As we conclude our “Health Plan Hygiene” blog series, we reflect on the important insights shared about fiduciary responsibilities under the Employee Retirement Income Security Act of 1974 (ERISA) and highlight the risk posed by recent group health plan fiduciary litigation and offered strategies for mitigating these risks by meeting ERISA obligations. We have explored
cybersecurity
DOL Expands Fiduciary Obligations for Cybersecurity to Health and Welfare Plans
A little more than three years ago, the U.S. Department of Labor (DOL) posted cybersecurity guidance on its website for ERISA plan fiduciaries. That guidance extended only to ERISA-covered retirement plans, despite health and welfare plans facing similar risks to participant data.
Last Friday, the DOL’s Employee Benefits Security Administration (EBSA) issued Compliance Assistance Release…
Why Retirement Plan Sponsors and Fiduciaries Need to Know about the SEC Cybersecurity Amendments
In 2021, the Department of Labor (DOL) issued cybersecurity guidance for ERISA-covered retirement plans. The guidance expands the duties retirement plan fiduciaries have when selecting service providers. Specifically, the DOL makes clear that when selecting retirement plan service providers, plan fiduciaries must prudently assess the cybersecurity of those providers.
On May 15, 2024, the…