Privacy for Everyone! New FAR Rule Imposes Mandatory Training Requirements for Employees Handling PII
Client Alert | less than 1 min read | 12.28.16
After years of consideration, DoD, GSA, and NASA have published a final rule requiring contractor employees who handle personally identifiable information (PII) or work with a system of records to complete initial and annual privacy training that addresses specified elements, including the Privacy Act, working with PII, and the contractor’s incident response plan. The final rule – effective January 19, 2017, and applicable to all contracts including those for commercial items and those below the Simplified Acquisition Threshold – also requires contractors to identify each covered employee, maintain records indicating that its employees have completed the requisite training, and to provide these records to contracting officers upon request.
Contacts
Partner, Crowell Global Advisors Senior Director
- Washington, D.C.
- D | +1.202.624.2698
- Washington, D.C. (CGA)
- D | +1 202.624.2500
Insights
Client Alert | 13 min read | 10.30.25
Federal and State Regulators Target AI Chatbots and Intimate Imagery
In the first few years following the public launch of generative artificial intelligence (AI) in the autumn of 2022, litigation related to AI focused primarily on claims of copyright infringement. Suits revolved around allegations that the data on which AI models train, and/or the output they produce, infringe upon the intellectual property rights of others. (While some of these cases have settled or reached preliminary judgments, many remain ongoing.)
Client Alert | 3 min read | 10.30.25
Is Course Hero Heading to Summer School After Summary Judgment Loss?
Client Alert | 6 min read | 10.29.25
Enhancing UK cyber security resilience and leadership engagement
Client Alert | 9 min read | 10.28.25
Key Takeaways from a Consequential Month of Russia-Related Sanctions
