{"description":"Documents matching 'security--internal network security monitoring which compliance'","count":5391,"total_pages":50,"next_page_url":"https://www.federalregister.gov/api/v1/documents?conditions%5Bterm%5D=security--internal+network+security+monitoring+which+compliance&format=json&page=2","results":[{"title":"Critical Infrastructure Protection Reliability Standard CIP-015-1-Cyber Security-Internal Network Security Monitoring","type":"Rule","abstract":"The Federal Energy Regulatory Commission (Commission) approves proposed Reliability Standard CIP-015-1 (Cyber Security--Internal Network Security Monitoring), which the North American Electric Reliability Corporation (NERC), submitted in response to a Commission directive. In addition, the Commission directs NERC to develop certain modifications to proposed Reliability Standard CIP-015-1 to extend internal network security monitoring to include electronic access control or monitoring systems and physical access control systems outside of the electronic security perimeter. The Commission also provides greater clarity about the term CIP-networked environment as it is used in proposed Reliability Standard CIP-015-1.","document_number":"2025-12309","html_url":"https://www.federalregister.gov/documents/2025/07/02/2025-12309/critical-infrastructure-protection-reliability-standard-cip-015-1-cyber-security-internal-network","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-07-02/pdf/2025-12309.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-12309.pdf?1751373912","publication_date":"2025-07-02","agencies":[{"raw_name":"DEPARTMENT OF ENERGY","name":"Energy Department","id":136,"url":"https://www.federalregister.gov/agencies/energy-department","json_url":"https://www.federalregister.gov/api/v1/agencies/136","parent_id":null,"slug":"energy-department"},{"raw_name":"Federal Energy Regulatory Commission","name":"Federal Energy Regulatory Commission","id":167,"url":"https://www.federalregister.gov/agencies/federal-energy-regulatory-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/167","parent_id":136,"slug":"federal-energy-regulatory-commission"}],"excerpts":"(Cyber <span class=\"match\">Security</span>—<span class=\"match\">Internal</span> <span class=\"match\">Network</span> <span class=\"match\">Security</span> <span class=\"match\">Monitoring</span>), <span class=\"match\">which</span> the North American Electric Reliability Corporation (NERC), submitted in response to a Commission directive. In addition, the Commission directs NERC to develop certain modifications to proposed Reliability Standard CIP-015-1 to extend <span class=\"match\">internal</span> <span class=\"match\">network</span> <span class=\"match\">security</span> <span class=\"match\">monitoring</span> to include electronic access control or <span class=\"match\">monitoring</span> systems and physical access control systems outside of the electronic <span class=\"match\">security</span> perimeter. The Commission also provides greater clarity about the term CIP-<span class=\"match\">networked</span> environment"},{"title":"Critical Infrastructure Protection Reliability Standard CIP-015-1-Cyber Security-Internal Network Security Monitoring","type":"Proposed Rule","abstract":"The Federal Energy Regulatory Commission (Commission) proposes to approve proposed Reliability Standard CIP-015-1 (Cyber Security-- Internal Network Security Monitoring), which the North American Electric Reliability Corporation (NERC), submitted in response to a Commission directive. In addition, the Commission proposes to direct that NERC develop certain modifications to proposed Reliability Standard CIP-015-1 to extend internal network security monitoring to include electronic access control or monitoring systems and physical access control systems outside of the electronic security perimeter.","document_number":"2024-22231","html_url":"https://www.federalregister.gov/documents/2024/09/27/2024-22231/critical-infrastructure-protection-reliability-standard-cip-015-1-cyber-security-internal-network","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-09-27/pdf/2024-22231.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-22231.pdf?1727354733","publication_date":"2024-09-27","agencies":[{"raw_name":"DEPARTMENT OF ENERGY","name":"Energy Department","id":136,"url":"https://www.federalregister.gov/agencies/energy-department","json_url":"https://www.federalregister.gov/api/v1/agencies/136","parent_id":null,"slug":"energy-department"},{"raw_name":"Federal Energy Regulatory Commission","name":"Federal Energy Regulatory Commission","id":167,"url":"https://www.federalregister.gov/agencies/federal-energy-regulatory-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/167","parent_id":136,"slug":"federal-energy-regulatory-commission"}],"excerpts":"proposed Reliability Standard CIP-015-1 (Cyber <span class=\"match\">Security</span>—<span class=\"match\">Internal</span> <span class=\"match\">Network</span> <span class=\"match\">Security</span> <span class=\"match\">Monitoring</span>), <span class=\"match\">which</span> the North American Electric Reliability Corporation (NERC), submitted in response to a Commission directive. In addition, the Commission proposes to direct that NERC develop certain modifications to proposed Reliability Standard CIP-015-1 to extend <span class=\"match\">internal</span> <span class=\"match\">network</span> <span class=\"match\">security</span> <span class=\"match\">monitoring</span> to include electronic access control or <span class=\"match\">monitoring</span> systems and physical access control systems outside of the electronic <span class=\"match\">security</span> perimeter. \n \n \n DATES: \n Comments are due"},{"title":"Permitted Payment Stablecoin Issuer Anti-Money Laundering/Countering the Financing of Terrorism Program and Sanctions Compliance Program Requirements","type":"Proposed Rule","abstract":"The Department of the Treasury's Financial Crimes Enforcement Network (FinCEN) and Office of Foreign Assets Control (OFAC) are jointly issuing this proposed rule to implement provisions of the Guiding and Establishing National Innovation for U.S. Stablecoins Act (GENIUS Act). Specifically, it implements the GENIUS Act's directive to treat permitted payment stablecoin issuers (PPSIs) as financial institutions for purposes of the Bank Secrecy Act, proposes anti-money laundering obligations for PPSIs, and proposes certain specific obligations required by the GENIUS Act for PPSIs. It also implements the GENIUS Act's directive to require PPSIs to maintain effective sanctions compliance programs.","document_number":"2026-06963","html_url":"https://www.federalregister.gov/documents/2026/04/10/2026-06963/permitted-payment-stablecoin-issuer-anti-money-launderingcountering-the-financing-of-terrorism","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-04-10/pdf/2026-06963.