The U.S. Department of Labor issued guidance addressing the cybersecurity practices of retirement plan sponsors, service providers and plan participants. The guidance is focused on what steps retirement plan sponsors should take with respect to checking cybersecurity to ensure they are upholding their ERISA fiduciary guidance with respect to the retirement plan. The guidance is also useful for seeing what items the government think are important for cybersecurity best practices.
The guidance is in three parts:
- Tips for Hiring a Service Provider with Strong Cybersecurity Practices may be accessed by clicking here. It provides recommendations for steps a plan fiduciary should take when hiring a retirement plan provider.
- Cybersecurity Program Best Practices may be accessed by clicking here. It provides IT suggestions for ERISA retirement plan recordkeepers.
- Online Security Tips may be accessed by clicking here. It provides retirement plan participants suggestions for keeping their online account information safe.
This new guidance shows the importance of cybersecurity for benefit plan offerings.