business Plan Sponsors, Are You Caught Up on Cybersecurity Guidance for Benefit Plans? October 18, 2021 Happy Cyber Month, Plan Sponsors! Here’s a sneak peek into our blog, DOL Issues Cybersecurity Guidance for Employee Benefit Plans. Did you read our blog, DOL Issues Cybersecurity Guidance for Employee Benefit Plans? You’ll want to check it out for important guidance released this past spring regarding cybersecurity guidance for plan sponsors, plan fiduciaries, record keepers and plan participants of employee benefit plans. As we celebrate Cybersecurity Awareness Month, here’s a refresher on that guidance. DOL EBP guidance Check out our blog for all the details, but essentially the guidance comes in three forms: Tips for hiring a service provider (for plan sponsors and fiduciaries), including what to ensure in your service provider contract:-Awareness of provisions that may limit the service provider’s responsibility for security breaches-Intentional inclusion of terms that would increase protection for the Plan and participants-Information Security ReportingCybersecurity program best practices (for fiduciaries and record-keepers), including:-Formal and documented cybersecurity program-Annual risk assessments-Third-party audit of security controlsOnline security tips (for participants and beneficiaries), including:-Use multi-factor authentication (text messages or e-mail)-Be Wary of free wi-fi Questions? Contact us.