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-06963.pdf?1775738715","publication_date":"2026-04-10","agencies":[{"raw_name":"DEPARTMENT OF THE TREASURY","name":"Treasury Department","id":497,"url":"https://www.federalregister.gov/agencies/treasury-department","json_url":"https://www.federalregister.gov/api/v1/agencies/497","parent_id":null,"slug":"treasury-department"},{"raw_name":"Office of Foreign Assets Control","name":"Foreign Assets Control Office","id":203,"url":"https://www.federalregister.gov/agencies/foreign-assets-control-office","json_url":"https://www.federalregister.gov/api/v1/agencies/203","parent_id":497,"slug":"foreign-assets-control-office"},{"raw_name":"Financial Crimes Enforcement Network","name":"Financial Crimes Enforcement Network","id":194,"url":"https://www.federalregister.gov/agencies/financial-crimes-enforcement-network","json_url":"https://www.federalregister.gov/api/v1/agencies/194","parent_id":497,"slug":"financial-crimes-enforcement-network"}],"excerpts":"recorded using distributed ledger technology; or (iii) a <span class=\"match\">security</span>, as defined in section 2 of the <span class=\"match\">Securities</span> Act of 1933 (15 U.S.C. 77b), section 3 of the <span class=\"match\">Securities</span> Exchange Act of 1934 (15 U.S.C. 78c), or section 2 of the Investment Company Act of 1940 (15 U.S.C. 80a-2). For purposes of the definition of “payment stablecoin,” FinCEN intends for the definition of “<span class=\"match\">security</span>” provided in paragraph (iii) of the proposed definition to apply and not the preexisting regulatory definition of “<span class=\"match\">security</span>” at 31 CFR 1010.100(ss). \n \n The GENIUS Act's definition"},{"title":"Order No. 918; Critical Infrastructure Protection Reliability Standard CIP-003-11-Cyber Security-Security Management Controls","type":"Rule","abstract":"The Federal Energy Regulatory Commission (Commission) approves the proposed Critical Infrastructure Protection (CIP) Reliability Standard CIP-003-11 (Cyber Security--Security Management Controls). The North American Electric Reliability Corporation (NERC), the Commission- certified Electric Reliability Organization (ERO), submitted the proposed Reliability Standard to mitigate risks posed by a coordinated cyberattack on low-impact facilities, the aggregate impact of which could be much greater.","document_number":"2026-05711","html_url":"https://www.federalregister.gov/documents/2026/03/24/2026-05711/order-no-918-critical-infrastructure-protection-reliability-standard-cip-003-11-cyber","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-03-24/pdf/2026-05711.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-05711.pdf?1774269913","publication_date":"2026-03-24","agencies":[{"raw_name":"DEPARTMENT OF ENERGY","name":"Energy Department","id":136,"url":"https://www.federalregister.gov/agencies/energy-department","json_url":"https://www.federalregister.gov/api/v1/agencies/136","parent_id":null,"slug":"energy-department"},{"raw_name":"Federal Energy Regulatory Commission","name":"Federal Energy Regulatory Commission","id":167,"url":"https://www.federalregister.gov/agencies/federal-energy-regulatory-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/167","parent_id":136,"slug":"federal-energy-regulatory-commission"}],"excerpts":"adequate to demonstrate <span class=\"match\">compliance</span> with the Reliability Standard approved by this final rule. Commission and NERC staff conduct periodic audits of registered entities, and auditors rely on the entity's documentation in determining <span class=\"match\">compliance</span> with Reliability Standards. While registered entities retain flexibility on how they choose to demonstrate <span class=\"match\">compliance</span>, the Reliability Standard includes <span class=\"match\">compliance</span> measures, <span class=\"match\">which</span> provide examples of the type of documentation an entity may want to develop and maintain to demonstrate <span class=\"match\">compliance</span>. The reporting burden"},{"title":"Reducing Barriers to Network Improvements and Service Changes","type":"Proposed Rule","abstract":"In this document, the Federal Communications Commission (Commission) adopted a Notice of Proposed Rulemaking that seeks comment on deregulatory options to encourage providers to build, maintain, and upgrade their networks such that all consumers and businesses can benefit from technological strides in the communications marketplace, while safeguarding consumers' access to critical emergency services such as 911. These actions propose to reduce regulatory barriers that prevent much-needed investment in and deployment of broadband and thus hinder the transition to all-IP networks offering a plethora of advanced communications services, and seek comment on ways to further fast-track the delivery of services to consumers through modernized networks while protecting public safety.","document_number":"2025-16540","html_url":"https://www.federalregister.gov/documents/2025/08/28/2025-16540/reducing-barriers-to-network-improvements-and-service-changes","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-08-28/pdf/2025-16540.