Archives: Data Security

Subscribe to Data Security RSS Feed

DOL Issues Cybersecurity Best Practices for ERISA Covered Retirement Plans

Today, the U.S. Department of Labor’s Employee Benefits Security Administration (EBSA) issued much anticipated cybersecurity guidance for employee retirement plans. This comes more than four and a half years after the ERISA Advisory Council, a 15-member body appointed by the Secretary of Labor to provide guidance on employee benefit plans, shared with the federal Department of … Continue Reading

Lawmakers Seek Clarity on EEOC Regulations Concerning Incentives for COVID-19 Vaccinations

Providing incentives for employees to get the COVID-19 vaccine continues to be on the minds of organizations as vaccinations pick up speed. However, concerns about privacy and the shifting positions on wellness program regulation has left many employers wary about implementing more robust incentives. According to Bloomberg, two GOP members of Congress are urging the … Continue Reading

Wellness Programs and Water Bottles, the EEOC Proposes New Rules under the ADA and GINA

Since 1996, when Congress passed the Health Insurance Portability and Accountability Act (HIPAA), employers have been struggling with whether and to what extent they could offer incentives to employees to participate in certain “wellness programs.” The Equal Employment Opportunity Commission’s (EEOC) position on these programs has been a significant driver of those struggles, primarily due … Continue Reading

Personal Data from Thousands of Pension Plan Accounts Breached…Third-Party Service Provider Blamed

One of the last things pension plan participants would want to learn as they get ready to celebrate the Christmas holiday is that personal data from their pension accounts may have been compromised. This is the case, unfortunately, for approximately 30,000 Now:Pensions customers whose names, postal and email addresses, birth dates and the equivalent of … Continue Reading

Could This Be Your Retirement Plan?

As reported by CBC, B.C. Pension Corporation announced a data breach involving pension plan records after discovering a box containing microfiche could not be found following a recent office move. The box contained personal information (names, social insurance numbers and dates of birth) on approximately 8,000 pension plan participants. The company employed those participants during the period 1982 to … Continue Reading

Pension Plan Suffers Cybersecurity Attack, ERISA Advisory Council Offers Cybersecurity Recommendations to DOL

It has been reported that infamous bank robber, Slick Willie Sutton, once said, “I rob banks because that’s where the money is.” Data thieves, understandably, have a similar strategy – go where the data is. The retail industry knows this as it has been a popular target for payment card data. The healthcare and certain … Continue Reading

Employee Benefit Plans and Data Security Issues

In recent weeks, much of the discussion around a recent Supreme Court case, Gobeille, has focused on ERISA preemption. But for fiduciaries of benefit plans the case can serve as a reminder of important duties that often go unexplored—protecting the private data of participants. Briefly, the case challenged a Vermont law that required reporting of … Continue Reading
LexBlog