VA CUI Registry

Organizational Index Grouping :

CUI Category :

Description :

Basic/Specified :

Category Marking :

Organizational Index Grouping	CUI Category	Description	Basic/Specified	Category Marking
Critical Infrastructure	Emergency Management	Related to information concerning the continuity of executive branch operations during all-hazards emergencies or other situations that may disrupt normal operations.	Basic	CUI//EMGT
Critical Infrastructure	General Critical Infrastructure Information	Systems and assets, whether physical or virtual, so vital that the incapacity or destruction of such may have a debilitating impact on the security, economy, public health or safety, environment, or any combination of these matters, across any Federal, State, regional, territorial, or local jurisdiction.	Basic	CUI//CRIT
Critical Infrastructure	Information Systems Vulnerability Information	Related to information that if not protected, could result in adverse effects to information systems. Information system means a discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.	Basic	CUI//ISVI
Critical Infrastructure	Physical Security	Related to protection of federal buildings, grounds or property.	Basic	CUI//PHYS
Critical Infrastructure	Protected Critical Infrastructure Information	As defined by 6 USC 131-134, and 6 CFR 29, PCII relates to threats, vulnerabilities, or operational experience related to the national infrastructure. PCII offers protection to private sector infrastructure information voluntarily shared with government entities for purposes of homeland security.	Specified	CUI//SP-PCII
Critical Infrastructure	SAFETY Act Information	Defined as “SAFETY Act Confidential Information” in 6 CFR Part 25, the regulations implementing the Support Anti-terrorism by Fostering Effective Technologies Act of 2002, SAFETY Act Information includes any and all information and data voluntarily submitted to the Department of Homeland Security under this part (including Applications, Pre-Applications, other forms, supporting documents and other materials relating to any of the foregoing, and responses to requests for additional information), including, but not limited to, inventions, devices, Technology, know-how, designs, copyrighted information, trade secrets, confidential business information, analyses, test and evaluation results, manuals, videotapes, contracts, letters, facsimile transmissions, electronic mail and other correspondence, financial information and projections, actuarial calculations, liability estimates, insurance quotations, and business and marketing plans.	Basic	CUI//SAFE
Defence	Controlled Technical Information	Controlled Technical Information means technical information with military or space application that is subject to controls on the access, use, reproduction, modification, performance, display, release, disclosure, or dissemination. Controlled technical information is to be marked with one of the distribution statements B through F, in accordance with Department of Defense Instruction 5230.24, "Distribution Statements of Technical Documents." The term does not include information that is lawfully publicly available without restrictions. "Technical Information" means technical data or computer software, as those terms are defined in Defense Federal Acquisition Regulation Supplement clause 252.227-7013, "Rights in Technical Data - Noncommercial Items" (48 CFR 252.227-7013). Examples of technical information include research and engineering data, engineering drawings, and associated lists, specifications, standards, process sheets, manuals, technical reports, technical orders, catalog-item identifications, data sets, studies and analyses and related information, and computer software executable code and source code.	Specified	CUI//SP-CTI
Export Control	Export Controlled	Unclassified information concerning certain items, commodities, technology, software, or other information whose export could reasonably be expected to adversely affect the United States national security and nonproliferation objectives. To include dual use items; items identified in export administration regulations, international traffic in arms regulations (ITAR) and the munitions list; license applications; and sensitive nuclear technology information.	Specified	CUI//SP-EXPT
Export Control	Export Controlled Research	Related to the systematic investigation into and study of materials and sources in order to establish facts and reach new conclusions.	Basic	CUI//EXPTR
