Content begins below.

  • EDUCAUSE and Third-Party Servicer Guidance

    A recent guidance letter from the U.S. Department of Education applies “Third-Party Servicer” regulations to higher education institutions and to their content, software, systems, and services providers. Given the disruption this would cause, EDUCAUSE has asked the department to rescind the letter, fully consult with institutions and their stakeholders, and revise its guidance.

  • FY23 NDAA Omits Incident Reporting Amendment

    The final version of the National Defense Authorization Act for Fiscal Year 2023 excludes a proposed Senate amendment that would have required federal contractors and grant recipients to report cyber incidents involving their contracting/granting agency's data or systems to the agency.

  • Web Accessibility Regulations Are Poised to Be a Focal Point in Spring 2023

    The U.S. Department of Justice intends to issue a notice of proposed rulemaking in 2023 around web accessibility regulations for state and local government entities pursuant to Title II of the Americans with Disability Act. At the same time, The U.S. Department of Education is considering updating regulations implementing Section 504 of the Rehabilitation Act.

  • CISA Issues Request for Information for Cyber Incident Reporting Rulemaking

    Colleges and universities are not subject to the law requiring cyber incident reporting to the Cybersecurity and Infrastructure Security Agency (CISA). However, details of the agency's regulatory process, starting with its recent request for information, are worth noting, given their general implications for federal policy on cyber incident reporting.

  • {{item.listSponsoredContentLabel}}

    • {{:: item.listDate }}
    • {{:: icon.iconTitle }}