ERISA CyberSecurity Regulations

For the first time, the Department of Labor (DOL) issued Cybersecurity regulations for benefit plans regulated by ERISA.  The guidelines, issued in April, provide best practices on Cybersecurity programs, Online Security Tips and Tips for Hiring a Service Provider.  As a reminder, any benefit plan such as medical plan with more than one participant must comply with ERISA regulations. A few of the tips from the DOL include;
What can businesses do to ensure participant information is secure?

• Offer Cybersecurity training for employees
• Encrypt sensitive data, either stored or in transit
• Implement strong security controls
• Work with service providers that have strong cybersecurity policies
  • Does the provider have Cybersecurity insurance?
  • Has the provider had any breach of security in the past?
  • How does the provider monitor its security practices?

If you need more information regarding the ERISA Cybersecurity regulations, you can reach out to us.