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-16540.pdf?1756298736","publication_date":"2025-08-28","agencies":[{"raw_name":"FEDERAL COMMUNICATIONS COMMISSION","name":"Federal Communications Commission","id":161,"url":"https://www.federalregister.gov/agencies/federal-communications-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/161","parent_id":null,"slug":"federal-communications-commission"}],"excerpts":"Competition Order, \n the Commission noted that notice of <span class=\"match\">network</span> changes was necessary to “reduce[] the possibility that incumbent LECs could make <span class=\"match\">network</span> changes in a manner that inhibits competition.” At the time, competing providers relied on their connection to incumbent LECs' <span class=\"match\">networks</span> to provide service to customers. The marketplace has since gone through significant developments and become much more competitive. At the end of 2003, the year in <span class=\"match\">which</span> the Commission extended its <span class=\"match\">network</span> change disclosure rules to copper retirements, incumbent"},{"title":"Critical Infrastructure Protection Reliability Standard CIP-003-11-Cyber Security-Security Management Controls","type":"Proposed Rule","abstract":"The Federal Energy Regulatory Commission (Commission) proposes to approve Critical Infrastructure Protection (CIP) Reliability Standard: CIP-003-11 (Cyber Security--Security Management Controls). The North American Electric Reliability Corporation, the Commission- certified electric reliability organization, submitted the proposed Reliability Standard modifications to mitigate risks posed by a coordinated cyberattack on low impact facilities; the aggregate impact of which could be much greater.","document_number":"2025-18396","html_url":"https://www.federalregister.gov/documents/2025/09/23/2025-18396/critical-infrastructure-protection-reliability-standard-cip-003-11-cyber-security-security","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-09-23/pdf/2025-18396.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-18396.pdf?1758545114","publication_date":"2025-09-23","agencies":[{"raw_name":"DEPARTMENT OF ENERGY","name":"Energy Department","id":136,"url":"https://www.federalregister.gov/agencies/energy-department","json_url":"https://www.federalregister.gov/api/v1/agencies/136","parent_id":null,"slug":"energy-department"},{"raw_name":"Federal Energy Regulatory Commission","name":"Federal Energy Regulatory Commission","id":167,"url":"https://www.federalregister.gov/agencies/federal-energy-regulatory-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/167","parent_id":136,"slug":"federal-energy-regulatory-commission"}],"excerpts":"of the Commission's order approving the proposed Reliability Standard.\n 24 \n \n NERC explains that its proposed implementation plan reflects the time needed for entities to: (1) revise their cyber <span class=\"match\">security</span> policy, plan, and procedures; (2) hire and train new staff to implement the new cyber <span class=\"match\">security</span> controls; (3) reconfigure system, <span class=\"match\">network</span>, or <span class=\"match\">security</span> architectures; and (4) purchase, procure, and install new technologies.\n 25 \n \n \n \n \n 24 \n  \n Id. \n at 20.\n \n \n \n \n 25 \n  \n Id. \n at 21.\n \n \n III. Discussion \n \n 12. Pursuant to section 215(d)(2)"},{"title":"Transparency in Coverage","type":"Proposed Rule","abstract":"These proposed rules set forth proposed requirements that would amend the regulations under the Public Health Service Act, the Employee Retirement Income Security Act of 1974, and the Internal Revenue Code regarding price transparency reporting requirements for non-grandfathered group health plans and health insurance issuers offering non-grandfathered group and individual health insurance coverage. Specifically, these proposed rules would improve the standardization, accuracy, and accessibility of public pricing disclosures in line with the goals of the Executive Order 14221. With respect to the in-network rate and out-of-network allowed amount machine-readable files, these proposed rules would achieve these goals by adding new contextual files and additional data elements like product type, network name, and enrollment counts; changing the reporting level for aggregation of data; removing in-network rates for unlikely provider-to-service mappings; increasing the reporting period and lowering the claims threshold for out-of-network historical data; and reducing the reporting cadence. These proposed rules would also improve the findability of all of the publicly disclosed machine- readable files required under the Transparency in Coverage rules, including the prescription drug file, by requiring a text file and footer with website URLs and contact information for the files. These proposed rules would also require pricing information that is made available through an online consumer tool and paper (upon request), to also be made available by phone, and establish that the satisfaction of such requirement also satisfies the requirements of section 114 of the No Surprises Act (including for grandfathered group health plans and health insurance issuers offering grandfathered group and individual health insurance coverage that are not otherwise subject to these proposed rules).","document_number":"2025-23693","html_url":"https://www.federalregister.gov/documents/2025/12/23/2025-23693/transparency-in-coverage","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-12-23/pdf/2025-23693.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-23693.pdf?1766178909","publication_date":"2025-12-23","agencies":[{"raw_name":"DEPARTMENT OF THE TREASURY","name":"Treasury Department","id":497,"url":"https://www.federalregister.gov/agencies/treasury-department","json_url":"https://www.federalregister.gov/api/v1/agencies/497","parent_id":null,"slug":"treasury-department"},{"raw_name":"Internal Revenue Service","name":"Internal Revenue Service","id":254,"url":"https://www.federalregister.gov/agencies/internal-revenue-service","json_url":"https://www.federalregister.gov/api/v1/agencies/254","parent_id":497,"slug":"internal-revenue-service"},{"raw_name":"DEPARTMENT OF LABOR","name":"Labor Department","id":271,"url":"https://www.federalregister.gov/agencies/labor-department","json_url":"https://www.federalregister.gov/api/v1/agencies/271","parent_id":null,"slug":"labor-department"},{"raw_name":"Employee Benefits Security Administration","name":"Employee Benefits Security Administration","id":131,"url":"https://www.federalregister.gov/agencies/employee-benefits-security-administration","json_url":"https://www.federalregister.gov/api/v1/agencies/131","parent_id":271,"slug":"employee-benefits-security-administration"},{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"}],"excerpts":"(b)(1)(i)(B) through (D), respectively, and add a new paragraph (b)(1)(i)(A) requiring each In-<span class=\"match\">network</span> Rate File to include the common provider <span class=\"match\">network</span> name for <span class=\"match\">which</span> negotiated rate information is included in that file. \n \n The Departments also propose to amend redesignated paragraph (b)(1)(i)(D)(\n 1 \n ) to require in-<span class=\"match\">network</span> rates to be reflected as a dollar amount except for