Contributing Editor: Jarret Cummings, Senior Advisor for Policy and Government Relations, EDUCAUSE
The final version of the National Defense Authorization Act for Fiscal Year 2023 excludes a proposed Senate amendment that would have required federal contractors and grant recipients to report cyber incidents involving their contracting/granting agency's data or systems to the agency.
The U.S. Department of Justice intends to issue a notice of proposed rulemaking in 2023 around web accessibility regulations for state and local government entities pursuant to Title II of the Americans with Disability Act. At the same time, The U.S. Department of Education is considering updating regulations implementing Section 504 of the Rehabilitation Act.
The Copyright Claims Board helps rights holders but may expose researchers and students to litigation. Higher education institutions and research libraries can position themselves to support students and prevent possible risks to scholarship.
EDUCAUSE community members offer federal policy perspectives on the 2023 Top 10 IT Issues.
Colleges and universities are not subject to the law requiring cyber incident reporting to the Cybersecurity and Infrastructure Security Agency (CISA). However, details of the agency's regulatory process, starting with its recent request for information, are worth noting, given their general implications for federal policy on cyber incident reporting.
While higher education is not covered by a pending rulemaking on cyber incident reporting, EDUCAUSE is monitoring the process given the possibility that colleges and universities could face a similar requirement in the future.
The National Telecommunications and Information Administration has taken the first steps in implementing the broadband programs of the Infrastructure Investment and Jobs Act.
A comprehensive privacy bill has cleared a House committee for the first time, but its flaws on federal preemption and a private right of action may limit its prospects. The way the bill handles exceptions for existing laws is also concerning for higher education.
The Safeguards Rule audit objective for the federal single audit remains unchanged for the FY22 audit process. It will likely change in future years, however, to align with the new Safeguards Rule requirements that take effect in December.
Helen Norris, EDUCAUSE board chairperson and Chapman University CIO, testified to a Senate committee about higher education cybersecurity challenges and what the federal government could do to help.
