Changes Coming to the FAR: Government Proposes New Rules on Data Breaches, Cost Evaluation of IDIQ Proposals, and Overseas Small Business Contracting

From: National Law Review

Article By Susan B. Cassidy, Evan Sherwood | Covington & Burling LLP

Among the proposed rules, announced in the Semiannual Regulatory Agenda of the FAR Council and the General Services Administration (“GSA”), are changes that would affect nearly every segment of the government contracts industry.  Although some of the rules may simplify the burdens on contractors, most come with enhanced compliance obligations, particularly with respect to data security and cyber incidents.

Some of the key proposals are summarized below.

  • Data breaches.  Under a new proposal, contractors would be required to use a contractually-specified set of procedures when responding to data breaches involving personally identifiable information (“PII”).  The new contract clauses will implement the requirements in the Office of Management and Budget’s Memorandum M-17-12.  A proposed rule is expected in March.

Read Complete Article


Leave a Reply

Your email address will not be published.

Please Answer: *