contractual arrangements under <span class=\"match\">which</span> plans and issuers agree to pay an in-<span class=\"match\">network</span> provider a percentage of billed charges and are not able to assign a dollar amount to an item"},{"title":"Reducing Barriers to Network Improvements and Service Changes","type":"Rule","abstract":"In this document, the Federal Communications Commission (Commission) adopted a Report and Order that reduces regulatory barriers and costs that hinder the transition from outdated legacy networks and services to next-generation, Internet Protocol (IP)-based infrastructure. The actions taken in the Report and Order combine common sense reforms with core consumer protections that bring the regulatory environment in line with today's communications marketplace while retaining and adopting safeguards to protect public safety and ensure 911 continuity. The Report and Order also concludes that if state or local requirements conflict with the service discontinuance framework adopted in the Report and Order, such requirements negate valid federal regulatory objectives and are subject to preemption.","document_number":"2026-07622","html_url":"https://www.federalregister.gov/documents/2026/04/20/2026-07622/reducing-barriers-to-network-improvements-and-service-changes","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-04-20/pdf/2026-07622.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-07622.pdf?1776429913","publication_date":"2026-04-20","agencies":[{"raw_name":"FEDERAL COMMUNICATIONS COMMISSION","name":"Federal Communications Commission","id":161,"url":"https://www.federalregister.gov/agencies/federal-communications-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/161","parent_id":null,"slug":"federal-communications-commission"}],"excerpts":"its own <span class=\"match\">internal</span> <span class=\"match\">network</span> testing routinely undertaken to measure performance in rolling out a new product or service, the service offers substantially similar levels of <span class=\"match\">network</span> performance and availability—for example, that it is provisioned over a <span class=\"match\">network</span> with speeds of at least 25/3 Mbps and that it offers mouth-to-ear latency of no more than 200 ms—and permits users generally to receive calls that originate on the public switched telephone <span class=\"match\">network</span> and to terminate calls to the public switched telephone <span class=\"match\">network</span> or any successor <span class=\"match\">network</span> that utilizes"},{"title":"Expanding Access to State Prescription Drug Monitoring Programs","type":"Proposed Rule","abstract":"The Department of Veterans Affairs (VA) proposes to amend its regulation that governs disclosure of information to and querying of State prescription drug monitoring programs (PDMPs). The rule would clarify certain statutory definitions, including the definition of delegate and licensed health care provider. In doing so, VA would eliminate confusion as to who VA would allow to query the PDMP and would better protect these individuals from any possible adverse action by a State, as long as they are acting within the scope of their VA employment or, if applicable, scope of their contract. The rule would also mandate that VA disclose the specified information to State PDMPs to the extent necessary to prevent misuse and diversion of prescription medicines. This proposed rule would promote safe and effective prescribing of controlled substances to covered individuals and patients who receive VA health care.","document_number":"2026-10084","html_url":"https://www.federalregister.gov/documents/2026/05/20/2026-10084/expanding-access-to-state-prescription-drug-monitoring-programs","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-05-20/pdf/2026-10084.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-10084.pdf?1779194712","publication_date":"2026-05-20","agencies":[{"raw_name":"DEPARTMENT OF VETERANS AFFAIRS","name":"Veterans Affairs Department","id":520,"url":"https://www.federalregister.gov/agencies/veterans-affairs-department","json_url":"https://www.federalregister.gov/api/v1/agencies/520","parent_id":null,"slug":"veterans-affairs-department"}],"excerpts":"language in the VA MISSION Act instructs the VA to do what most private doctors already do: connect to the prescription drug <span class=\"match\">monitoring</span> databases nationwide so that no one slips through the cracks.”) \n Section 1730B(c)(2) defines the term delegate to mean a person or automated system accessing the national <span class=\"match\">network</span> of State-based prescription <span class=\"match\">monitoring</span> programs, or any individual State or regional prescription drug <span class=\"match\">monitoring</span> program, at the direction or under the supervision of a licensed health care provider. VA sometimes relies on licensed independent"},{"title":"Modernizing Security Requirements","type":"Proposed Rule","abstract":"The U.S. Nuclear Regulatory Commission (NRC) is proposing to revise its regulations to modernize security and fitness-for-duty requirements to enhance efficiency, consistent with Executive Order 14300, \"Ordering the Reform of the Nuclear Regulatory Commission.\" The proposed revisions are intended to reduce regulatory burden, where appropriate, while continuing to provide reasonable assurance that safety and security will be adequately maintained at NRC-licensed facilities.","document_number":"2026-12989","html_url":"https://www.federalregister.gov/documents/2026/06/26/2026-12989/modernizing-security-requirements","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-06-26/pdf/2026-12989.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-12989.pdf?1782391523","publication_date":"2026-06-26","agencies":[{"raw_name":"NUCLEAR REGULATORY COMMISSION","name":"Nuclear Regulatory Commission","id":383,"url":"https://www.federalregister.gov/agencies/nuclear-regulatory-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/383","parent_id":null,"slug":"nuclear-regulatory-commission"}],"excerpts":"Facility <span class=\"match\">Security</span> Clearance and Safeguarding of National <span class=\"match\">Security</span> Information and Restricted Data. \n The NRC is proposing to revise 10 CFR part 95, “Facility <span class=\"match\">Security</span> Clearance and Safeguarding of National <span class=\"match\">Security</span> Information and Restricted Data,” to remove requirements that are duplicative and to ensure alignment with 32 CFR part 117, “National Industrial <span class=\"match\">Security</span> Program Operating Manual (NISPOM).” These changes would provide references to the applicable provisions of 32 CFR part 117 for implementation of the National Industrial <span class=\"match\">Security</span> Program"},{"title":"Privacy Act of 1974; System of Records","type":"Notice","abstract":"In accordance with the Privacy Act of 1974, 5 U.S.C. 552a, and the Office of Management and Budget (OMB) Circular No. A-108, notice is given that the Office of Personnel Management (OPM) proposes to establish a new system of records titled, \"OPM/Internal-3, Information Technology, Information System, and Network Activity and Access Records.