Peter Gulia Posted February 12, 2021 Report Share Posted February 12, 2021 Because someone who uses the care, skill, and caution that would be used by one who is experienced in managing an individual-account retirement plan would be mindful of privacy and security risks (including cybersecurity risks), there is a growing consensus that a plan’s administrator must oversee prudent procedures for managing those risks. For many plans, that means getting a recordkeeper’s contract promise that it uses commercially reasonable privacy and security procedures. But even good procedures might be ineffective if a participant, beneficiary, or alternate payee does not guard carefully her identifying information. If that’s right, does a plan’s fiduciary have a responsibility to educate participants (and other individuals) about those risks? If so, what do you think an employer/fiduciary should do? Peter Gulia PC Fiduciary Guidance Counsel Philadelphia, Pennsylvania 215-732-1552 Peter@FiduciaryGuidanceCounsel.com Link to comment Share on other sites More sharing options...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!Register a new account
Already have an account? Sign in here.Sign In Now