service providers

DOL Expands Fiduciary Obligations for Cybersecurity to Health and Welfare Plans

By Joseph J. Lazzarotti on September 9, 2024

Posted in cybersecurity, Data Privacy, Data Security, EBSA, Employee Health & Welfare Plans, Fiduciary duties, HIPAA

A little more than three years ago, the U.S. Department of Labor (DOL) posted cybersecurity guidance on its website for ERISA plan fiduciaries. That guidance extended only to ERISA-covered retirement plans, despite health and welfare plans facing similar risks to participant data.

Last Friday, the DOL’s Employee Benefits Security Administration (EBSA) issued Compliance Assistance Release…

DOL Plan Audits Updated to Include Several Questions About Compliance with Its Cybersecurity Guidelines

By Joseph J. Lazzarotti on July 26, 2021

Posted in 401(k) plan, 403(b), Audits, Data Security, ERISA, ERISA Plan Administration, Fiduciary duties, Retirement plans

In April, we posted about the U.S. Department of Labor’s (DOL) Employee Benefits Security Administration (EBSA) issuing cybersecurity guidance for employee retirement plans. That is, April 14, 2021. Shortly thereafter, the DOL updated its audit inquiries to include probing questions for plan fiduciaries about their compliance with “hot off the press” agency guidelines.

So, what…

Benefits Law Advisor

service providers

DOL Expands Fiduciary Obligations for Cybersecurity to Health and Welfare Plans

DOL Plan Audits Updated to Include Several Questions About Compliance with Its Cybersecurity Guidelines

Jackson Lewis

About Jackson Lewis