section.
10 C.F.R. § 73.21(c).
The need to know requirement is specified by NRC regulation as follows:
Need to know means a determination by a person having responsibility for
protecting Safeguards Information that a proposed recipient's access to
Safeguards Information is necessary in the performance of official, contractual,
or licensee duties of employment.
10 C.F.R. § 73.2.
Thus, unless otherwise authorized by the Commission, NRC regulations limit access to
Safeguards Information to certain specified individuals who have been determined to have a
need to know, i.e., specified individuals whose access has been determined to be necessary
in the performance of official, contractual or licensee duties of employment.
Furthermore, except as otherwise authorized by the Commission, no person may disclose
Safeguards Information to any other person unless that other person is one of the specified
persons listed in 10 C.F.R. § 73.21(c)(1) and that person also has a need to know.
10 C.F.R. § 73.21(c)(2). These regulations and prohibitions on unauthorized disclosure of
Safeguards Information are applicable to all licensees and all individuals:
This part [10 C.F.R. Part 73] prescribes requirements for the protection of
Safeguards Information in the hands of any person, whether or not a licensee of
the Commission, who produces, receives, or acquires Safeguards Information.
10 C.F.R. § 73.1(b)(7).
The Commissions statutory authority to protect and prohibit the unauthorized disclosure of
Safeguards Information is even broader than is reflected in these regulations. Section 147 of
the Act grants the Commission explicit authority to issue such orders, as necessary to prohibit
the unauthorized disclosure of safeguards information . . . . This authority extends to
information concerning special nuclear material, source material, and byproduct material, as
well as production and utilization facilities.
Enclosure 3
Page 3 of 4
The Act explicitly provides: Any person, whether or not a licensee of the Commission, who
violates any regulations adopted under this section shall be subject to the civil monetary
penalties of Section 234 of this Act. Section 147a of the Act. Section 234a of the Act
provides for a civil monetary penalty not to exceed $120,000 for each violation. See
10 C.F.R. § 2.205(j) (2003). Furthermore, a willful violation of any regulation or order governing
Safeguards Information is a felony subject to criminal penalties in the form of fines or
imprisonment, or both. See Sections 147b and 223a of the Act.
The NRC Enforcement Policy outlines potential NRC actions against both licensees and
individuals for violations of the regulations and Orders using criteria that evaluate both the
details and severity of the violation.
II. DISCUSSION
All licensees and all other persons who now have, or in the future may have, access to
Safeguards Information must comply with all applicable requirements delineated in regulations
and Orders governing the handling and unauthorized disclosure of Safeguards Information. As
stipulated in 10 C.F.R. § 73.21(a), licensees and persons who produce, receive or acquire
Safeguards Information are required to ensure that Safeguards Information is protected against
unauthorized disclosure. To meet this requirement, licensees and persons subject to
10 C.F.R. § 73.21(a) shall establish and maintain an information protection system governing
the proper handling and unauthorized disclosure of Safeguards Information. All licensees
should be aware that since the requirements of 10 C.F.R. § 73.21(a) apply to all persons who
receive Safeguards Information, they apply to all contractors whose employees may have
access to Safeguards Information and they must either adhere to the licensees policies and
procedures on Safeguards Information or develop, maintain and implement their own
information protection system, but the licensees remain responsible for the conduct of their
contractors. The elements of the required information protection system are specified in
10 C.F.R. § 73.21(b) through (i). The information protection system must address, at a
minimum, the following: the general performance requirement that each person who produces,
receives, or acquires Safeguards Information shall ensure that Safeguards Information is
protected against unauthorized disclosure; protection of Safeguards Information at fixed sites,
in use and in storage, and while in transit; inspections, audits and evaluations; correspondence
containing Safeguards Information; access to Safeguards Information; preparation, marking,
reproduction and destruction of documents; external transmission of documents; use of
automatic data processing systems; and removal of the Safeguards Information category.
As noted above, in addition to the responsibility of each licensee to ensure that all of its
employees, contractors and subcontractors, and their employees comply with applicable
requirements, all contractors, subcontractors, and individual employees also are individually
responsible for complying with applicable requirements and all are subject to civil and criminal
sanctions for failures to comply. The NRC considers that violations of the requirements
applicable to the handling of Safeguards Information are a serious breach of adequate
protection of the public health and safety and the common defense and security of the United
States.
Enclosure 3
Page 4 of 4
As a result, the staff intends to use the NRC Enforcement Policy, including the discretion to
increase penalties for violations, to determine appropriate sanctions against licensees and
individuals who violate these requirements. In addition, the Commission may use its discretion,
based on the severity of the violation, to further increase the penalty for any violation up to the
statutory maximum. Willful violations of these requirements will also be referred to the
Department of Justice for a determination of whether criminal penalties will be pursued.
Enclosure 3