BarbriSFCourseDetails
  1. keyboard_arrow_leftBack

Course Details

Course Information
  • smart_display Format

    On-Demand

  • signal_cellular_alt Difficulty Level

    Intermediate

  • work Practice Area

    ERISA

Date & Time
  • event Date

    Thursday, October 10, 2024

  • schedule Time

    1:00 p.m. ET./10:00 a.m. PT

  • timer Program Length

    90 minutes

Credit Information

  • This 90-minute webinar is eligible in most states for 1.5 CLE credits.

$347.00
CLE
ALL

This CLE webinar will provide guidance to employee benefits counsel on managing data privacy and cybersecurity risks for ERISA healthcare and retirement plans, lessons from recent data breaches, ERISA fiduciary obligations, ERISA preemption of state data breach laws, and contractual risk mitigation with third-party administrators (TPAs).

Faculty

José M. Jara
Counsel
Fox Rothschild LLP

Mr. Jara has over 20 years of ERISA and employee benefits experience, ranging from governmental compliance, fiduciary liability insurance, to the application of ERISA’s fiduciary standards and prohibited transaction provisions. Mr. Jara has extensive experience resolving issues for corporate plan sponsors and multiemployer plans before the U.S. Department of Labor, where he was formerly a senior pension law specialist and investigator.

expand_circle_down Expand to View Full Bio expand_circle_up Collapse Bio
Doug Davidson
Director of Information Technology Services
GBQ Partners, LLC

Mr. Davidson joined GBQ in 2016, bringing 30 years of experience working with technology and technology leadership in companies ranging in size from innovative, emerging businesses to Fortune 500s. Prior to joining the firm, he was President and CEO of Jacadis, a Columbus- based information security and information risk management firm. Previously, Mr. Davidson was Practice Leader for web technologies at SARCOM and FrontWay. He works with business leaders and executives to assess and improve the operationalization of information risk and information security programs. Mr. Davidson advises information security and compliance leadership in larger enterprises focusing on control assessment and improvement in areas such as security leadership, policy and procedure, security awareness, third-party risk management and compliance with HIPAA, PCI and ISO 27001. He is a recognized speaker, regularly presenting at local and regional business and professional organizations. Mr. Davidson is also a two-time faculty member of InfoSec World.

expand_circle_down Expand to View Full Bio expand_circle_up Collapse Bio

Description

Data breach prevention and response is an increasingly serious issue for many industries. Recent data breaches have affected employers and health plans nationwide, confirming that health plans and insurers are not immune. Plan sponsors and fiduciaries must take great care to comply with complex regulations that differ based on the type of plan involved.

ERISA counsel and fiduciaries need a complete understanding of applicable regulations to maintain data privacy.

Unlike the liability for breaches of healthcare plans where the standards and liability are more certain (e.g., HIPAA), the standards and liability under ERISA for retirement benefits plans are inconclusive. While regulatory guidance to ERISA administrators and fiduciaries regarding data breaches is scarce, the DOL provided limited guidance on cybersecurity risks.

Listen as our esteemed panel provides guidance to benefits counsel on trends in data breaches of ERISA healthcare and retirement plans. The panel will review recent cases, discuss the scope of fiduciary obligations to prevent breaches, address ERISA preemption of state data breach laws, and outline contractual risk mitigation with TPAs.

Outline

  1. Trends in ERISA data breaches: healthcare and retirement plans
  2. Lessons from recent litigation
  3. ERISA fiduciary obligations with respect to data breaches
  4. Trends in ERISA preemption litigation and what it portends for preemption of state data breach laws
  5. Incorporating cybersecurity protections into retirement plan contracts with TPAs

Benefits

The panel will review these and other key issues:

  • What specific obligations do plan sponsors and fiduciaries have when responding to a data breach occurrence?
  • How can plan sponsors manage their breach response to safeguard plan data, achieve an effective response, and reduce the risk of legal and regulatory action?
  • What lessons can be learned from recent litigation and breaches of retirement plan employee information?
  • How can cybersecurity protections be incorporated into retirement plan contracts with TPAs?