Cybersecurity and ERISA Benefit Plans: Risks Best Practices for Plan Sponsors and Fiduciaries

A live 90-minute premium CLE video webinar with interactive Q&A

Wednesday, January 13, 2021

1:00pm-2:30pm EST, 10:00am-11:30am PST

Early Registration Discount Deadline, Friday, December 18, 2020

or call 1-800-926-7926

This CLE webinar will provide guidance to plan fiduciaries, ERISA counsel, and service providers on trends in data breaches of ERISA benefit plans, discuss the current scope of fiduciary obligations and best practices to protect benefit plan data, and risk mitigation considerations.


Data breach is an increasingly serious issue for many industries during the pandemic. Recent data breaches across a variety of companies demonstrate that benefit plans, sponsors, and service providers are not immune. Plan sponsors and fiduciaries must act proactively to develop a course of action to address these issues.

Unlike privacy and security of protected health information where the standards are more certain (e.g., HIPAA, HITECH), the standards for ERISA plan fiduciaries to secure personally identifiable information are less clear. Aside from ERISA fiduciary duty principles, there is limited guidance regarding ERISA plan fiduciary duties with respect to privacy and security of plan data and data breaches. The liability for violations of ERISA fiduciary duties can be personal to the individual fiduciary.

Plan sponsors, fiduciaries, and service providers should identify risks and understand the nuances of applicable rules and regulations. In addition, effective privacy and security practices and response procedures should be implemented to minimize potential liability.

Listen as our panel provides guidance to benefits counsel on trends in data breaches in ERISA retirement plans. The panel will discuss the scope of fiduciary obligations to prevent breaches, industry standards, ERISA preemption of state data breach laws, and contractual risk mitigation with third-party administrators (TPAs).



  1. Trends in ERISA data breaches: healthcare and retirement plans
  2. Lessons from recent data breaches and litigation
  3. ERISA fiduciary obligations concerning data breaches
  4. Incorporating cybersecurity protections into retirement plan contracts with TPAs and other service providers


The panel will review these and other key issues:

  • What lessons can be learned from recent breaches of retirement plan employee information and data?
  • What should ERISA plan fiduciaries consider in developing benefit plan cybersecurity best practices?
  • How can cybersecurity protections be incorporated into retirement plan contracts with service providers and TPAs?
  • What specific obligations do plan sponsors and fiduciaries have when responding to an occurrence of a data breach?


Bokert, Mark
Mark E. Bokert

Davis & Gilbert

Mr. Bokert is co-chair of the firm's Benefits & Compensation Practice Group. His practice encompasses nearly...  |  Read More

Capezza, Michelle
Michelle Capezza

Epstein Becker & Green

Ms. Capezza is a member of the firm’s Employee Benefits and Health Care and Life Sciences practice groups. She...  |  Read More

Gower, Robert
Robert R. Gower

Trucker Huss

Mr. Gower concentrates his practice in all aspects of tax-qualified retirement plan design, compliance, and...  |  Read More

Live Webinar

Buy Live Webinar
Early Discount (through 12/18/20)

Live Webinar


Buy Live Webinar & Recording
Includes special savings of $300 (through 12/18/20)

Live Webinar & Download


Live Webinar & DVD

$394 + $24.45 S&H

Other Formats
— Anytime, Anywhere

Early Discount (through 12/18/20)

Strafford will process CLE credit for one person on each recording. All formats include program handouts. To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video

48 hours after event



48 hours after event



10 business days after event

$297 + $24.45 S&H