\" This new system is established to reflect changes in technology, including the increased ability of OPM to link individuals to information technology, information system, or network activity, and to better describe OPM's records linking individuals to reported cybersecurity incidents or their access to certain OPM information technologies, information systems, and networks through the internet or other authorized connections.","document_number":"2025-19092","html_url":"https://www.federalregister.gov/documents/2025/10/01/2025-19092/privacy-act-of-1974-system-of-records","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-10-01/pdf/2025-19092.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-19092.pdf?1759236309","publication_date":"2025-10-01","agencies":[{"raw_name":"OFFICE OF PERSONNEL MANAGEMENT","name":"Personnel Management Office","id":406,"url":"https://www.federalregister.gov/agencies/personnel-management-office","json_url":"https://www.federalregister.gov/api/v1/agencies/406","parent_id":null,"slug":"personnel-management-office"}],"excerpts":"Records are collected in real time from all OPM information technologies and endpoints on the OPM <span class=\"match\">network</span> and aggregated in databases searchable by identifying characteristics, including, but not limited to, name, user ID, email address, or IP address. Records may be retrieved as part of routine <span class=\"match\">network</span> and information system <span class=\"match\">security</span> <span class=\"match\">monitoring</span>, cybersecurity incident response, database activity <span class=\"match\">monitoring</span>, or in support of other administrative or <span class=\"match\">security</span> investigations in accordance with appropriate laws, rules, and policies. \n POLICIES AND PRACTICES"},{"title":"HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information","type":"Proposed Rule","abstract":"The Department of Health and Human Services (HHS or \"Department\") is issuing this notice of proposed rulemaking (NPRM) to solicit comment on its proposal to modify the Security Standards for the Protection of Electronic Protected Health Information (\"Security Rule\") under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act). The proposed modifications would revise existing standards to better protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). The proposals in this NPRM would increase the cybersecurity for ePHI by revising the Security Rule to address: changes in the environment in which health care is provided; significant increases in breaches and cyberattacks; common deficiencies the Office for Civil Rights has observed in investigations into Security Rule compliance by covered entities and their business associates (collectively, \"regulated entities\"); other cybersecurity guidelines, best practices, methodologies, procedures, and processes; and court decisions that affect enforcement of the Security Rule.","document_number":"2024-30983","html_url":"https://www.federalregister.gov/documents/2025/01/06/2024-30983/hipaa-security-rule-to-strengthen-the-cybersecurity-of-electronic-protected-health-information","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-01-06/pdf/2024-30983.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-30983.pdf?1735334119","publication_date":"2025-01-06","agencies":[{"raw_name":"DEPARTMENT OF HEALTH AND HUMAN SERVICES","name":"Health and Human Services Department","id":221,"url":"https://www.federalregister.gov/agencies/health-and-human-services-department","json_url":"https://www.federalregister.gov/api/v1/agencies/221","parent_id":null,"slug":"health-and-human-services-department"},{"raw_name":"Office of the Secretary"}],"excerpts":"Memorandum on National <span class=\"match\">Security</span> Memorandum on Critical Infrastructure <span class=\"match\">Security</span> and Resilience, National <span class=\"match\">Security</span> Memorandum/NSM-22, The White House (Apr. 30, 2024), \n https://www.whitehouse.gov/briefing-room/presidential-actions/2024/04/30/national-<span class=\"match\">security</span>-memorandum-on-critical-infrastructure-<span class=\"match\">security</span>-and-resilience/ \n (“Critical infrastructure comprises the physical and virtual assets and systems so vital to the Nation that their incapacity or destruction would have a debilitating impact on national <span class=\"match\">security</span>, national economic <span class=\"match\">security</span>, or national public"},{"title":"Protecting Our Communications Networks by Promoting Transparency Regarding Foreign Adversary Control","type":"Proposed Rule","abstract":"In this document, the Federal Communications Commission (Commission) proposes to protect the Nation's communications networks against foreign adversary threats by proposing to expand foreign ownership disclosure requirements for covered Commission-issued licenses and authorizations. The proposed certification and information collection requirements would fill gaps in the Commission's existing rules and give the Commission, and the public, a new and comprehensive view of threats from foreign adversaries in the communications sector. Specifically, the Commission proposes to apply new certification and disclosure requirements on entities holding every type of license, permit, or authorization, rather than only certain specific licenses, as the Commission currently does. Furthermore, the Commission proposes to go beyond foreign ownership to also cover all regulated entities controlled by or subject to the jurisdiction or direction of a foreign adversary.","document_number":"2025-11360","html_url":"https://www.federalregister.gov/documents/2025/06/20/2025-11360/protecting-our-communications-networks-by-promoting-transparency-regarding-foreign-adversary-control","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-06-20/pdf/2025-11360.