Data Law Insights

Data Law Insights

Legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery

Category Archives: Government Regulations & FISMA

Subscribe to Government Regulations & FISMA RSS Feed

Cybersecurity and Data Privacy in 2013: Contracting in a Time of Increased Scrutiny

Posted in Cloud Computing, Cybersecurity / Data Security, Government Regulations & FISMA, Privacy, Public Sectors
2013 has been a historic year for cybersecurity, privacy and data breach issues. From the President’s Executive Order, to the revised NIST security & privacy controls, and to the groundbreaking Mandiant report on cyber espionage, the pressure is on for companies to secure their handling of sensitive data. In order to mitigate the risk of… Continue Reading

Regulating Cybersecurity On A Piecemeal Basis—Can The Executive Order Harmonize The Cyber Law Patchwork?

Posted in Cybersecurity / Data Security, Government Agencies, Government Regulations & FISMA, Privacy, Rules
With no comprehensive cybersecurity legislation nearing the finish line, Congress and federal agencies have attempted to fill the void with a series of piecemeal laws, regulations, and polices leaving both the public and private sector with fragmented — even inconsistent — guidance on how to defend cyberspace.  As we discuss in our recent article, “Regulating… Continue Reading

NIST Now “King of the Hill” on Cyber Standards

Posted in Cybersecurity / Data Security, Government Agencies, Government Regulations & FISMA, Privacy, Public Sectors
Following its key cyber role in President Obama’s Executive Order No. 13636 issued this February, the National Institute of Standards and Technology (NIST) again seized the reins on federal cybersecurity standards on April 30, issuing the 457-page tome, Security and Privacy Controls for Federal information Systems and Organizations, that not only provides the “most comprehensive… Continue Reading

HIPAA Final Rule Applicable to Cloud Providers and Data Vendors

Posted in Cloud Computing, Cybersecurity / Data Security, Government Regulations & FISMA, Information Management, Privacy
The Health Insurance Portability and Accountability Act (HIPAA) final rule published on January 25, 2013 contains important changes that affect data management organizations, such as cloud providers. In many cases, entities that have access to health information will be considered “Business Associates.” Such entities would therefore be required to comply with HIPAA’s extensive security provisions… Continue Reading

Government Sanctioned for Spoliation in $32 Million Bid Protest

Posted in Government Agencies, Government Contracting, Government Regulations & FISMA, Preservation, Sanctions, Spoliation
On January 14, 2013, a federal court sanctioned the government for failing to preserve a website advertising a $32 million Department of Veterans Affairs procurement, finding that the Federal Acquisition Regulations requiring the government to preserve documents related to procurements triggered its duty to preserve the website. Noting that the government’s conduct amounted to negligence… Continue Reading

FTC Finalizes Changes to Rules Governing Investigatory Procedures, Primarily to Address Issues Regarding Electronically Stored Information

Posted in Cooperation/Meet & Confer, Ethics, Government Agencies, Government Regulations & FISMA, Preservation, Privilege/Rule 502, Public Sectors, Rules
On September 27, 2012, the Federal Trade Commission published final revisions to the Commission’s Rules of Practice governing its investigatory process (16 CFR Part 2) and attorney discipline (16 CFR Part 4). Spurred in large part by the challenges posed by discovery of electronically stored information, the Commission explained that the final rules will “update… Continue Reading