Newsroom icon Client alert

DHS Issues Advisory “Memorandum on Identification of Essential Critical Infrastructure Workers During COVID-19 Response” 

On March 19, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) published a memorandum regarding “essential critical infrastructure workers” (CISA Guidance).  The CISA Guidance’s purpose is to assist both state and local officials when making decisions regarding essential workers in their own jurisdictions. 

The CISA notes that its guidance is published in cooperation with various federal agencies and the private sector, and further makes clear that its guidance is strictly advisory.  Indeed, CISA encourages states and local officials to use their own judgment to produce guidance and directives for their jurisdictions.  The CISA also invites feedback for its guidance, which can be submitted via email to

Until states issue their own definitions for “critical infrastructures” and “essential workers,” the CISA Guidance provides businesses with insight regarding which employees may be permitted and/or required to work regardless of broad isolation, quarantine, or “sheltering in place” orders. 


General Principles

The CISA Guidance notes general principles for governments and businesses to follow when dealing with COVID-19 matters.  These principles are consistent with existing guidance issued by other federal agencies, including the U.S. Department of Health & Human Services’ Center for Disease Control and Prevention (CDC).  These principles include:

  1. COVID-19 issues are federally supported, state managed, and locally executed.
  2. Guidance from the CDC, as well as state and local governments, should be followed.
  3. In-person, non-mandatory activities should be postponed and workers should be encouraged to work remotely.
  4. If remote work is impossible, then businesses should take actions to reduce the likelihood of COVID-19 spreading among workers (g., separating workers by implementing alternating shifts or other work schedule changes, social distancing, etc.).
  5. Business and other organizations should create pandemic and other business continuity plans, or implement existing pandemic and other business continuity plans.
  6. The modern economy requires reliance on technology and prompt supply chains, which in turn requires certain workers to have continued access to specific facilities, sites, and assets.
  7. Workers must establish and maintain clear lines of communication within their businesses and organizations.
  8. Businesses and governments that are reviewing issues related to critical infrastructures must consider these infrastructures’ impact on the local jurisdiction where they are located, as well as other jurisdictions that their operations could indirectly impact.
  9. Jurisdictions should coordinate to reduce the burden of critical infrastructures’ workers who are essential and must cross jurisdictional boundaries to perform their job duties.

 Critical Infrastructures and Essential Workers Within Them

The CISA’s identification of “essential critical infrastructure workers” is “intended to be overly inclusive reflecting the diversity of industries across the United States.”  See U.S. Department of Homeland Security Cybersecurity & Infrastructure Security Agency, Memorandum Identification of Essential Critical Infrastructure Workers During COVID-19 Response (available here).  Because the CISA Guidance is meant to be “overly inclusive,” states or other jurisdictions may apply narrower definitions of “critical infrastructures” and “essential workers.”

 The CISA Guidance lists fourteen categories of “essential critical infrastructure workers”:[1]

  1. Health Care/Public Health
  2. Law Enforcement, Public Safety, First Responders
  3. Food and Agriculture
  4. Energy
  5. Water and Wastewater
  6. Transportation and Logistics
  7. Public Works
  8. Communications and Information Technology
  9. Other Community-Based Government Operations and Essential Functions
  10. Critical Manufacturing
  11. Hazardous Materials
  12. Financial Services
  13. Chemical
  14. Defense Industrial Base

This CISA Guidance provides only insight regarding which employees may be permitted and/or required to work regardless of broad isolation, quarantine, or “shelter in place” orders.   However, during the COVID-19 pandemic, state and local governments have been creating specific sets of guidelines that apply within the appropriate jurisdictions.  Businesses and other organizations should be sure to review state and local guidelines relating to broad isolation, quarantine, or shelter in place orders as they may differ from the CISA Guidance.

If you have questions about these types of guidelines, Vorys attorneys can assist you in evaluating and addressing the related issues.  Please contact your Vorys attorney, Webb Vorys, Sheila Nolan Gartland, or Elizabeth Cramer or Vorys Advisors, Tom Niehaus. Karen Cincione or Dave Hoeffel. 



Vorys attorneys and professionals are counseling our clients in the myriad issues related to the COVID-19 outbreak.  We are taking significant steps to ensure we remain proactive during this extremely fluid environment.  The business and legal challenges our clients are facing are changing each day. 

We have also established a comprehensive Coronavirus Task Force, which includes attorneys with deep experience in the niche disciplines that we have been and expect to continue receiving questions regarding COVID-19. Learn more and see the latest updates from the task force at


[1]  In contrast, the CISA identifies sixteen “critical infrastructures.”  See U.S. Department of Homeland Security Cybersecurity & Infrastructure Security Agency, Identifying Critical Infrastructure During COVID-19, available at  The difference in these numbers likely results from overlap in the types of workers employed in these “critical infrastructures.”

Related Professionals

Jump to Page