The Department of Labor (DOL) has issued guidance regarding best practices for maintaining effective cybersecurity of retirement benefits for America’s workforce. The guidance complements the DOL regulations regarding electronic records/disclosures to plan participants and beneficiaries, inclusive of recordkeeping systems with “reasonable controls and adequate record management practices in place”. It includes tips for hiring retirement plan recordkeepers/service providers that have strong cybersecurity practices and demonstrated monitoring of such practices. (Further, the Employee Benefits Security Administration (EBSA) recommends evaluation of a providers’ track record in this regard, as well as security standards, practices, and policies). Best practices are also outlined, such as clear definitions of roles and responsibilities pertaining to cybersecurity, a well-documented, sound cybersecurity program, as well as annual risk assessments and training. In addition, online security tips are offered for plan participants and beneficiaries to maintain secure access to their accounts.
www.jdsupra.com; April 20, 2021.
www.plansponsor.com; April 14, 2021.