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-11360.pdf?1750250720","publication_date":"2025-06-20","agencies":[{"raw_name":"FEDERAL COMMUNICATIONS COMMISSION","name":"Federal Communications Commission","id":161,"url":"https://www.federalregister.gov/agencies/federal-communications-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/161","parent_id":null,"slug":"federal-communications-commission"}],"excerpts":"must be balanced against the public interest in protecting and enhancing national <span class=\"match\">security</span>. What, if any, impact would withholding certain information from the public have on the public interest, and specifically, on national <span class=\"match\">security</span>?\n \n D. Cost-Benefit Considerations \n \n Benefits. \n The Commission previously has found that “a foreign adversary's access to American communications <span class=\"match\">networks</span> could result in hostile actions to disrupt and surveil our communications <span class=\"match\">networks</span>, impacting our nation's economy generally and online commerce specifically, and"},{"title":"Protecting Our Communications Networks by Promoting Transparency Regarding Foreign Adversary Control","type":"Rule","abstract":"In this document, the Federal Communications Commission (Commission or FCC) addresses the risks of foreign adversary control of Commission-granted licenses and authorizations by adopting rules requiring a broad range of holders of such licenses, authorizations, or approvals to attest whether they are owned by, controlled by, or subject to the jurisdiction or direction of a foreign adversary, and, if so, to disclose additional information about such foreign adversary control. Among other things, the Commission defines categories of licenses and authorizations that are subject to the rules, and establishes a streamlined process by which license and authorization holders should file their foreign adversary control attestations and disclosures.","document_number":"2026-06992","html_url":"https://www.federalregister.gov/documents/2026/04/10/2026-06992/protecting-our-communications-networks-by-promoting-transparency-regarding-foreign-adversary-control","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-04-10/pdf/2026-06992.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-06992.pdf?1775738718","publication_date":"2026-04-10","agencies":[{"raw_name":"FEDERAL COMMUNICATIONS COMMISSION","name":"Federal Communications Commission","id":161,"url":"https://www.federalregister.gov/agencies/federal-communications-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/161","parent_id":null,"slug":"federal-communications-commission"}],"excerpts":"of data traffic to particular <span class=\"match\">networks</span>. DNICs are unique numerical codes designed to provide discrete identification of individual public data <span class=\"match\">networks</span>. The assignment of a DNIC to a particular data <span class=\"match\">network</span> allows <span class=\"match\">network</span> switches throughout the world to recognize that <span class=\"match\">network</span> and to direct traffic to it. Currently, applicants seeking a DNIC must include in the application, among other things, a <span class=\"match\">network</span> diagram showing the international nature of the <span class=\"match\">network</span>; a description of the service(s)/application(s) for <span class=\"match\">which</span> the DNIC will be used (\n e.g."},{"title":"Privacy Act of 1974; Systems of Records","type":"Notice","abstract":"Pursuant to the Privacy Act of 1974 and Office of Management and Budget (OMB) Circular No. A-108, notice is hereby given that the Justice Management Division (JMD), a component within the United States Department of Justice (DOJ or Department), proposes to modify the system of records titled Security Monitoring and Analytics Service Records, JUSTICE/JMD-026, updating the capabilities and offerings included in it.","document_number":"2025-09447","html_url":"https://www.federalregister.gov/documents/2025/06/02/2025-09447/privacy-act-of-1974-systems-of-records","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-06-02/pdf/2025-09447.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-09447.pdf?1748609107","publication_date":"2025-06-02","agencies":[{"raw_name":"DEPARTMENT OF JUSTICE","name":"Justice Department","id":268,"url":"https://www.federalregister.gov/agencies/justice-department","json_url":"https://www.federalregister.gov/api/v1/agencies/268","parent_id":null,"slug":"justice-department"}],"excerpts":"PURPOSE(S) OF THE SYSTEM: \n The Department of Justice (DOJ) <span class=\"match\">Security</span> <span class=\"match\">Monitoring</span> and Analytics Service (SMAS) provides DOJ-managed cybersecurity services to external federal agency subscribers, giving subscribers the technical capability to protect their information, information technologies, information systems, and <span class=\"match\">networks</span> from malicious or accidental threats. SMAS enables secure access to <span class=\"match\">internal</span> <span class=\"match\">networks</span> as well as enabling users and systems to securely communicate with external <span class=\"match\">networks</span> and applications. SMAS enables the identification and evaluation"},{"title":"Reforming Legacy Rules for an All-IP Future; Accelerating Network Modernization","type":"Proposed Rule","abstract":"In this document, the Federal Communications Commission (Commission) adopted a Notice of Proposed Rulemaking seeking to accelerate network modernization by proposing to reform regulations that have hindered the transition to all-internet Protocol (IP) networks. Building upon the Commission's longstanding efforts to reform the legacy intercarrier compensation (ICC) framework, the Commission proposes to move remaining ICC charges to a bill-and-keep framework and detariff them, and invites comment on this proposal. To enable carriers to recover costs from their end users, the Commission proposes to eliminate ex ante pricing regulation and tariffing of end-user charges, also referred to as Telephone Access Charges (TACs). Following the transition of ICC charges to bill-and-keep, the Commission seeks comment on phasing out Connect America Fund Intercarrier Compensation (CAF ICC) support. The NPRM