Cybersecurity and ERISA Retirement Plans: Risks and Best Practices for Plan Sponsors and Fiduciaries

Course Details
- smart_display Format
On-Demand
- signal_cellular_alt Difficulty Level
Intermediate
- work Practice Area
ERISA
- event Date
Wednesday, October 25, 2023
- schedule Time
1:00 p.m. ET./10:00 a.m. PT
- timer Program Length
90 minutes
-
This 90-minute webinar is eligible in most states for 1.5 CLE credits.
This CLE course will provide guidance to plan fiduciaries, ERISA counsel, and service providers on trends in data breaches of ERISA benefit plans, discuss the current scope of fiduciary obligations and best practices to protect benefit plan data, and review risk mitigation considerations.
Faculty

Mr. Bokert is co-chair of the firm's Benefits + Compensation Practice Group. His practice encompasses nearly all aspects of executive compensation and employee benefits, including matters related to equity plans, deferred compensation plans, phantom equity plans, qualified retirement plans and welfare plans. He has extensive experience in Section 409A and deferred compensation arrangements. He has extensive experience in counseling plan committees on their fiduciary responsibilities under ERISA.

Ms. Capezza is an accomplished employee benefits and executive compensation lawyer with more than 25 years of experience advising clients on ERISA, benefits, and executive compensation matters, including in connection with corporate transactions. She also brings this knowledge and experience to counsel clients that are digitally transforming their business on the use of automation and artificial intelligence in the workplace and the related implications for employee benefits and compensation for their changing workforce. Ms. Capezza is called to represent Fortune 500 companies, multinational corporations, nonprofit entities, medium-sized businesses, and individual executives across a variety of industries, including financial services, health care, life sciences, technology, artificial intelligence, media, telecommunications, hospitality, and retail.

Mr. Gower concentrates his practice in all aspects of tax-qualified retirement plan design, compliance, and administration. He routinely works with defined benefit, cash balance, profit sharing, 401(k) and KSOP plans. He has wide-ranging experience in plan drafting and assists plan sponsors in preparing committee charters and bylaws to help govern plan administration. He routinely works with clients to assist with compliance efforts and works with plan sponsors to comply with ERISA’s fiduciary requirements.
Description
Cybersecurity is an increasingly serious issue for many industries. Recent data breaches across a variety of companies demonstrate that benefit plans, sponsors, and service providers are not immune. Plan sponsors and fiduciaries must act proactively to develop a course of action to address these issues.
Aside from ERISA fiduciary duty principles, there is limited guidance regarding ERISA plan fiduciary duties with respect to privacy and security of plan data and data breaches. The liability for violations of ERISA fiduciary duties can be personal to the individual fiduciary.
Plan sponsors, fiduciaries, and service providers should identify risks and understand the nuances of applicable rules and regulations. In addition, effective privacy and security practices and response procedures should be implemented to minimize potential liability.
Listen as our panel provides guidance to benefits counsel on trends in data breaches in ERISA retirement plans. The panel will discuss the scope of fiduciary obligations to prevent breaches, industry standards, ERISA preemption of state data breach laws, and contractual risk mitigation with third-party administrators (TPAs).
Outline
- Trends in ERISA data breaches for retirement plans
- Lessons from recent data breaches and litigation
- ERISA fiduciary obligations concerning data breaches
- Incorporating cybersecurity protections into retirement plan contracts with TPAs and other service providers
Benefits
The panel will review these and other key issues:
- What lessons can be learned from recent breaches of retirement plan employee information and data?
- What should ERISA plan fiduciaries consider in developing benefit plan cybersecurity best practices?
- How can cybersecurity protections be incorporated into retirement plan contracts with service providers and TPAs?
- What specific obligations do plan sponsors and fiduciaries have when responding to an occurrence of a data breach?
Unlimited access to premium CLE courses:
- Annual access
- Available live and on-demand
- Best for attorneys and legal professionals
Unlimited access to premium CPE courses.:
- Annual access
- Available live and on-demand
- Best for CPAs and tax professionals
Unlimited access to premium CLE, CPE, Professional Skills and Practice-Ready courses.:
- Annual access
- Available live and on-demand
- Best for legal, accounting, and tax professionals
Related Courses

Cunningham v. Cornell University: Recent SCOTUS Ruling, ERISA Prohibited Transaction Claims, Pleading Standards, Exemptions
Friday, May 30, 2025
1:00 p.m. ET./10:00 a.m. PT

409A Guidance on Nonqualified Deferred Compensation Plans: Compliance Strategies
Thursday, May 29, 2025
1:00 p.m. ET./10:00 a.m. PT

Multiemployer Pension Plan Withdrawal: An In-Depth Examination
Available On-Demand

Collective Investment Trusts and 401(k) Plan Investments: Guidance for Fiduciaries and Employee Benefits Counsel
Friday, May 23, 2025
1:00 p.m. ET./10:00 a.m. PT
Recommended Resources
Getting the Most Out of BARBRI Resources
- Learning & Development
- Business & Professional Skills
- Talent Development
Navigating Modern Legal Challenges: A Comprehensive Guide
- Business & Professional Skills
- Career Advancement