OMB

Last week, the Office of Management and Budget issued an updated breach response policy for federal agencies, replacing a policy last updated in 2007.  The policy, set forth in memorandum M-17-12, provides minimum standards for federal agencies in preparing for and responding to breaches of personally identifiable information (PII).  
Continue Reading Updated OMB Breach Response Policy Includes Required Breach-Related Provisions for Federal Agency Contracts

By Susan Cassidy, Alex Sarria

On August 11, 2015, the Office of Management and Budget (OMB) issued a draft guidance memorandum intended to improve cybersecurity protections in federal acquisitions. Specifically, the proposed memorandum provides direction to federal agencies on “implementing strengthened cybersecurity protections in Federal acquisitions for products or services
Continue Reading OMB Issues New Draft Cyber Guidance for Contractors

Today, the Federal Communications Commission adopted new rules that strengthen its restrictions on autodialed or prerecorded telemarketing calls.  The FCC billed the new rules as an effort to maintain consistency with the Federal Trade Commission’s telemarketing sales rule, which also governs telemarketing calls, and to give consumers control over the
Continue Reading FCC Adopts New Telemarketing Restrictions

The Office of Information and Regulatory Affairs (OIRA) recently released a model Privacy Impact Assessment (PIA) that federal agencies must use before they employ third-party websites and applications to communicate with the public.  The new rules issued by OIRA, an arm of the White House’s Office of Management and Budget (OMB), build on rules the agency issued in June 2010.Continue Reading OIRA Releases Privacy Impact Assessment for Agency Use of Third-Party Websites

In July of last year, the U.S. Department of Health & Human Services Office for Civil Rights issued a proposed regulation implementing changes to HIPAA resulting from the HITECH Act.  As we previously reported, the proposed regulation significantly expands the scope of the privacy, security, and enforcement provisions of

Continue Reading Coming Soon: Final HITECH Act HIPAA Privacy/Security Rules