Defense	Controlled Technical Information	Controlled Technical Information means technical information with military or space application that is subject to controls on the access, use, reproduction, modification, performance, display, release, disclosure, or dissemination. Controlled technical information is to be marked with one of the distribution statements B through F, in accordance with Department of Defense Instruction 5230.24, "Distribution Statements of Technical Documents." The term does not include information that is lawfully publicly available without restrictions. "Technical Information" means technical data or computer software, as those terms are defined in Defense Federal Acquisition Regulation Supplement clause 252.227-7013, "Rights in Technical Data - Noncommercial Items" (48 CFR 252.227-7013). Examples of technical information include research and engineering data, engineering drawings, and associated lists, specifications, standards, process sheets, manuals, technical reports, technical orders, catalog-item identifications, data sets, studies and analyses and related information, and computer software executable code and source code.	Specified	CUI//SP-CTI
Defense	Privileged Safety Information	PSI is information reflective of a deliberative process in the safety investigation or given to a safety investigator pursuant to a promise of confidentiality, which the safety privilege protects from being released outside safety channels or from being used for any purpose except mishap prevention.	Basic	CUI//PSI
Financial	Budget	Related to information concerning the federal budget, including authorizations and estimates of income and expenditures.	Specified	CUI//SP-BUDG
Financial	Electronic Funds Transfer	Relating to the computer-based systems used to perform financial transactions electronically.	Basic	CUI//XFER
Financial	Financial Supervision Information	Related to information connected to an agency's responsibilities to supervise, examine, and evaluate a financial institution.	Basic	CUI//FSI
Financial	General Financial Information	Related to the duties, transactions, or otherwise falling under the purview of financial institutions or United States Government fiscal functions. Uses may include, but are not limited to, customer information held by a financial institution.	Specified	CUI//SP-FNC
Financial	Bank Secrecy	Information that is provided to the government pursuant to the Bank Secrecy Act, including but not limited to, suspicious activity reports (SAR), currency transaction reports (CTR), reports of international transportation of currency or monetary instruments (CMIR), reports of cash payment over $10,000 received in trade or business, and reports of foreign bank and financial accounts (FBAR). Reports filed under the Bank Secrecy Act (BSA), codified in relevant part at 31 U.S.C. § 5311 et seq, are specifically exempt from disclosure under the Freedom of Information Act, codified at 5 U.S.C. § 552, and also may not be disclosed under any State, local, tribal, or territorial “freedom of information,” “open government,” or similar law. See 31 U.S.C. § 5319; 5 U.S.C. § 552(b)(3). These reports (BSA Reports), are maintained in a system of records containing information compiled for law enforcement investigative purposes that has been exempted from the access provisions of the Privacy Act in accordance with 5 U.S.C. §§ 552a(j)(2) and (k)(2). BSA Reports may only be re-disseminated in strict accordance with guidelines established by the Financial Crimes Enforcement Network (FinCEN), the Treasury bureau that administers the BSA. Suspicious Activity Reports, one of the types of required reports filed under the BSA, are required to be kept confidential in accordance with 31 U.S.C. § 5318(g)(2) and implementing regulations. To the extent information falling under the purview of the BSA is collected, accessed, or used for any Federal tax administration purpose, it is also subject to the confidentiality provisions of the Internal Revenue Code, codified at 26 U.S.C. § 6103.	Specified	CUI//SP-FSEC
Financial	Federal Housing Finance Non-Public Information	Related to information that the Federal Housing Finance Agency (FHFA) has not made public that is created by, obtained by, or communicated to an FHFA employee in connection with the performance of official duties, regardless of who is in possession of the information, including confidential supervisory information. Confidential supervisory information includes FHFA reports of examination, inspection and visitation, confidential operating and condition reports, and any information derived from, related to, or contained in such reports, or gathered by FHFA in the course of any investigation, suspicious activity report, cease-and- desist order, civil money penalty enforcement order, suspension, removal or prohibition order, or other supervisory or enforcement orders or actions taken under the Federal Housing Enterprises Financial Safety and Soundness Act of 1992, and other conditions as set forth in 12 CFR Part 1214.1.	Basic	CUI//FHFANPI
Financial	Retirement	Related to post-employment funding provided by an employer.	Basic	CUI//RTR
Intelligence	General Intelligence	Related to intelligence activities, sources, or methods.	Specified	CUI//SP-INTEL
Intelligence	Internal Data	Refers to a category of information that is not intended to be disseminated beyond CIA channels that involves intelligence activities, sources, or methods. This information may also relate to the CIA's organization, functions, names, official titles, salaries, or numbers of personnel.	Specified	CUI//SP-ID
