1. Home
  2. |Insights
  3. |Privacy for Everyone! New FAR Rule Imposes Mandatory Training Requirements for Employees Handling PII

Privacy for Everyone! New FAR Rule Imposes Mandatory Training Requirements for Employees Handling PII

Client Alert | less than 1 min read | 12.28.16

After years of consideration, DoD, GSA, and NASA have published a final rule requiring contractor employees who handle personally identifiable information (PII) or work with a system of records to complete initial and annual privacy training that addresses specified elements, including the Privacy Act, working with PII, and the contractor’s incident response plan. The final rule – effective January 19, 2017, and applicable to all contracts including those for commercial items and those below the Simplified Acquisition Threshold – also requires contractors to identify each covered employee, maintain records indicating that its employees have completed the requisite training, and to provide these records to contracting officers upon request.

Contacts

Insights

Client Alert | 2 min read | 03.27.26

CMS Releases PY 2020 RADV Audit Methods and Instructions: Key Takeaways for Health Plans

On March 20, 2026, the Centers for Medicare and Medicaid Services (CMS) released new guidance outlining the agency’s audit methods and instructions for Medicare Advantage (MA) plans subject to upcoming risk adjustment data validation (RADV) audits for payment year (PY) 2020. In addition to providing necessary context for MA plans selected for auditing, this resource clarifies CMS’s methodological and procedural expectations. While the high-level takeaways are recapped below for convenience, we strongly recommend that MA organizations selected for PY 2020 audits closely review the guidance to understand what may be involved — or required — during the agency’s review....

View All Insights