Cybersecurity and ERISA Retirement Plans: Risks and Best Practices for Plan Sponsors and Fiduciaries

Cybersecurity of personal employee data is a serious issue. Data breaches across a variety of companies and industries demonstrates that benefit plans, sponsors, and service providers are not immune. Plan sponsors and fiduciaries must be proactive to develop a course of action to address these issues.

Aside from ERISA fiduciary duty principles, there is limited guidance regarding ERISA plan fiduciary duties with respect to privacy and security of plan data and data breaches. The liability for violations of ERISA fiduciary duties can be personal to the individual fiduciary.

Plan sponsors, fiduciaries, and service providers should identify risks and understand the nuances of applicable rules and regulations. In addition, effective privacy and security practices and response procedures should be implemented to minimize potential liability.

Join Mintz Employment attorney Michelle Capezza and her co-panelists as they provide guidance to plan sponsors and fiduciaries, benefits counsel, and service providers on emerging trends in data breaches affecting ERISA retirement plans and the development of best practices. The panel will discuss the scope of fiduciary obligations to prevent breaches, best practices to protect benefit plan data, and  risk mitigation  considerations.