Intelligence	Operations Security	Critical information determined to give evidence of the planning and execution of sensitive (frequently classified) government activities after going through a formal systematic vetting process in accordance with National Security Presidential Memorandum Number 28. This process identifies unclassified information that must be protected. It almost always results from an agency’s official OPSEC program, or is otherwise commonly approved for use by the CUI Senior Agency Official.	Basic	CUI//OPSEC
Law Enforcement	Communications	Related to the contents of any wire, oral, or electronic communication.	Basic	CUI//LCOMM
Law Enforcement	Criminal History Records Information	Related to information collected by criminal justice agencies on individuals consisting of identifiable descriptions and notations of arrests, detentions, indictments, informations, or other formal criminal charges, and any disposition arising therefrom, including acquittal, sentencing, correctional supervision, and release.	Specified	CUI//SP-CHRI
Law Enforcement	General Law Enforcement	Related to techniques and procedures for law enforcement operations, investigations, prosecutions, or enforcement actions.	Basic	CUI//LEI
Legal	Legal Privilege	Per 15 USC 78x(f)(4): The term "privilege" includes any work-product privilege, attorney-client privilege, governmental privilege, or other privilege recognized under Federal, State, or foreign law. Per 502(g): (1) "attorney-client privilege" means the protection that applicable law provides for confidential attorney-client communications, and (2) "work-product protection" means the protection that applicable law provides for tangible material (or its intangible equivalent) prepared in anticipation of litigation or for trial. Note: There are two limited dissemination control markings that can be used with this category; Attorney Work Product (AWP), Attorney Client Privilege (AC). These limited dissemination control markings may be used to help identify the type of privilege in the document and limit the dissemination of that information so as to preserve that privilege. These limited dissemination control markings (AWP, AC) may only be used on information protected under the CUI “Legal Privilege” category.	Basic	CUI//PRIVILEGE
Legal	Protective Order	Stipulation that certain information that would normally fall under discovery rules will not be disclosed for specifically stated reason.	Specified	CUI//SP-LPROT
Legal	Administrative Proceedings	Adjudication of agency-related matters including, but not limited to, dispute resolution, settlements, and issuances of orders.	Specified	CUI//SP-ADPO
Legal	Child Pornography	From 18 USC 2256(8) "child pornography" means any visual depiction, including any photograph, film, video, picture, or computer or computer-generated image or picture, whether made or produced by electronic, mechanical, or other means, of sexually explicit conduct, where— (A) the production of such visual depiction involves the use of a minor engaging in sexually explicit conduct; (B) such visual depiction is a digital image, computer image, or computer-generated image that is, or is indistinguishable from, that of a minor engaging in sexually explicit conduct; or (C) such visual depiction has been created, adapted, or modified to appear that an identifiable minor is engaging in sexually explicit conduct	Specified	CUI//SP-CHLD
Legal	Child Victim/Witness	Information pertaining to a minor who was a victim, witness, or potential witness to a criminal act.	Basic	CUI//CVIC
Legal	Collective Bargaining	Defining agencies' and representatives' duty to negotiate in good faith to include disclosure of certain labor relations training and guidance materials and limiting the issuance of certain subpoenas.	Basic	CUI//BARG
Legal	Federal Grand Jury	Material obtained pursuant to a federal grand jury subpoena, which includes (1) any reference to a specific sitting grand jury; (2) any documentation or data obtained by a grand jury subpoena if disclosure of such material tends to reveal what transpired before or at the direction of the federal grand jury; (3) documentation prepared specifically for the federal grand jury; and (4) transcripts or other recordings of testimony presented to the federal grand jury.	Specified	CUI//SP-JURY
Legal	Legislative Materials	Data related to Congress’s legislative, investigatory or oversight responsibilities of the Executive branch of the Federal government. This includes data related to proposed or pending legislation as well as inquiries submitted by Congress to Federal agencies, agency responses to those inquiries and any other information which, if disclosed, would reveal the nature and scope of Congressional inquiries.	Basic	CUI//LMI
Legal	Presentence Report	A report, generally prepared to assist the court in determining the most appropriate sentence for a defendant. It can include an assessment of the nature and seriousness of the offense and should contain details summarizing the background information of the defendant and the crime.	Basic	CUI//PRE
