Anyone who has been closely following the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program knows the effort has experienced a fair number of complications and delays. ForContinue Reading Updated Timeline for CMMC Implementation
Department of Defense
The Impact of DOD’s Enhanced Debriefings Rule on Bid Protest Timeliness
On March 18, 2022, the Department of Defense (“DOD”) issued its long-awaited Final Rule implementing Section 818 of the National Defense Authorization Act for Fiscal Year 2018 (“NDAA FY 2018”), and formally codifying defense contractors’ rights to post-award enhanced debriefings. Contractors have been bound by a Class Deviation implementing these requirements since March 2018, with DOD only issuing its proposed rule in May 2021. Though the Final Rule largely tracks the proposed rule, it does include several important clarifications, and, of course, directly impacts timeliness rules for filing post-award protests of DOD awards at the Government Accountability Office (“GAO”).
Continue Reading The Impact of DOD’s Enhanced Debriefings Rule on Bid Protest Timeliness
The NISPOM is Becoming a Regulation & Contractors Have Six Months to Comply
On December 21, 2020, the Department of Defense (“DoD”) published a final rule in the Federal Register that codifies the National Industrial Security Program Operating Manual (“NISPOM”) in the Code of Federal Regulations (“CFR”) at 32 CFR part 117. The rule will become effective on February 24, 2021, giving contractors six months from the effective date to comply with the changes. Comments on the proposed change are due by February 19, 2021.…
Continue Reading The NISPOM is Becoming a Regulation & Contractors Have Six Months to Comply
DoD’s Squeeze of Chinese Telecom Equipment Continues
At the end of 2019, the Department of Defense (“DoD”) took another step to limit the potential cyber risks posed by telecommunications equipment manufactured by Chinese companies (and potentially Russian…
Continue Reading DoD’s Squeeze of Chinese Telecom Equipment Continues
What’s the VA Got to Do With It? Military Medical Procurement Changes Reach the VA
There are big changes happening in military healthcare procurement. Some are unsurprising given the October 1, 2019 deadline for the reorganization of all military hospitals and clinics under the management of the Department of Defense (DOD), Defense Health Agency (DHA). But some may be unexpected, reaching all the way to Department of Veterans Affairs (VA) procurement, though the extent to which the VA will ultimately be affected is unclear. In the past few weeks, at least three major announcements were made regarding military healthcare: (1) DHA and the Defense Logistics Agency (DLA) signed a memorandum of agreement (MOA) regarding their respective rolls in DOD healthcare, (2) DLA gave the VA access to its medical/surgical prime vendor formulary indefinitely, and (3) the VA cancelled its long-anticipated prime vendor solicitation under the Medical/Surgical Prime Vendor (MSPV) 2.0 program. Is this all a coincidence? Probably not.
Continue Reading What’s the VA Got to Do With It? Military Medical Procurement Changes Reach the VA
Contractors Beware: The 2018 NDAA Ushers In New Changes Affecting IP Rights
The 2018 National Defense Authorization Act (“NDAA” or “Act”) includes changes that could make the Department of Defense (“DoD”) a more effective and knowledgeable purchaser of Intellectual Property (“IP”) and promote more flexible IP acquisition strategies. These same changes also could encourage Contracting Officers to insist on broader IP rights and delivery requirements. While it has always been important for contractors to protect their IP (click here for our list of “Top 10 Ways to Lose Rights in Your IP”), with the passage of the 2018 NDAA, avoiding the loss of valuable IP rights could require even more sophistication and vigilance.
Continue Reading Contractors Beware: The 2018 NDAA Ushers In New Changes Affecting IP Rights
Insider Threat Programs – A New Challenge for Cleared Contractors
On May 18, 2016, the Department of Defense issued Conforming Change 2 of the “National Industrial Security Operating Manual” (“NISPOM”). NISPOM Change 2 requires all U.S. government contractors who require access to U.S. classified information to implement an Insider Threat Program (“ITP”) that will gather, integrate and report relevant information related to potential or actual insider threats among cleared employees by November 30, 2016. Insider threats – a growing phenomenon – arise when employees or contractors exploit legitimate access to an organization’s data for unauthorized or malicious purposes. Much of the impetus for the new rule appears to be a valid concern about large-scale thefts of classified data, as exemplified by Edward Snowden’s release of a vast trove of sensitive documents stolen from the U.S. National Security Agency.
Continue Reading Insider Threat Programs – A New Challenge for Cleared Contractors