The U.S. Department of Labor has announced guidance for plan sponsors, plan fiduciaries, record keepers and plan participants on best practices for maintaining cybersecurity, including tips on how to protect the retirement benefits of America’s workers. This is the first time the department’s Employee Benefits Security Administration (EBSA) has issued cybersecurity guidance. This guidance is directed at plan sponsors and fiduciaries regulated by the Employee Retirement Income Security Act (ERISA), and plan participants and beneficiaries. ERISA requires plan fiduciaries to take appropriate precautions to mitigate the risks of both internal and external cybersecurity threats.
The Employee Benefits Security Administration has prepared the following best practices for use by recordkeepers and other service providers responsible for plan-related IT systems and data, and for plan fiduciaries making prudent decisions on the service providers they should hire. Plans’ service providers should:
Compass IT Compliance is extremely well-versed in assisting plan sponsors, plan fiduciaries, record keepers and plan participants in mitigating their cybersecurity risks. Our team of industry experts will perform a risk assessment to the Department of Labor Cybersecurity Program Best Practices. Your organization will be assessed in the 12 areas listed above to determine compliance with each discipline. Our assessment will help to uncover gaps in controls and will outline a clear and prioritized remediation strategy. Contact us today to discuss your unique situation. Secure. Comply. Save.