Legal	Prior Arrest	Information related to previous instances of law enforcement official's apprehension and formal processing of a suspect.	Basic	CUI//PRIOR
Legal	Victim	Information requiring protection of the name or other details that may identify one who was the victim of a crime.	Basic	CUI//LVIC
Legal	Witness Protection	Information related to the secretive details associated with one who has testified or may testify under circumstances that require secrecy of that individual and details pertaining to that person.	Specified	CUI//SP-WIT
Privacy	Contract Use	Stipulations for a contractor to meet before material may be used in performance of certain contracts.	Specified	CUI//SP-CONTRACT
Privacy	Death Records	Related to information contained within an official document issued by a public registry verifying that a person has died, with information such as the date and time of death, the cause of death, and the signature of the attending or examining physician.	Basic	CUI//DREC
Privacy	General Privacy	Refers to personal information, or, in some cases, "personally identifiable information," as defined in OMB M-17-12, or "means of identification" as defined in 18 USC 1028(d)(7).	Specified	CUI//SP-PRVCY
Privacy	Genetic Information	The term "genetic information" means, with respect to any individual, information about-- (i) such individual's genetic tests, (ii) the genetic tests of family members of such individual, and (iii) the manifestation of a disease or disorder in family members of such individual.	Specified	CUI//SP-GENETIC
Privacy	Health Information	As per 42 USC 1320d(4), "health information" means any information, whether oral or recorded in any form or medium, that (A) is created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse; and (B) relates to the past, present, or future physical or mental health or condition of an individual, the provision of health care to an individual, or the past, present, or future payment for the provision of health care to an individual.	Specified	CUI//SP-HLTH
Privacy	Inspector General Protected	Related to the identity of a person making a report to the Inspector General of any Executive agency.	Specified	CUI//SP-PRIIG
Privacy	Military Personnel Records	Any member or former member of the armed forces or affiliated organization of the Department of Defense.	Basic	CUI//MIL
Privacy	Personnel Records	Related to the employees of federal agencies.	Specified	CUI//SP-PERS
Privacy	Student Records	As per 20 USC 1232g, the Family Educational Rights and Privacy Act of 1974, an education record which is comprised of those records which are directly related to a student.	Specified	CUI//SP-STUD
Procurement and Acquisition	General Procurement and Acquisition	Material and information relating to, or associated with, the acquisition and procurement of goods and services, including but not limited to, cost or pricing data, contract information, indirect costs and direct labor rates.	Specified	CUI//SP-PROCURE
Procurement and Acquisition	Small Business Research and Technology	Relating to certain "Small Business Innovation Research Program" and "Small Business Technology Transfer Program" information in a government database, as referenced in 15 USC 638(k)(2).	Basic	CUI//SBIZ
Procurement and Acquisition	Source Selection	Per FAR 2.101: any of the following information that is prepared for use by an agency for the purpose of evaluating a bid or proposal to enter into an agency procurement contract, if that information has not been previously made available to the public or disclosed publicly: (Items 1-10).	Specified	CUI//SP-SSEL
Provisional	Operations Security Information	Unclassified information that could constitute an indicator of U.S. Government intentions, capabilities, operations, or activities or otherwise threaten/compromise operations security.	Basic	CUI
Provisional	Personnel Security Information	Information that could result in physical risk to DHS personnel or other individuals that DHS is responsible for protecting.	Basic	CUI
Provisional	Privacy Information	Information referred to as Personally Identifiable Information (PII). PII embodies information that can be used to distinguish or trace an individual's identity, either alone or when combined with other information that is linked or linkable to a specific individual.	Basic	CUI
Provisional	Sensitive Personally Identifiable Information	A subset of PII that, if lost, compromised, or disclosed without authorization could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual. Some forms of PII are sensitive as stand-alone elements. a. Examples of stand-alone PII include Social Security Numbers (SSN), driver's license or state identification number; Alien Registration Numbers; financial account number; and biometric identifiers such as fingerprint, voiceprint, or iris scan. b. Additional examples of SPII include any groupings of information that contain an individual's name or other unique identifier plus one or more of the following elements: Truncated SSN (such as last four digits) Date of birth (month, day, and year) Citizenship or immigration status Ethnic or religious affiliation Sexual orientation Criminal history Medical information System authentication information such as mother's maiden name, account passwords, or personal identification numbers c. Other PII may be "sensitive" depending on its context, such in as a list of employees and their performance rating(s) or an unlisted home address or phone number. In contrast, a business card or public telephone directory of agency employees contains PII but is not sensitive.	Basic	CUI
