DoD's New Year's Gift: More Time to Meet Cyber Safeguarding Requirements
Client Alert | 1 min read | 12.30.15
On December 30, DoD issued an interim rule amending the DFARS Safeguarding Rule in several respects, including to provide contractors up to December 31, 2017, to comply with the security control requirements identified in DFARS 252.204-7012, Safeguarding Covered Defense Information and Cyber Incident Reporting, and detailed in NIST Special Publication 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations. Despite the additional time to comply, within 30 days of contract award, contractors must still notify the DoD Chief Information Officer of any NIST SP 800-171 security requirements not yet implemented.
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 2 min read | 02.03.26
CMS Doubles Down on RADV Audit Changes
On January 27, 2026, the Centers for Medicare and Medicaid Services (CMS) released a Health Plan Management System (HPMS) memo that provided a long-awaited update on how the agency plans to approach previously announced Risk Adjustment Data Validation (RADV) audits for Payment Years (PY) 2020-2024. The memo is the agency’s most comprehensive statement on the subject since September 25, 2025, when the Northern District of Texas vacated the 2023 RADV Final Rule. The memo makes clear that, while CMS has made certain operational adjustments in response to concerns expressed by Medicare Advantage Organizations (MAOs), the agency is largely pressing forward with the accelerated audit strategy announced in May 2025.
Client Alert | 7 min read | 01.30.26
CMS Proposes CY 2027 Growth Rate and Changes to Risk Adjustment for Medicare Parts C and D
Client Alert | 4 min read | 01.30.26
Optimum’s Shot Across the Bow: An Antitrust Challenge to Cooperation Agreements
Client Alert | 9 min read | 01.30.26
