Learn more about the case Connelly v. United States. ...
This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.
The threat of a cyberattack is prevalent throughout the business world. Given the highly sensitive data held within employee benefit plans, it should come as no surprise that they have become a major target for hackers. Protecting participants’ personally identifiable information is a responsibility no longer limited to IT departments. Plan sponsors, fiduciaries and service providers of all employee benefit plans have an obligation to establish strong information systems practices to help prevent these attacks.
In November 2016, the Department of Labor’s Advisory Council on Employee Welfare and Pension Benefit Plans released a publication entitled, “Cybersecurity Considerations for Benefit Plans” to help plan sponsors protect their clients’ data (https://www.dol.gov/sites/default/files/ebsa/about-ebsa/about-us/erisa-advisory-council/2016-cybersecurity-considerations-for-benefit-plans.pdf). Listed below are the three principal recommendations included in this publication for plan sponsors, fiduciaries and service providers managing benefit plan cybersecurity:
Plan sponsors should identify how data is accessed, controlled, transmitted and stored, and assess the risks associated with these processes. Management strategies must be customized and dynamic to provide the best fit for their individual plan.
Plan sponsors should have frequent discussions with the plan’s third-party service providers and review each provider’s current policies and procedures relating to data security, including determining the best approach for evaluating the effectiveness of existing controls.
Any individual dealing with employee benefit plan information should have a clear understanding as to whether or not the current insurance/bond policies protect against the consequences of a cyberattack. It is important to be educated on the appropriate cyber insurance policy needed to cover the plan.
Schneider Downs can help you assess your plan’s current needs and assist in implementing an appropriate cybersecurity strategy today.
Learn more about the case Connelly v. United States. ...
Learn more about the case Connelly v. United States. ...
We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.
Ask us
[email protected]
p:412.261.3644
f:412.261.4876
[email protected]
p:614.621.4060
f:614.621.4062
[email protected]
p:571.380.9003