ARTICLE
21 April 2021

DOL Provides Guidance On Cybersecurity

HL
Hogan Lovells Cadwalader

Contributor

Hogan Lovells Cadwalader is a global law firm trusted by clients to deliver on complex, high-stakes matters.

Operating at the intersection of business, finance, and government, we bring an unwavering commitment to client service and the decisive counsel that helps clients achieve exceptional results.

Consistently recognized for innovation across legal services, we combine sharp judgment with deep commercial perspective and intellectual rigor to address critical, cutting-edge challenges.

With 3,100 lawyers worldwide, we offer global scale with strong local insight in the markets that matter most. Our commitment extends beyond client work through pro bono activities, community investment, and responsible business practices.

The DOL's Employee Benefits Security Administration ("EBSA") provided new guidance for plan sponsors, fiduciaries, participants and record-keepers concerning best practices for managing cybersecurity.
United States Employment and HR
Hogan Lovells Cadwalader are most popular:
  • within Intellectual Property, International Law, Government and Public Sector topic(s)

The DOL's Employee Benefits Security Administration ("EBSA") provided new guidance for plan sponsors, fiduciaries, participants and record-keepers concerning best practices for managing cybersecurity. This is the first time the EBSA has provided cybersecurity guidance. (See also GAO retirement plan guidance issued in February 2021: "Defined Contribution Plans: Federal Guidance Could Help Mitigate Cybersecurity Risks in 401(k) and Other Retirement Plans").

The DOL asserted that plan participants and plan assets "may be at risk from both internal and external cybersecurity threats," and that "ERISA requires plan fiduciaries to take appropriate precautions to mitigate these risks."

The EBSA issued the following three forms of guidance:

  • Tips for Hiring a Service Provider with Strong Cybersecurity Practices, which sets forth considerations for plan sponsors and fiduciaries to help them prudently select and monitor plan service providers with strong cybersecurity practices;
  • Cybersecurity Program Best Practices, which provides guidance for record-keepers and other service providers responsible for plan-related IT systems and data, and for plan fiduciaries making prudential decisions regarding the service providers they hire; and
  • Online Security Tips, which provides tips for plan participants and beneficiaries who access their retirement accounts online to decrease the risk of fraud and loss to their retirement accounts.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More