Several federal agencies are playing catch-up on meeting recommendations from NIST detailed in a 2018 framework for how government should incorporate privacy into their risk management strategies.

Lessons from the 2015 OPM hack still haven’t been heeded, according to a Senate subcommittee.