Statistical	Investment Survey	Information reported to Treasury, the Federal Reserve Board of Governors, or the Federal Reserve Banks as part of the Treasury International Capital (TIC) data reporting system	Basic	CUI
Statistical	Pesticide Producer Survey	Related to the data gathered regarding the production of pesticides that specifies the non-disclosure of the identity and location of individual producers.	Basic	CUI
Statistical	Statistical Information	Refers to information collected by a Federal statistical agency, unit, or program for statistical purposes or used for statistical activities; under law, regulation, or Government-wide policy such 'Statistical' CUI requires: (1) protection from unauthorized disclosure; (2) special handling safeguards; and/or (3) prescribed limits on access or dissemination.	Specified	CUI//SP-STAT
Statistical	US Census	Related to information gathered by the Bureau of the Census during the process of collecting, compiling, evaluating, analyzing of demographic, economic, and social data pertaining at a specified time to any or all persons in the United States and dissemination is limited to those with special sworn status, who may only use the data for statistical purposes and only for those statistical purposes for which the data was supplied.	Specified	CUI//SP-CENS
Tax	Federal Taxpayer Information	Related to returns and return information which are submitted, gathered or generated in conjunction with taxpayers’ responsibilities to comply with federal tax provisions in the United States Code.	Specified	CUI//SP-TAX
Tax	Tax Convention	Related to any--(A) agreement entered into with the competent authority of one or more foreign governments pursuant to a tax convention, (B) application for relief under a tax convention, (C) background information related to such agreement or application, (D) document implementing such agreement, and (E) other information exchanged pursuant to a tax convention which is treated as confidential or secret under the tax convention. Tax convention information originating with the IRS generally retains its confidential status even when it resides with agencies other than the IRS.	Basic	CUI
Tax	Taxpayer Advocate Information	A local taxpayer advocate (LTA) has the discretion to not disclose to the IRS contact with, or information provided by, a taxpayer. Such discretion may result in declinations of requests for information by IRS personnel including cases involving criminal tax investigations or those where the failure to provide information to the IRS would be beneficial to the taxpayer but to the detriment of the IRS. Such discretion does not extend to cases where the LTA believes a taxpayer is using the Taxpayer Advocate’s office to perpetuate a fraud on the government or in cases where the information is sought in litigation.	Basic	CUI
Tax	Written Determinations	Rulings, determination letters, technical advice memoranda or Chief Counsel Advice, as those terms are defined in Treasury Regulation 301.6110-2, which are made available for public inspection subject to the withholding of certain types of data as enumerated in Treasury Regulation 301-6110.	Specified	CUI//SP-WDT
Transportation	Railroad Safety Analysis Records	Related to the establishment, implementation, or modification of a railroad safety risk reduction program or pilot program, if the record is: (1) Supplied to the Secretary (of Transportation) pursuant to that safety risk reduction program or pilot program; or (2) made available for inspection and copying by an officer, employee, or agent of the Secretary pursuant to that safety risk reduction program or pilot program.	Basic	CUI
Transportation	Sensitive Security Information	As defined in 49 C.F.R. Part 15.5, Sensitive Security Information is information obtained or developed in the conduct of security activities, including research and development, the disclosure of which DOT has determined would constitute an unwarranted invasion of privacy, reveal trade secrets or privileged or confidential information, or be detrimental to transportation safety. As defined in 49 C.F.R. Part 1520.5, Sensitive Security Information is information obtained or developed in the conduct of security activities, including research and development, the disclosure of which DHS/TSA has determined would, among other things, be detrimental to the security of transportation.	Specified	CUI//SP-SSI

We’re here anytime, day or night - 24/7

Your feedback matters