Since 1996, when Congress passed the Health Insurance Portability and Accountability Act (HIPAA), employers have been struggling with whether and to what extent they could offer incentives to employees to participate in certain “wellness programs.” The Equal Employment Opportunity Commission’s (EEOC) position on these programs has been a significant driver of those struggles, primarily due … Continue Reading
One of the last things pension plan participants would want to learn as they get ready to celebrate the Christmas holiday is that personal data from their pension accounts may have been compromised. This is the case, unfortunately, for approximately 30,000 Now:Pensions customers whose names, postal and email addresses, birth dates and the equivalent of … Continue Reading
As reported by CBC, B.C. Pension Corporation announced a data breach involving pension plan records after discovering a box containing microfiche could not be found following a recent office move. The box contained personal information (names, social insurance numbers and dates of birth) on approximately 8,000 pension plan participants. The company employed those participants during the period 1982 to … Continue Reading
It has been reported that infamous bank robber, Slick Willie Sutton, once said, “I rob banks because that’s where the money is.” Data thieves, understandably, have a similar strategy – go where the data is. The retail industry knows this as it has been a popular target for payment card data. The healthcare and certain … Continue Reading
In recent weeks, much of the discussion around a recent Supreme Court case, Gobeille, has focused on ERISA preemption. But for fiduciaries of benefit plans the case can serve as a reminder of important duties that often go unexplored—protecting the private data of participants. Briefly, the case challenged a Vermont law that required reporting of … Continue Reading