US Government Contractors Now Required to Train Employees on Privacy

By Anna Rudawski (US) on February 23, 2017

Effective January 19, 2017, an update to the Federal Acquisition Regulation (FAR) will require certain contractors that provide services to the federal government to train their employees on privacy. New contracts into which the federal government enters with contractors will include privacy training requirements. In addition, the rule requires contractors to flow down privacy training requirements to their subcontractors.

The rule applies to contractors that:

Handle Personally Identifiable Information;
Have access to a system of records; or
Design, develop, maintain or operate a system of records.

U.S. Department of Defense issues interim rule imposing network penetration reporting requirements and addressing cybersecurity of cloud computing services

Posted on September 3, 2015

On August 25, 2015, the Department of Defense (“DoD”) issued interim rule DARS-2015-0039, which amends the Defense Federal Acquisition Regulation Supplement (“DFARS”) to implement a network penetration reporting requirement for contractors. Additionally, this rule implements DoD policy on the purchase of cloud computing services.

Data Protection Report

contractors

US Government Contractors Now Required to Train Employees on Privacy

About

Topics

Archives