Tag Archives: DFARS

DFARS Cyber Rule – What Questions Should Contractors Ask Themselves in the New Year?

[The referenced article was originally published in Law360.] Since August 2015, defense contractors have been on notice that they were required to implement the security controls in National Institute of Standards and Technology (“NIST”) Special Publication (“SP”) 800-171 no later than December 31, 2017 on covered contractor information systems. Although the focus has been on meeting … Continue Reading

Confidentiality Agreements Continue To Pose Potential Compliance Trap for Contractors

Federal contractors who require employees to sign confidentiality agreements—including those selling only commercial products or in small quantities—need to examine their agreements closely. For the last two years, the government has sought to prohibit confidentiality agreements that restrict employees’ ability to report fraud, waste, or abuse to “designated investigative or law enforcement representative[s]” for federal … Continue Reading

Cybersecurity Update: DoD Releases Long-Awaited Final Rule

On October 21, 2016, the Department of Defense (DoD) issued its long-awaited Final Rule—effective immediately—imposing safeguarding and cyber incident reporting obligations on defense contractors whose information systems process, store, or transmit covered defense information (CDI). The Final Rule has been years in the making and is the culmination of an initial rule issued in November … Continue Reading

DoD Finally Issues Proposed Rule Addressing 2012 NDAA Changes to Technical Data Rights

On June 16, 2016, the Department of Defense (DoD) issued a proposed rule to implement Section 815 of the National Defense Authorization Act for Fiscal Year 2012, which was originally enacted in December 2011.  Under the proposed rule, DoD would be given additional flexibility to release technical data or computer software to third parties (including … Continue Reading

Defense Contractors Must Share (Even More) Information About Their IR&D Projects Before DoD Will Reimburse IR&D Costs

The Department of Defense (DoD) will require contractors to disclose more information about their Independent Research & Development (IR&D) projects before the Government will reimburse IR&D costs, the Pentagon said in a proposed rule issued earlier this week.  The proposed rule, which was previewed in an August 2015 white paper, is the latest sign that … Continue Reading

DoD Memo Reveals Poor Scorecard for Agency’s Inclusion of the UCTI DFARS Clause in New Contracts

On February 25, 2015, the Office of the Secretary of Defense (AT&L) issued a memorandum containing an agency “Scorecard” for the implementation of the DFARS clause on safeguarding Unclassified Controlled Technical Information (“UCTI”).  The final UCTI rule was published on November 18, 2013 and required the new DFARS clause 252.204-7012−which imposes requirements for (1) safeguarding … Continue Reading

DoD to Impose Yet Another Form of Rapid Reporting Requirements

The National Defense Authorization Act for Fiscal Year 2015 (“NDAA FY 15”) was passed by the House of Representatives on December 4, 2014, and is expected to pass in the Senate.  Among NDAA FY 15’s cybersecurity and acquisition provisions are directions for the Secretary of Defense to establish rapid reporting requirements for “operationally critical contractors.” … Continue Reading
LexBlog