also seeks comment on removing remaining regulatory obligations--including tariffing and outdated account information exchange requirements--for interstate and international long-distance services, given the longstanding competitiveness of these markets. In addition, the Commission seeks comment on the elimination of regulations that will no longer be necessary in a post-Time-Division Multiplexing (TDM) environment and invites input on a transitional framework to ensure regulatory and market stability during the shift to an all-IP marketplace. Finally, the Commission encourages commenters to identify ways to promote technological modernization while enhancing long-term efficiency, competition, and service quality for consumers. In all these reforms, the Commission intends to proceed thoughtfully, mindful of the complex issues, transition timelines, and paramount connectivity goals.","document_number":"2026-05727","html_url":"https://www.federalregister.gov/documents/2026/03/24/2026-05727/reforming-legacy-rules-for-an-all-ip-future-accelerating-network-modernization","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-03-24/pdf/2026-05727.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-05727.pdf?1774269916","publication_date":"2026-03-24","agencies":[{"raw_name":"FEDERAL COMMUNICATIONS COMMISSION","name":"Federal Communications Commission","id":161,"url":"https://www.federalregister.gov/agencies/federal-communications-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/161","parent_id":null,"slug":"federal-communications-commission"}],"excerpts":" IP <span class=\"match\">networks</span>.” “Bill-and-keep” refers to an arrangement under <span class=\"match\">which</span> carriers look first to their subscribers to cover the costs of the <span class=\"match\">network</span>, then to explicit universal service support where necessary. As the Commission observed, “Bill-and-keep brings market discipline to intercarrier compensation because it ensures that the customer who chooses a <span class=\"match\">network</span> pays the <span class=\"match\">network</span> for the services the subscriber receives. Specifically, a bill-and-keep methodology requires carriers to recover the cost of their <span class=\"match\">network</span> through end-user charges <span class=\"match\">which</span> are"},{"title":"Facilitating Implementation of Next Generation 911 Services (NG911); Improving 911 Reliability","type":"Rule","abstract":"In this document, the Federal Communications Commission (the FCC or Commission) adopts rules to ensure that emerging Next Generation 911 (NG911) networks are reliable and interoperable. NG911 is replacing legacy 911 technology across the country with internet Protocol (IP)- based infrastructure that will support new 911 capabilities, including text, video, and data. However, for NG911 to be fully effective, NG911 networks must be designed to safeguard the reliability of critical components and support the interoperability needed to seamlessly transfer 911 calls and data from one network to another. The rules require entities essential to delivering emergency calls in the NG911 environment to implement common sense measures to safeguard the reliability of NG911 networks and reduce the risk of 911 outages, and require certain entities to report on their support for NG911 interoperability. The rules also eliminate unnecessary and burdensome legacy rules to increase flexibility and encourage technical innovation to make NG911 services reliable, interoperable, and accessible to all.","document_number":"2026-13998","html_url":"https://www.federalregister.gov/documents/2026/07/10/2026-13998/facilitating-implementation-of-next-generation-911-services-ng911-improving-911-reliability","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-07-10/pdf/2026-13998.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-13998.pdf?1783601118","publication_date":"2026-07-10","agencies":[{"raw_name":"FEDERAL COMMUNICATIONS COMMISSION","name":"Federal Communications Commission","id":161,"url":"https://www.federalregister.gov/agencies/federal-communications-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/161","parent_id":null,"slug":"federal-communications-commission"}],"excerpts":"major <span class=\"match\">network</span> outages, PSHSB identified increased <span class=\"match\">monitoring</span> of 911 <span class=\"match\">network</span> components and faster failovers to redundant <span class=\"match\">network</span> equipment as key mitigating measures.\n 57 \n \n And in 2020, following another series of major communications outages affecting 911, the Bureau encouraged CSPs to follow industry best practices for <span class=\"match\">network</span> reliability including circuit diversity and auditing, rerouting capabilities, and active <span class=\"match\">network</span> <span class=\"match\">monitoring</span>.\n 58 \n \n \n \n \n 56 \n  \n Derecho Report \n at 44.\n \n \n \n \n 57 \n  See \n Public Safety and Homeland <span class=\"match\">Security</span> Bureau"},{"title":"Equipment, Systems, and Network Information Security Protection","type":"Proposed Rule","abstract":"This proposed rulemaking would impose new design standards to address cybersecurity threats for transport category airplanes, engines, and propellers. The intended effect of this proposed action is to standardize the FAA's criteria for addressing cybersecurity threats, reducing certification costs and time while maintaining the same level of safety provided by current special conditions.","document_number":"2024-17916","html_url":"https://www.federalregister.gov/documents/2024/08/21/2024-17916/equipment-systems-and-network-information-security-protection","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2024-08-21/pdf/2024-17916.