This is the fifth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity”, issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the second, third, and fourth blogs described the actions taken by various federal government agencies to implement the EO during June, July, and August 2021, respectively.  This blog summarizes  key actions taken to implement the Cyber EO during September 2021.

I.   Actions Taken During September 2021 to Modernize Federal Government Cybersecurity

The Office of Management and Budget (OMB) publically released a draft zero trust architecture strategy for federal agencies on September 9, 2021.  On that same day, the Cybersecurity and Infrastructure Agency (CISA) issued two draft documents designed to further OMB’s zero trust strategy: the Zero Trust Maturity Model and the Cloud Security Technical Reference Architecture.  Each of these documents was required by Section 3 of the Cyber EO to modernize and standardize federal government agency approaches to cybersecurity.

Continue Reading September 2021 Developments Under President Biden’s Cybersecurity Executive Order

Many of our clients have been calling to ask whether failure to comply with the Administration’s Executive Order imposing vaccine mandates on federal contractors could lead to False Claims Act liability, and what steps they can take to minimize the risk of liability.  Much remains unknown, especially what specific obligations will be included in the FAR clause to be released on October 8.  However, we have highlighted a few key considerations that should be front of mind for all contractors and subcontractors.

Continue Reading COVID-19 Vaccine Mandate for Federal Contractors Could Pose False Claims Act Risk

On September 24, the Safer Federal Workforce Task Force released guidance on workplace safety protocols for federal contractors and subcontractors related to COVID-19 (“the Guidance”).  The Guidance was issued pursuant to President Biden’s Executive Order on Ensuring Adequate COVID Safety Protocols for Federal Contractors.

As expected, the Guidance covers a broad range of contract types and contractors, and mandates COVID-19 vaccinations for covered contractor employees along with masking and social distancing measures to prevent the spread of the disease.  But it also includes some unanticipated exceptions.  The Guidance sets baseline requirements under the Executive Order that are expected to be updated over time and implemented through a contract clause that will be issued by the Federal Acquisition Regulatory (“FAR”) Council.  Federal contractors should carefully examine the Guidance and ensure that they are prepared to timely comply as well as monitor for and adapt to any updates from the Task Force.

Our prior post on the Executive Order can be found here.

Continue Reading Task Force Releases Guidance on New COVID-19 Vaccine Mandate for Federal Contractors

On September 9, the Biden Administration released a number of new details for its Path out of the Pandemic that will impact U.S. Government contractors and a number of other individuals and entities.  In addition to requiring most executive agency employees to receive COVID-19 vaccines, the Administration plans to mandate that executive agency contractors and subcontractors, with some exceptions, impose similar requirements on their employees pursuant to an executive order that will fully go into effect on October 15, 2021.  The overall impact of the executive order will not be clear until additional details are released in the coming weeks, but government contractors should begin considering the implications of the new requirements and take steps to ensure timely compliance.

Continue Reading COVID-19 Vaccine Requirements for U.S. Government Contractors

This blog continues Covington’s review of important deadlines and milestones in implementing the Executive Order on Improving the Nations’ Cybersecurity (E.O. 14028, or the “Cyber EO”) issued by President Biden on May 12, 2021.  Previous blogs have discussed developments under the Cyber EO in June 2021 and July 2021.  This blog focuses on developments affecting the EO that occurred during August 2021.

The Cyber EO requires federal agencies to meet several important deadlines in August 2021.  These deadlines are in the areas of enhancing critical software supply chain security, improving the federal government’s investigative and remediation capabilities, and modernizing federal agency approaches to cybersecurity.  In addition, the National Institute of Standards and Technology (“NIST”) took several significant actions related to supply chain security in August 2021, not all of which were driven by deadlines in the Cyber EO.  This blog examines the actions taken by federal agencies to meet the EO’s August deadlines as well as the NIST actions referred to above.

Continue Reading August 2021 Developments Under President Biden’s Cybersecurity Executive Order

The world has been almost singularly focused on the 2019 coronavirus for more than 18 months now, but the fact remains that we still face an array of other known pathogens with pandemic potential and any number of unknown pathogens that could pose a similar risk.  These threats have periodically been an area of congressional focus since the 2009 H1N1 influenza pandemic, and most recently a bill for the Disease X Act would renew this focus and direct it at new, currently unknown viral threats.  The bill is poised to be a key piece of legislation in ongoing and future biodefense initiatives and pandemic preparedness. Continue Reading The Next Pandemic: New Bill Looks Ahead to Counteract Novel Threats

The FAR explains that the Government must accept or reject work as “promptly as practicable after delivery.”  FAR 52.246-2(j).  But what if the contractor knows its work is not compliant, but has asked the agency for a deviation from the contract’s terms?  A recent decision from the ASBCA provides guidance on this tough but not uncommon issue.

Continue Reading Accepting What You Can’t Change: ASBCA Holds that an Agency Must Accept Non-Conforming Goods After Waiting to Consider a Deviation

The government is moving forward with further changes to Buy American Act (“BAA”) regulations.  But based on yesterday’s public meeting to discuss the July 30 notice of proposed rulemaking (“NPRM”) to revise existing BAA regulations, it remains to be seen exactly where those changes are headed.

As discussed in our prior client alert, the NPRM implements Executive Order 14005 (“Ensuring the Future Is Made in All of America by All of America’s Workers”) by proposing three major changes to existing BAA regulations: (1) higher domestic content thresholds; (2) enhanced price preferences for “critical” items and components; and (3) new domestic content reporting requirements for “critical” items and components.  The agenda for the public meeting covered each of these changes, as well as other questions raised in the NPRM related to BAA waivers and exceptions.

Continue Reading Buy American Act Update: FAR Council Holds Public Meeting on New Proposed Rule

The employee non-competition agreement landscape continues to evolve rapidly, with several states enacting new limits on the use of non-competition agreements between employers and employees.  Once a valuable tool for employers to protect their businesses from unfair competition, loss of customers, or misuse of company confidential information, many states have increasingly limited the enforceability of such agreements.

The federal government is now weighing in on the appropriate use of non-competition agreements between employers and employees.  President Biden’s July 9, 2021 Executive Order asks the Federal Trade Commission (“FTC”) to limit such agreements—signaling a potential expansion of federal regulation of agreements between employers and workers.  And a pending Senate bill would ban most non-competition agreements.  Given these developments, government contractors and other employers should assess whether their use of these agreements with employees is consistent with recent state developments and aligned with the broader trend toward limiting the enforceability of these agreements.

Continue Reading Recent Federal and State Laws Restrict Use of Employee Non-Competition Agreements by Government Contractors and Other Employers

On May 12, 2021, the Biden Administration issued an Executive Order on Improving the Nation’s Cybersecurity (the “EO”).  The EO sets out a list of deliverables due from a number of governmental entities in June 2021 and successive months.  Our overall summary of the EO and its deliverables can be found here, and our discussion of the EO deliverables that were due in June 2021 can be found here.  This blog addresses the EO deliverables in July 2021. Continue Reading July 2021 Developments Under the Executive Order on Improving the Nation’s Cybersecurity