Q: Erick, cybersecurity will be a big topic for our year-end plan review meeting with our advisor and recordkeeper relationship manager. To help us prepare for that discussion, has there been any guidance issued from the Department of Labor?
A: Earlier this year, the U.S. Department of Labor (DOL) released first-ever guidance for plan sponsors, plan fiduciaries, recordkeepers, and plan participants on best practices for maintaining cybersecurity. In addition, the DOL issued informal guidance noting that “responsible plan fiduciaries have an obligation to ensure proper mitigation of cybersecurity risks.”
And after reading about data breach examples like this, you can understand why the new guidance has been put in place.
- The first piece of guidance offers tips for hiring a service provider with strong cybersecurity practices and monitoring their activities.
- The second piece of guidance lays out cybersecurity program best practices to help plan fiduciaries and recordkeepers stay on top of their responsibilities to manage cybersecurity risks.
- Lastly, the DOL issued online security tips aimed at plan participants and beneficiaries who check their retirement accounts online.
|You can access EBSA’s full guidance here: https://tinyurl.com/4zd63xr7.
Ready to discuss your retirement plan with a 401(k) Advisor?
RP-756-1221 Tracking #1-05221516
For plan sponsor use only, not for use with participants or the general public. This information is not intended as authoritative guidance or tax or legal advice. You should consult with your attorney or tax advisor for guidance on your specific situation.
Kmotion, Inc., 412 Beavercreek Road, Suite 611, Oregon City, OR 97045; www.kmotion.com
©2021 Kmotion, Inc. This newsletter is a publication of Kmotion, Inc., whose role is solely that of publisher. The articles and opinions in this publication are for general information only and are not intended to provide tax or legal advice or recommendations for any particular situation or type of retirement plan. Nothing in this publication should be construed as legal or tax guidance; nor as the sole authority on any regulation, law or ruling as it applies to a specific plan or situation. Plan sponsors should consult the plan’s legal counsel or tax advisor for advice regarding plan-specific issues.