02 Aug 2023
Step Away from that 401(k) Account! Cyber-Hacks and Employee Benefits
Cybersecurity incidents involving employee benefit plans have attracted increased attention. Security incidents have involved breaches of personally identifiable information (PII, in HIPAA-speak), and wholesale theft of defined contribution plan participant accounts. In 2021, DOL issued informal three-part guidance on cybersecurity best practices for retirement plan sponsors, fiduciaries, recordkeepers, and participants. A recent ERISA Advisory Council report explores how employee benefit plans can insure against cybersecurity risks. Plus, the Office of Civil Rights, enforcer for HHS, in its June newsletter, focuses on the importance of having robust authentication processes in place to thwart cyber-attacks on web servers or email servers using stolen or compromised credentials and in an agency letter warns that website tracking technologies may result in inadvertent prohibited disclosures.
Related Content
- HIPAA Privacy and Security Training Presentation
Reference this training presentation of HIPAA and precautions to which those who handle HIPAA-protected health information are subject. Training is required under HIPAA regulations, with refreshers! - Privacy Risks for Retirement and Other Non-Health Benefit Plans
Learn about the litigation risks faced by sponsors of employee benefit plans regarding their handling of PII on behalf of plan participants and beneficiaries.
Practical Guidance Updates
Featuring the latest updates from your Practical Guidance account.
- Employee Benefits & Executive Compensation Key Legal Developments Tracker
Stay informed on new developments.- ERISA. The ERISA Advisory Council released a consultation paper regarding Interpretive Bulletin 95-1(relating to ERISA fiduciary standards when selecting an annuity provider for a defined benefit pension plan) suggesting that DOL review the IB and consult with the Council to determine whether amendments to IB 95-1 are warranted. ERISA Advisory Council, EBSA Interpretative Bulletin 95-1 consultation paper.
- Health and Welfare Plans. Agencies propose regulations that would (1) modify rules regarding the circumstances under which non-coordinated fixed-indemnity insurance can qualify as an excepted benefit, (2) request information on the market for disease- or illness-specific insurance as an excepted benefit, and (3) narrow the coverage that can qualify as short-term limited duration insurance (STLDI), exempt from many ACA requirements when issued in the individual market. 88 Fed. Reg. 44,596 (July 12, 2023).
- Generative Artificial Intelligence (AI) Resource Kit is a collection of current guidance on generative AI, ChatGPT, and similar tools.
- Public Interest, Pro Bono, and Non-Profit Resource Kit provides an overview of guidance for those working in the public interest space seeking resources to assist with a variety of issues, including Tenant's Rights, Fair Housing, Discrimination, Immigration, plus best practices when providing pro bono legal services and when working with nonprofit organizations.
- Document alerts allow you to stay current on legal developments that affect your practice. Find out how to set up your document alerts.
- The Practical Guidance Journal Second Edition 2023 includes legal developments on generative AI, cautions related to the use of AI in hiring and assessing, and the new challenges long COVID presents for employers.
- Check out the new Practical Guidance Author Center! Learn about the 1750+ leading attorney authors contributing to our 24 practice areas and find out how you can Become a Practical Guidance Author.
- Legal Developments provide the latest updates and analyses of emerging topics impacting your practice area. Visit the Legal Developments page to see the latest topics, which also include breaking legal news and related Practical Guidance content.
- Listen Up! The Practical Guidance and Law360 Podcasts Resource Kit features interviews with industry-leading attorneys on cutting edge issues in the law: AI, NFTs, Cannabis, and more.
- New and Updated Practical Guidance Content
- New York Non-compete Ban Goes to Governor
- ‘Clawing Back’ Executive Compensation: Companies Listed on the NYSE and Nasdaq Have Until December 1 to Adopt a Compensation Recovery Policy
- Ex-Hertz CEO Wins Clawback Suit Over Accounting Errors
- Covid-19 Health Plan Relief Dies Down
- ACA and HIPAA Excepted Benefits
- Executive Employment Agreement Negotiation and Drafting (Pro-employer)
- Executive Employment Agreement Negotiation and Drafting (Pro-executive)
PRACTICAL GUIDANCE CUSTOMER EMAIL EDITION ON THE WEB
Experience results today with practical guidance, legal research, and data-driven insights—all in one place.
Experience Lexis+