Cybersecurity Considerations for ERISA Plan Fiduciaries

Summary

This practice note addresses the cybersecurity-related concerns of fiduciaries of employee benefit plans governed by the Employee Retirement Income Security Act of 1974 (ERISA) involved in the protection of participants' plan assets, financial and personally identifiable information, protected health information, and other plan data. During a time when the global digital landscape is expanding exponentially and becoming increasingly vulnerable, ERISA plan fiduciaries are desperately in need of guidance—both regulatory guidance from the Department of Labor (DOL) and legal and practical guidance from counsel in anticipation of such regulation and plan audits by the U.S. Department of Labor (DOL).