About the Division of Critical Infrastructure Protection

Within the HHS Office of the Assistant Secretary for Preparedness and Response (ASPR), The Division of Critical Infrastructure Protection (CIP) promotes resilience of the nation’s health infrastructure by leading a dynamic public-private partnership, drawing from all aspects of the Healthcare and Public Health (HPH) Sector, to prepare for future threats, manage risks, and coordinate effective response. CIP aligns its vital and critical HPH infrastructure activities through partnerships, focusing on key organizations, executives, emergency managers, and subject matter experts.

In 2019, the passage of the Pandemic and All-Hazards Preparedness and Advancing Innovation Act (PAHPAIA), Public Law No. 116-22 enhanced the authorities of the HHS Secretary and ASPR to prepare for and respond to public health emergencies, including formally identifying ASPR as responsible for day to day coordination of the partnership with the private sector. This is accomplished by identifying ASPR as the HPH Sector Specific Agency (SSA). In 2021, the National Defense Authorization Act (NDAA) formalized changes to the national CIP program, operated by the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA). NDAA changes CIP’s HPH Sector role from Sector Specific Agency to Sector Risk Management Agency (SRMA), and clearly outlines responsibilities and expectations for SRMA representing each of the 16 critical infrastructure sectors. As the lead for the SRMA, CIP works with private sector partners to preserve relevant National Critical Functions.

CIP fulfills ASPR’s mandate by executing its Congressionally approved plan for implementing relevant PAHPAIA requirements and serves as the HPH SRMA lead. Learn more about CIP’s activities as HPH SRMA lead.