Cybersecurity Information Sharing Act (CISA), National Security, Regulatory Requirements

DOJ Final Rule Applies to Anonymized, Pseudonymized, and De-Identified Data: What Data Licensors Need to Know

Baker Donelson on 4/29/2025

What's Changed? The U.S. Department of Justice (DOJ) published a Data Security Program (DSP), pursuant to a final rule (Final Rule), which became effective on April 8, 2025....more

Life Sciences Companies Must Navigate the DOJ Data Rule

Goodwin on 4/15/2025

Life sciences companies have long been outside the scope of US national security regulations and benefited from significant exemptions under US privacy laws. ...more

CISA 2015 Reauthorization – Are Changes on the Horizon?

Wiley Rein LLP on 3/4/2025

As we noted in Federal Cybersecurity Policy in 2025: What to Watch in Changing Times, key parts of the Cybersecurity Information Sharing Act of 2015 (CISA 2015), the United States’ foundational cybersecurity information...more

DOJ and CISA Issue Proposed Rules Regulating Export of Bulk Sensitive Data

Paul Hastings LLP on 2/14/2025

The Department of Justice (DOJ) released a Final Rule restricting certain transfers of Americans’ sensitive personal data to identified countries of concern or covered individuals. The Final Rule continues to assert the DOJ...more

User’s Guide to DOJ & CISA Rules Implementing Executive Order 14117

Perkins Coie on 2/3/2025

Executive Order (EO) 14117 is a national security rule intended to mitigate national security risks posed by threat countries’ access to sensitive personal data and government-related data. The EO directed the U.S....more

Data, Deals, and Diplomacy, Part III: DOJ Issues National Security Final Rule with New Data Compliance Obligations for...

Sheppard Mullin Richter & Hampton LLP on 1/30/2025

On January 8, 2025, the Department of Justice (“DOJ”) published its final rule addressing Executive Order (E.O.) 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more

Justice Issues Final Rule Restricting Transfer of Personal U.S. Data to Countries of Concern, Effective in April 2025

Dorsey & Whitney LLP on 1/15/2025

The U.S. Department of Justice (“DOJ”) published its final rule (“Final Rule”) on January 8, 2025, that will prohibit or restrict transfer of certain data of U.S. persons to countries of concern, including to China. The Final...more

DOJ/CISA finalize new rules regarding data transfers to countries of concern

A&O Shearman on 1/15/2025

On December 27, 2024, the U.S. Department of Justice (DOJ) announced its final rule on the transfer of certain bulk sensitive personal data to China, Russia, and other countries. Following this, on January 3, 2025, the U.S....more

DOJ Issues Final Rule Restricting Flow of Bulk Sensitive Personal Data to China and Other Countries of Concern

Ropes & Gray LLP on 1/9/2025

On January 8, 2025, the Department of Justice (“DOJ”) published its Final Rule to implement President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States...more

Privacy Briefs: November 2024

Health Care Compliance Association (HCCA) on 11/14/2024

Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more

Client Alert: White House Executive Order Seeks to Protect Americans’ Sensitive Personal Data and US Government-Related Data in...

Jenner & Block on 3/7/2024

On February 28, 2024, President Biden issued Executive Order 14117 on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (the EO). The EO empowers...more

Cybersecurity Information Sharing Act (CISA) › National Security › Regulatory Requirements

"My best business intelligence, in one easy email…"