PIT +1 412-566-1212
HAR +1 717 234-4121
info@tuckerlaw.com
Home
Attorneys
Capabilities

Capabilities

Services

Alcoholic Beverages/Liquor Licensing Arbitration, Mediation and Alternative Dispute Resolution Bankruptcy & Restructuring Business & Finance Business Succession Planning Commercial Litigation Compliance & Risk Management Criminal Defense Education Law Elder Law Employee Benefit Plans/ERISA Environmental ERISA Litigation Estates & Trusts Family Law Fiduciary Services & Risk Management Finance Franchise Government Relations Import/Export Control & Compliance Insurance Disputes Intellectual Property Labor & Employment Medical Marijuana Mergers & Acquisitions Personal Injury Privacy, Data Security & Technology Products Liability Real Estate Real Estate Transactions and Title Insurance Securities Special Needs Planning Taxation Toxic Tort and Asbestos Litigation Defense White-Collar Criminal Defense Women‘s Business Enterprise (W.B.E.) Workers’ Compensation Zoning & Land Use

Industries

Construction Energy Finance Healthcare Higher Education Hospitality Long-Term Care Manufacturing Municipal & School Non-Profit Organizations Privacy, Data Security & Technology Utilities Law Veterinary Services

Departments

Business and Finance
Business & Finance Business Succession Planning Elder Law Employee Benefit Plans/ERISA Estates & Trusts Fiduciary Services & Risk Management Finance Franchise Hospitality Intellectual Property Labor & Employment Manufacturing Mergers & Acquisitions Non-Profit Organizations Privacy, Data Security & Technology Real Estate Real Estate Transactions and Title Insurance Securities Special Needs Planning Taxation Veterinary Services
Litigation
Arbitration, Mediation and Alternative Dispute Resolution Bankruptcy & Restructuring Commercial Litigation Compliance & Risk Management Construction Criminal Defense Environmental ERISA Litigation Family Law Insurance Disputes Labor & Employment Personal Injury Products Liability Toxic Tort and Asbestos Litigation Defense White-Collar Criminal Defense Workers’ Compensation
Government and Regulatory
Alcoholic Beverages/Liquor Licensing Education Law Energy Government Relations Import/Export Control & Compliance Medical Marijuana Municipal & School Utilities Law Zoning & Land Use
Bankruptcy & Restructuring Business & Finance Commercial Litigation
News & Insights
About Us
About Our Firm
Awards
Firm Structure & Management
Historical Legacy
Law Firm Alliance Affiliation
Join Us
Associate Life
Summer Associate Program
Career Opportunities
Diversity & Inclusion
Women@Tucker
Pro Bono & Community
Diversity & Inclusion
Contact Us
Blog Logo
Blog Logo

Edward A. Wodarczyk

Of Counsel

Contact information

Email Address
(412) 594-3920
    BOOKMARK SHARE
    View All News & Insights
    BACK TO Edward A.’S PROFILE

    Cybersecurity for ERISA Retirement and Welfare Benefit Plans

    Edward A. Wodarczyk, Esq., ewodarczyk@tuckerlaw.com, (412) 594-3920

    Cybersecurity continues to be an important fiduciary responsibility as the threat for security breaches grows with fraud, hacking or phishing schemes. During this COVID-19 pandemic, cybersecurity for your ERISA retirement and welfare benefit plans becomes more important as plan participants work from home and access information remotely.  When plan fiduciaries are working with outside service providers that access and use confidential participant data, they may wish to consider the following questions that were part of an ERISA Advisory Council Report issued a few years ago.

     

    1. 1.  Does the service provider have a comprehensive and understandable cybersecurity program?
    2. 2.  What are the elements of the service provider’s cybersecurity program?
    3. 3.  How will the plan(s) data be maintained and protected?
    4. 4.  Will the data be encrypted at rest, in transit and on devices, and is the encryption automated (rather than manual)?
    5. 5.  Will the service provider assume liability for breaches?
    6. 6.  Will the service provider stipulate to permitted uses and restrictions on data use?
    7. 7.  What are the service provider’s protocols for notifying plan management in the case of a breach and are the protocols satisfactory?
    8. 8.  Will the service provider agree to regular reports and monitoring and what will they include?
    9. 9.  Does the service provider regularly submit to voluntary external reviews of their controls (such as SOC reports or a similar report or certification)?

    July 06, 2020

    Contact Now

    Get support from our trusted attorneys.

      Serving our clients successfully since 1900

      The same attributes that have anchored over a century of success are still our guiding principles today.

      Capabilities Find an Attorney

      Stay up-to-date on the latest News & Insights by subscribing to our alerts

      Enter your email address below and be notified when we post new information.