DON’T LET PRIVACY ACT TRAINING GET LOST IN THE REGULATORY SHUFFLE
With many companies focusing on new rules and regulations that can impact their government contract, the need for Privacy Act training may have been forgotten. Indeed, training on many government requirements can fall by the wayside as contractors focus on developing and closing business. Delayed training, though, is like delayed building maintenance. Ignore it for too long and things can literally fall down around you. Federal contractors have been required since 2017 to provide annual Privacy Act training for employees who have access to a system of records, design, develop, maintain, and operate a system of records, or handle personally identifiable information. The training must cover specific topics, including the proper handling and safeguarding of personal information, restrictions on the use of unauthorized equipment, and prohibitions against the unauthorized use of information. Training on this rule, though, is likely uneven among contractors and, if a contractor decides to perform their own training, government contract attorneys recommend that such companies consult with legal counsel to make sure that the training satisfies the requirements of the new regulations. Additionally, they can provide assistance in the event of a privacy breach or suspected breach. Federal agencies collect a vast amount of personally identifiable information from citizens, and it is the responsibility of the contractors who work with these agencies to ensure that this information is secure and protected from any unauthorized access or disclosure. Failure to comply with these regulations can result in legal liabilities and create obstacles for companies when they seek new business. It is important, therefore, that contractors take the necessary steps to ensure that their employees receive the required training and comply with applicable regulations.