View Rule

View EO 12866 Meetings Printer-Friendly Version     Download RIN Data in XML

DHS/OS RIN: 1601-AA76 Publication ID: Fall 2015 
Title: Homeland Security Acquisition Regulation: Safeguarding of Sensitive Information; Information Technology Security and Privacy Training 

This Homeland Security Acquisition Regulation (HSAR) rule will propose to establish security standards that government contracts must contain in order to mitigate and manage potential breaches of sensitive information such as Personally Identifiable Information (PII).  Specifically, the rule will define key terms, outline security requirements and inspection provisions for contractor information technology (IT) systems that store or process sensitive information, institute incident notification and response procedures, identify post-incident credit monitoring requirements, and identify IT security awareness training requirements for contractor employees with access to DHS information systems as well as privacy training requirements for contractor employees with access to PII.

Agency: Department of Homeland Security(DHS)  Priority: Other Significant 
RIN Status: Previously published in the Unified Agenda Agenda Stage of Rulemaking: Proposed Rule Stage 
Major: Undetermined  Unfunded Mandates: No 
CFR Citation: 48 CFR 3002    48 CFR 3004    48 CFR 3039    48 CFR 3052   
Legal Authority: 5 U.S.C. 301 to 302    41 U.S.C. 1302    41 U.S.C. 1303    41 U.S.C. 1707   
Legal Deadline:  None
Action Date FR Cite
NPRM  03/00/2016 
Regulatory Flexibility Analysis Required: Undetermined  Government Levels Affected: Federal 
Federalism: No 
Included in the Regulatory Plan: No 
RIN Data Printed in the FR: No 
Agency Contact:
Shaundra Ford
Procurement Analyst
Department of Homeland Security
Office of the Chief Procurement Officer, Acquisition Policy and Legislation, 245 Murray Lane SW,
Washington, DC 20528
Phone:202 447-0056