The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Podcast - Robots, Rights and New Tech: Balancing Innovation and Data Privacy
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 211: Cybersecurity and Privacy Risks for the Healthcare Industry with Brandon Robinson of Maynard Nexsen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Since 2016, the federal government has implemented numerous procurement regulations and associated contract clauses to address cybersecurity by requiring contractors to adopt various controls and standards to protect...more
On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more
House Passes $460 Billion Package of Spending Bills. Senate Expected to Act Before Shutdown Deadline, Federal News Network - The House passed a $460 billion package of spending bills Wednesday that would keep money...more
To kick off the New Year, Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2023 Recap (including links to all of the resources the team has put out over the...more
The Fiscal Year 2024 National Defense Authorization Act (NDAA) includes numerous provisions relevant to government contractors in areas such as artificial intelligence (AI), cybersecurity, supply chain concerns related to...more
Department of Defense (DOD) Final Rule: Inapplicability of Certain Laws and Regulations to Commercial Items - DOD issues this Final Rule to amend the DFARS to address the inapplicability of certain laws and regulations to...more
Substantive cybersecurity amendments to the Federal Acquisition Regulation (FAR) are underway, significantly altering the duties and obligations of federal government contractors both prior to award and during contract...more
Protecting Our Nation’s Data, Part 2: Implementing Cyber Threat Incident Reporting and Information Sharing - In October 2023, the federal government released a Proposed Rule aimed at incorporating new cybersecurity...more
On September 1, 2023, the U.S. District Court for the Eastern District of Pennsylvania unsealed a qui tam False Claims Act (“FCA”) lawsuit (originally filed on October 5, 2022) alleging Penn State University failed to provide...more
The Department of Homeland Security amended its regulations due to the urgent need to protect Controlled Unclassified Information. On June 21, 2023, the Department of Homeland Security (DHS or Department) issued a final...more
The U.S. Department of Homeland Security (DHS) has issued comprehensive cybersecurity regulations aimed at protecting Controlled Unclassified Information (CUI). These regulations were long-awaited, as the original proposed...more
The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some...more
The federal government recently issued an interim rule, effective immediately, prohibiting the presence or use of the TikTok application in the performance of a contract. This rule continues the government’s actions against...more
Cybersecurity has been an important topic for many years now, yet the government has struggled with how to flow down cybersecurity obligations to its supply chain. The Department of Defense’s (DOD) Cybersecurity Maturity...more
The U.S. Department of Veterans Affairs (VA) released a final rule, effective February 24, 2023, amending the VA’s Acquisition Regulation (VAAR) to impose new cybersecurity procedures and processes to protect sensitive VA...more
Currently defense contractors who receive or create Controlled Unclassified Information (“CUI”) from or for the U.S. Department of Defense (“DoD”) are subject to several contract-based cybersecurity requirements, including...more
On October 5, 2022, the Department of Defense (DOD), in compliance with Section 889 of the National Defense Authorization Act for Fiscal Year 2019, released an updated list (Blacklist) of banned People’s Republic of China...more
Action Required: Federal Contractor Data at Risk of Public Disclosure - On August 19, 2022, the Department of Labor’s Office of Federal Contract Compliance Programs published a public notice to contractors about a Freedom...more
On June 16, 2022, the Department of Defense (DoD) issued a memorandum to its contracting officers emphasizing their obligation to monitor compliance by DoD contractors with the cybersecurity requirements of their contracts....more
At the heels of a recent Civil Cyber-Fraud Initiative related to cybersecurity practices and the False Claims Act (FCA), a cybersecurity-related FCA case has survived a motion for summary judgment, teeing up a trial to...more
The Department of Justice (DOJ) recently announced a new “Cyber-Fraud Initiative” aimed at “developing actionable recommendations to enhance and expand [DOJ’s] efforts against cyber threats.” The initiative will be part of...more
Earlier this month, the Department of Defense (DOD) released the new Cybersecurity Maturity Model Certification (CMMC) 2.0 framework, along with the self-assessment guides for the new Levels 1 and 2, scoping guidance for all...more
The Canadian Institute’s 11th Annual Forum on U.S. Export & Re-Export Compliance for Canadian Operations will take place in Toronto on January 25–27! IN-PERSON and LIVESTREAM options available. Over the last decade, this...more
With the release of GSA Polaris around the corner, one looming issue remains: Contractors may lose out on an award or, perhaps worse, they may find themselves without access to task orders after granted a Polaris award due to...more
WHAT: On November 4, 2021, the U.S. Department of Defense (DOD) announced the completion of a months-long internal review and significant changes to the strategic direction of its Cybersecurity Maturity Model Certification...more