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2024-17916.pdf?1724157915","publication_date":"2024-08-21","agencies":[{"raw_name":"DEPARTMENT OF TRANSPORTATION","name":"Transportation Department","id":492,"url":"https://www.federalregister.gov/agencies/transportation-department","json_url":"https://www.federalregister.gov/api/v1/agencies/492","parent_id":null,"slug":"transportation-department"},{"raw_name":"Federal Aviation Administration","name":"Federal Aviation Administration","id":159,"url":"https://www.federalregister.gov/agencies/federal-aviation-administration","json_url":"https://www.federalregister.gov/api/v1/agencies/159","parent_id":492,"slug":"federal-aviation-administration"}],"excerpts":"with increased connectivity to <span class=\"match\">internal</span> or external data <span class=\"match\">networks</span> and services. Regulators and industry must constantly <span class=\"match\">monitor</span> the cybersecurity threat environment in order to identify and mitigate new threat sources. These designs can introduce or allow cybersecurity vulnerabilities from sources such as: \n • Field Loadable Software; \n • Maintenance laptops; \n • Airport or airline gate link <span class=\"match\">networks</span>; \n \n • Public <span class=\"match\">networks</span>, \n e.g., \n internet;\n \n • Wireless aircraft sensors and sensor <span class=\"match\">networks</span>; \n • Cellular <span class=\"match\">networks</span>; \n • Universal Serial Bus (USB)"},{"title":"Privacy Act of 1974; System of Records","type":"Notice","abstract":"In accordance with the Privacy Act of 1974, the Department of the Army is modifying and reissuing a current system of records notice (SORN) titled \"Personnel Security Clearance Information Files,\" A0380-67 DAMI. The SORN is being retitled \"U.S. Army Security and Foreign Disclosure Files,\" with a new identifier of A0 0001 DAMI. Originally established to facilitate the processing of personnel security clearance actions, the SORN also documented clearances granted or denied and confirmed eligibility for access to classified information or assignment to sensitive positions. A separate notice rescinding Army SORN A0001 DAMI, \"Controlled Accountable Document Inventory System,\" is being published elsewhere in this issue of the Federal Register. This update incorporates the DoD standard routine uses and supports additional information sharing outside of the DoD. It also expands the authorities for maintaining the system, integrates records previously managed under the Controlled Accountable Document Inventory System, addresses records maintained across all general intelligence security disciplines, and expands on the purposes of such uses. Additionally, the update revises system locations and managers. These changes align the SORN with modernized automation systems and ensure compliance with applicable regulatory requirements.","document_number":"2026-01236","html_url":"https://www.federalregister.gov/documents/2026/01/23/2026-01236/privacy-act-of-1974-system-of-records","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2026-01-23/pdf/2026-01236.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2026-01236.pdf?1769089514","publication_date":"2026-01-23","agencies":[{"raw_name":"DEPARTMENT OF DEFENSE","name":"Defense Department","id":103,"url":"https://www.federalregister.gov/agencies/defense-department","json_url":"https://www.federalregister.gov/api/v1/agencies/103","parent_id":null,"slug":"defense-department"},{"raw_name":"Department of the Army","name":"Army Department","id":32,"url":"https://www.federalregister.gov/agencies/army-department","json_url":"https://www.federalregister.gov/api/v1/agencies/32","parent_id":103,"slug":"army-department"}],"excerpts":"Information <span class=\"match\">Security</span> Program; AR 380-49, Industrial <span class=\"match\">Security</span> Program; AR 380-53, Communications <span class=\"match\">Security</span> <span class=\"match\">Monitoring</span>; AR 380-67, Personnel <span class=\"match\">Security</span> Program; AR 380-381 Special Access Programs (SAPs) and Sensitive Activities; AR 381-45, Investigative Records Repository; and E.O. 9397 (SSN), as amended.\n \n PURPOSE(S) OF THE SYSTEM: \n This system of records supports the Department of Army's operational administration, management, accountability, and oversight of its <span class=\"match\">security</span> functions such as Information <span class=\"match\">Security</span>, Personnel <span class=\"match\">Security</span>, Industrial <span class=\"match\">Security</span>, Education"},{"title":"Protecting Against National Security Threats to the Communications Supply Chain Through the Equipment Authorization Program","type":"Proposed Rule","abstract":"In this document, the Federal Communications Commission (Commission or FCC) aims to further its actions in strengthening prohibitions on authorization of covered equipment and to clarify the rules and enforcement of such. The Commission seeks additional comment on modular transmitters and component parts in relation to covered equipment. The Commission addresses the partial court remand of the decision in its November 2022 EA Security R&O by proposing a definition of \"critical infrastructure\" as used on the Covered List and seeking comment on the implementation of that definition. The Commission also seeks comment on whether any modification to an authorized device by an entity identified on the Covered List should require a new application for certification. Finally, the Commission seeks comment on clarifying the scope of activities that constitute marketing of equipment and on measures to strengthen enforcement of marketing prohibitions.","document_number":"2025-21928","html_url":"https://www.federalregister.gov/documents/2025/12/04/2025-21928/protecting-against-national-security-threats-to-the-communications-supply-chain-through-the","pdf_url":"https://www.govinfo.gov/content/pkg/FR-2025-12-04/pdf/2025-21928.pdf","public_inspection_pdf_url":"https://public-inspection.federalregister.gov/2025-21928.pdf?1764769515","publication_date":"2025-12-04","agencies":[{"raw_name":"FEDERAL COMMUNICATIONS COMMISSION","name":"Federal Communications Commission","id":161,"url":"https://www.federalregister.gov/agencies/federal-communications-commission","json_url":"https://www.federalregister.gov/api/v1/agencies/161","parent_id":null,"slug":"federal-communications-commission"}],"excerpts":"Notice of Inquiry (2021) (EA <span class=\"match\">Security</span> NPRM). The Commission noted that this proceeding—<span class=\"match\">which</span> involves revising the Commission's equipment authorization program—is part of the Commission's overall efforts in carrying out its important role in protecting the <span class=\"match\">security</span> of America's equipment supply chains, and also is part of the ongoing efforts of Congress, the Executive Branch, and the Commission to identify and eliminate potential <span class=\"match\">security</span> vulnerabilities in communications <span class=\"match\">networks</span> and supply chains. \n In the EA <span class=\"match\">Security</span> R&amp;O and FNPRM, the Commission"}]}