ERISA Fiduciaries, Data Privacy and Cybersecurity Risks: HIPAA, HITECH, and ERISA Preemption of State Data Breach Laws

Responding to Data Breaches of Healthcare Administrators and Retirement Plans, Minimizing Risks with TPAs

Recording of a 90-minute CLE webinar with Q&A

Conducted on Tuesday, June 20, 2017
Recorded event now available

This CLE webinar will provide guidance to employee benefits counsel on trends in data breaches for ERISA healthcare and retirement plans, lessons from recent BCBS/Anthem litigation, ERISA fiduciary obligations, ERISA preemption of state data breach laws, and contractual risk mitigation with third-party administrators (TPAs).


Data breach prevention and response is an increasingly serious issue for many industries. Anthem’s data breach affected employers and health plans nationwide, confirming that health plans and insurers are not immune. Plan sponsors and fiduciaries must take great care to comply with complex regulations that differ based on the type of plan involved.

Last year two retirement plan administrators experienced data breaches. Unlike the liability for breaches of healthcare plans where the standards and liability are more certain (e.g., HIPAA, HITECH), the standards and liability under ERISA for retirement benefits plans are inconclusive. There is no case law regarding whether ERISA fiduciaries have a fiduciary duty to take reasonable measures to prevent data breaches, and unlike HIPAA and HITECH, the liability for violations of ERISA fiduciary duties is personal to the individual fiduciary.

While regulatory guidance to ERISA administrators and fiduciaries regarding data breaches is scarce, the ERISA Advisory Council recently provided DOL with limited guidance on cybersecurity risks. However, the guidance addresses neither the scope of ERISA fiduciary obligations regarding cybersecurity, nor whether ERISA preempts state data breach laws. While the court in the Anthem litigation held that the state law claims were preempted by ERISA, there is a dearth of case law on this issue.

Listen as our esteemed panel provides guidance to benefits counsel on trends in data breaches of ERISA healthcare and retirement plans. The panel will review the recent BCBS/Anthem litigation, discuss the scope of fiduciary obligations to prevent breaches, ERISA preemption of state data breach laws, and contractual risk mitigation with TPAs.


  1. Trends in ERISA data breaches: health care and retirement plans
  2. Lessons from the BCBS/Anthem litigation
  3. ERISA fiduciary obligations with respect to data breaches
  4. Trends in ERISA preemption litigation and what it portends for preemption of state data breach laws
  5. Incorporating cybersecurity protections into retirement plan contracts with TPAs


The panel will review these and other key issues:

  • What specific obligations do plan sponsors and fiduciaries have when responding to an occurrence of a data breach?
  • How can plan sponsors manage their breach response to safeguard plan data, achieve an effective response, and reduce the risk of legal and regulatory action?
  • What lessons can be learned from the Anthem litigation and recent breaches of retirement plan employee information?
  • How can cybersecurity protections be incorporated into retirement plan contracts with (TPAs)?


Saad Gul, Partner
Poyner Spruill, Raleigh, N.C.

Mr. Gul focuses his practice on privacy and information security.He advises clients on a wide range of privacy, data security, and cyber liability issues, including risk management plans, regulatory compliance, cloud computing implications, and breach obligations. He writes and speaks regularly on privacy, data security, and cyber liability issues. He is the author of over a dozen published law review articles, as well as a number of articles in trade journals. He has also served on the Cyber Security Task Force of the U.S. Chamber of Commerce.

Michael E. Slipsky, Partner
Poyner Spruill, Raleigh, N.C.

Mr. Slipsky focuses his practice on mergers and acquisitions, representing buyers and sellers in broad range of industries. He also counsels clients on a variety of privacy and information security matters, including HIPAA compliance and data breach prevention and responses. Additionally, he advises clients on a broad range of corporate and securities matters, including corporate reorganizations and restructurings, commercial contracts, corporate governance, the formation and maintenance of business entities, and securities offerings.

Brenna A. Davenport
Poyner Spruill, Charlotte, N.C.

Ms. Davenport practices primarily in two areas of law, employee benefits and business law. In the area of employee benefits, she represents clients in the design, implementation and administration of retirement, welfare, fringe, and executive compensation plans. In the area of business law, she advises small and midsize closely held corporate clients and non-profit entities regarding a broad range of corporate transactional matters.


