On July 9, 2024, the White House Office of Science and Technology Policy (OSTP) released the long-awaited “Guidelines for Research Security Programs at Covered Institutions” (the Guidelines). The Guidelines are intended to...more
In May, the National Institute of Standards and Technology (NIST) issued updated recommendations for security controls for controlled unclassified information (CUI) that is processed, stored or transmitted by nonfederal...more
On March 12, 2024, the Department of Defense (DoD) finalized a rule to open its Defense Industrial Base (DIB) Cybersecurity (CS) Program to all defense contractors who own or operate an unclassified information system that...more
On December 4, the Department of Defense Office of Inspector General (DoD OIG) issued a “special” Audit Report (the Report) that provides insight into common cybersecurity weaknesses related to the protection of Controlled...more
Two years after the Department of Justice (DOJ) established its Civil-Cyber Fraud Initiative, there has been a recent uptick in enforcement and regulatory activity related to cybersecurity. September opened with the unsealing...more
11/3/2023
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
Enforcement Actions ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Fraud ,
General Services Administration (GSA) ,
Proposed Rules ,
Reporting Requirements ,
Settlement ,
Verizon ,
Whistleblowers
On September 15, 2023, the National Institutes of Health (NIH) moved forward with a controversial new policy requiring foreign subrecipients to provide, at least once per year, copies of lab notebooks, data and documentation...more
9/27/2023
/ Collaboration ,
Compliance Monitoring ,
Data-Sharing ,
Department of Health and Human Services (HHS) ,
Disclosure Requirements ,
Documentation ,
Enforcement Actions ,
Foreign Entities ,
GAO ,
Investigations ,
National Institute of Health (NIH) ,
OIG ,
Policy Terms ,
Reporting Requirements ,
Research Funding ,
Whistleblowers
On July 28, 2023, the Biden administration issued “Executive Order on Federal Research and Development in Support of Domestic Manufacturing and United States Jobs” (the “Executive Order”). How federal agencies implement...more
Congressional Republicans are increasingly focused on ensuring that U.S. colleges and universities are properly disclosing gifts and contracts from foreign sources under Section 117 of the Higher Education Act of 1965, 20...more
On June 29, 2023, the U.S. Supreme Court released its highly anticipated decision that overturned 45 years of protection for colleges and universities considering the race of applicants in their admissions process. The Court...more
On March 2, 2023, the Biden administration released the 2023 National Cybersecurity Strategy (the “Strategy”). The Strategy acknowledges that the United States “must [effect] fundamental shifts in how . . . [it] allocates...more
On December 27, 2022, President Biden signed the Preventing Organizational Conflicts of Interest in Federal Acquisition Act (P.L. 117-324 or the “Act”). The law aims to tighten regulations on potential organization conflicts...more
In November 2022, the U.S. government, acting through the Department of Defense, General Services Administration, and National Aeronautics & Space Administration, issued a proposed rule that would amend the Federal...more
12/9/2022
/ Biden Administration ,
Climate Change ,
Compliance ,
Disclosure Requirements ,
Environmental Social & Governance (ESG) ,
Executive Orders ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Greenhouse Gas Emissions ,
Risk Management ,
System For Award Management (SAM) ,
Task Force on Climate-related Financial Disclosures (TCFD)
In July 2022, the Department of Justice (DOJ) released a Comprehensive Cyber Review report (the “Review”) summarizing its assessment of its own cyber-related activities and including recommendations focused on its...more
The global response to Russia’s invasion of Ukraine has triggered wide-reaching sanctions and new export control restrictions that are changing on a daily basis. While it remains to be seen how these new restrictions will...more
Over the past three plus years, the issue of foreign influence over U.S. government-sponsored research has been front and center for the research community. There have been numerous high-profile prosecutions of professors,...more
Key Points -
401(k) plan fiduciaries have the duty to monitor reasonableness of fees for all investment options available to participants under a 401(k) plan.
Offering low-fee investment options does not alleviate the...more
The U.S. Commerce Department has added China’s Academy of Military Medical Sciences (AMMS) and 11 of its affiliated research institutes to the Entity List, thereby prohibiting exports, reexports and in-country transfers of...more
This week, the National Science Foundation (NSF) updated its Cooperative Agreement Financial and Administrative Terms and Conditions to address the vaccine mandate set forth in Executive Order 14042 (Executive Order). NSF...more
President Biden’s Executive Order 14042 (EO 14042) requires covered federal contractor employees to be fully vaccinated against COVID-19 by January 18, 2022, if they are not entitled to an accommodation due to disability or...more
11/29/2021
/ Biden Administration ,
Colleges ,
Coronavirus/COVID-19 ,
Educational Institutions ,
Employer Mandates ,
Executive Orders ,
Federal Contractors ,
Preemption ,
Supremacy Clause ,
Universities ,
Vaccinations ,
Workplace Safety
On November 17, 2021, the U.S. Department of Defense (DOD) published an Advanced Notice of Proposed Rulemaking (ANPRM) previewing significant changes to its Cybersecurity Maturity Model Certification (CMMC) program.1 The...more
Key Points -
On October 6, 2021, the DOJ announced two new initiatives: the Civil Cyber-Fraud Initiative and the National Cryptocurrency Enforcement Team.
The Civil Cyber-Fraud Initiative will fight rising cyber threats...more
10/13/2021
/ Cryptocurrency ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
Department of Justice (DOJ) ,
DFARS ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
NDAA ,
Popular ,
Supply Chain
Key Points -
On Wednesday, May 12, 2021, President Biden issued EO 14,028, “Improving the Nation’s Cybersecurity.” The EO sets out an ambitious schedule of reviews and rulemakings that portend significant changes in the...more
Key Points
- Notice reflects NIH’s continued concerns regarding foreign influence and imposes significant new compliance obligations on both grantees and individual researchers.
- Obligates grantees to provide NIH...more