Watch for Defense FAR Changes

A study by internal government watchdogs found Defense Department contracts are missing certain provisions for protecting confidential government data, an omission that may leave sensitive files vulnerable to disclosure or misuse by company employees. But the footnotes of the audit indicate that changes to the guidelines are expected this month.

An agency policy intended to supplement the Federal Acquisition Regulations, which are governmentwide procedures for contracting, "does not include the same amount of detail as to how contractors are to safeguard sensitive information" as other agencies' supplemental guidance, Government Accountability Office auditors wrote in a report released on Friday.

Proposed changes to Defense's rules, however, would stipulate that contractors are responsible for securing federal data on corporate systems and for reporting data breaches that compromise government data stored on their networks, according to the report. The proposal, as of now, would not hold contractors accountable for protecting data housed on Defense's systems. A revised version of the draft rule should be released this month, GAO officials said.