As we conclude our “Health Plan Hygiene” blog series, we reflect on the important insights shared about fiduciary responsibilities under the Employee Retirement Income Security Act of 1974 (ERISA) and highlight the risk posed by recent group health plan fiduciary litigation and offered strategies for mitigating these risks by meeting ERISA obligations. We have explored

A little more than three years ago, the U.S. Department of Labor (DOL) posted cybersecurity guidance on its website for ERISA plan fiduciaries. That guidance extended only to ERISA-covered retirement plans, despite health and welfare plans facing similar risks to participant data.

Last Friday, the DOL’s Employee Benefits Security Administration (EBSA) issued Compliance Assistance Release

In 2021, the Department of Labor (DOL) issued cybersecurity guidance for ERISA-covered retirement plans. The guidance expands the duties retirement plan fiduciaries have when selecting service providers. Specifically, the DOL makes clear that when selecting retirement plan service providers, plan fiduciaries must prudently assess the cybersecurity of those providers.  

On May 15, 2024, the