CLE On-Demand - Streaming Video

Includes recorded streaming video of full program plus PDF handouts.

On-demand is the only recorded format recognized for CLE credits in DE, IN, KS, LA, MS, NC, OH, OK, SC, TN, VA, WI.

AK, AZ, CA, CO, CT, DE, FL, GA, HI, IA, ID, IL, IN*, KS, KY, LA, ME, MN, MO, MT, NC, ND, NH**, NJ, NM, NV, NY, OH*, OK, OR, PA, SC, TN, TX, UT, VA, VT, WA, WI, WV, WY (Note: Some states restrict CLE eligibility based on the age of a program. Refer to our state CLE Map for additional information.)

*Only available for attorneys admitted for more than two years. For OH CLE credits, only programs recorded within the current calendar year are eligible - contact the CLE department for verification.

**NH attendees must self-determine if a program is eligible for credit and self-report their attendance.

CLE On-Demand Video $297.00

How does this work?

Recorded Event

Includes full event recording plus handouts.

Strafford is an approved provider and self-study CLE credit is available in most states.

AK, AZ, CA, CO, CT, FL, GA, HI, IA, ID, IL, KY, ME, MN, MO, MT, ND, NJ, NM, NY, OR, PA, TN, TX, UT, VT, WA, WV, WY (Note: Some states restrict CLE eligibility based on the age of a program. Refer to our state CLE Map for additional information.)

Strafford will process CLE credit for one person on each recording.

Additional copies of a recording can be purchased at a discount. Please call Strafford Customer Service toll-free at 1-800-926-7926 ext 10 or email to place your order.

Recorded Webinar Download $297.00

How does this work?

Recorded Audio Download (MP3) $297.00

How does this work?


Strafford webinars offer several options for participation: online viewing of speaker-controlled PowerPoint presentations with audio via computer speakers or via phone; or audio only via telephone (download speaker handouts prior to the program).  Please note that our webinars do not feature videos of the presenters.

Program Materials

Requires Adobe Reader 8 or later. Download Acrobat FREE.

Program Materials

Requires Adobe Reader 8 or later. Download Acrobat FREE.

or call 1-800-926-7926

CLE Credits

Many states grant CLE credits for on-demand streaming audio programs and recorded events. Our programs are pre-approved in many states. Refer to our state CLE map for state-specific information.

or call 1-800-926-7926

Customer Reviews

The program covered topics that are of significant concern to many of my clients and I enjoyed the good discussion of the case law supporting the various points made.

Larry Crabtree

King & Ballow

The seminar reinforced information and explained issues in a clear manner without being either too elementary or too technical.

Mary Bowden

SC&H Group

Great overall summary of ERISA issues.

Shannon Awsumb

Anthony Ostlund Baer & Louwagie

The program was very helpful and gave me a good overview.

Lauren Piana

Odin, Feldman & Pittleman

The webinar addressed exactly what I needed for this area of my practice. Very useful information and very impressive program.

Nona Massengill

Williams Mullen

or call 1-800-926-7926

Employment & ERISA Advisory Board

Susan E. Bernstein

Special Counsel

Schulte Roth & Zabel

Judith (Jude) Biggs


Holland & Hart

Joshua Davis


Goulston & Storrs

Barbara E. Hoey


Kelley Drye

Jeffrey Hollingsworth


Perkins Coie

Diana L. Hoover


Hoover Kernell

Paul J. Kennedy


Littler Mendelson

Marcia Nelson Jackson


Wick Phillips

William C. Martucci


Shook Hardy & Bacon

Laura Foote Reiff


Greenberg Traurig

Eugene Scalia


Gibson Dunn & Crutcher

Peter Steinmeyer


Epstein Becker & Green

Teresa R. Tracy


Freeman Freeman Smiley

Todd D. Wozniak


Greenberg Traurig

or call 1-800-926-7926

Our Guarantee

Strafford webinars are backed by our 100% Unconditional Money-Back Guarantee: if you are not satisfied with any of our products, simply let us know and get a full refund. For more information regarding complaints and refunds, please contact us at 1-800-926-7926 ext 10. Complaints regarding this program can be submitted via the course evaluation found in the “Thank you” e-mail at the end of the course.