Fiduciary News quoted Of Counsel Michelle Capezza in an article about how even though ERISA does not address cybersecurity in its original 1974 text, it requires fiduciaries to act prudently in managing and protecting 401k plans. The Department Of Labor issued guidance for 401k plan sponsors in 2021 and 2024, which explicitly ties cybersecurity to fiduciary responsibilities.

Michelle says, “Plan sponsors and fiduciaries should take note of this guidance which provides tips for hiring service providers and protocols that they should have in place for cybersecurity, and also develop and adhere to cybersecurity policies and procedures that demonstrate best practices to protect plan participant and beneficiary data which includes a data breach response plan of action if a data breach occurs.”

Source

Fiduciary News