Request a Proposal

Johns Hopkins University Data Security Lawsuit Settlement

A settlement has been reached in this case in which plaintiffs alleged a fiduciary breach of loyalty and prudence, as the plan fiduciaries allegedly did not protect confidential participant data, allowing the recordkeeper to use such information to sell investment products outside of the plan to plan participants. Participant data included participant ages, size of account balance, employment status, and length of employment. Plaintiffs further alleged that the plan fiduciary failed to consider the value of the recordkeepers’ access to such information when negotiating price. Settlement terms included a contractual limitation for the recordkeeper to use participant data for the purpose of selling products or services unrelated to the plan, unless responding to a particular participant’s request. Terms also include periodic RFPs for recordkeeping and a requirement that participating recordkeepers agree to this clause.; October 1, 2019.