On May 12, 2021, the Biden Administration issued an Executive Order on “Improving the Nation’s Cybersecurity” (EO). The EO was in the works prior to the Colonial Pipeline cyberattack, reportedly a ransomware incident that snarled the flow of gas on the east coast for days. Ransomware attacks are nothing new, but they are increasing in
Federal Contractors: Have You Done Your Privacy Training?
Federal contractors know all too well the list of annual requirements and obligations can seem overwhelming at times. One that may get overlooked by some is annual training requirements. A fairly new such training went into effect in 2017 – it requires certain federal contractors to do annual data privacy training.
According to the U.S.
The White House’s Revisions to its Breach Response Policy For Federal Agencies and Departments Also Affect Contractors
On January 3, 2017, the Obama Administration issued a memorandum to all executive departments and agencies setting for a comprehensive policy for handling breaches of personally identifiable information (the “Memorandum”), replacing earlier guidance. Importantly, the Memorandum also affects federal agency contractors as well as grant recipients.
The Memorandum is not the first set of guidance
Federal Contractors Required to Conduct Privacy Training Under Proposed Regulations
A proposed regulation would require federal contractors to conduct privacy training on at least 7 key areas before being given access to government records or handling personally identifiable information. Failing to provide the training potentially would put a halt to the contractor’s government work.
Continue Reading Federal Contractors Required to Conduct Privacy Training Under Proposed Regulations
The White House’s Cybersecuirty Legislative Proposal
Today the White House issued a Cybersecurity Legislative Proposal. The proposed legislation focuses on protecting the American people, the nation’s critical infrastructure, and the federal government’s computers and networks. While legislation of this nature would simplify the breach reporting process for businesses, and overall streamline cybersecurity laws, a number of legislative attempts to do this have previously
Social Security Number Protection Act of 2010
On December 18, 2010 President Obama signed into law the Social Security Number Protection Act of 2010. The law has two key components.
First, the law establishes that no Federal, State, or local agency may display the Social Security account number of any individuals or any derivative of such number, on any check issued for
Federal Agencies Tighten Data Security Screws on Federal Contractors
Federal contractors are subject to numerous requirements under federal law and, as we have previously highlighted here, need to keep pace with changes in law and regulation.
Under the Federal Information Security Management Act of 2002 (FISMA) each federal agency is required to develop, document, and implement an agency-wide program to provide information security
Employers Go Green: Electronic On-Boarding – Personal Information and Other Challenges
In good and not-so-good economic times, the on-boarding process – recruiting, application, hiring and orientation – is critical for employers to attract and welcome new talent. In recent years, technology has enabled employers to perform all or a part of this process on-line, significantly increasing efficiency and reducing costs. Moving to a web-based on-boarding system