In Compliance Assistance Release No. 2024-01, the U.S. Department of Employee Benefits Security Administration (EBSA) affirmed that all ERISA covered health and welfare plans are subject to the cybersecurity guidance which was published in 2021. Regarding cybersecurity best practices on April 2021, EBSA issued a cybersecurity guidance for benefit plan fiduciaries and service providers. ERISA requires plan fiduciaries to take necessary safety measures to reduce cybersecurity risk, EBSA’s three types of guidance are directed at benefit plan sponsors, fiduciaries, record keepers, and participants. With the new guidelines EBSA clarifies that cybersecurity guidance applies to ERISA covered health and welfare plans. EBSA clarifies that ERISA plan sponsors and fiduciaries, as well… Read More
Continue Reading