Register Online - Add to Cart
Product ID: 396582EAU
Credit & Course Provided by:

ERISA Benefit Plans: Addressing and Preventing a Data Breach

OnDemand Webinar (88 minutes)

Find out how to prevent a plan data breach and what to do if one occurs.

Companies experience data breaches every day, but when they affect the company's benefit plans there are some unique issues to consider. This is particularly true when the plans are subject to ERISA and HIPAA. Questions concerning the application of ERISA preemption, determining who is responsible for the breach response, and related issues often can unduly delay the breach response. This topic will help businesses, and in particular their HR, legal and benefits leaders to understand the nuances ERISA and HIPAA raise when a data breach affects covered plans. Learn best practices for avoiding a breach and, should one happen, how to respond.


Joe J. Lazzarotti, Esq., Jackson Lewis P.C. Damon W. Silver, Esq., Jackson Lewis P.C.


Unique Data Security Considerations for ERISA Plans

• What Is an ERISA Plan?

• Why Are Group Health Plans Special?

• What Is ERISA Preemption and Why Is It Important?

• Vendor Management and Contracting

Best Practices for Preventing Plan Breaches

• Assess Risk to Plan Data

• Policies and Procedures

• Implementation, Training and Turnover

• Plan Documents

• Vendor Management

• Periodic Review

Summary of Data Breach Statutes and Regulations

• HIPAA, State Laws, EU

• Basic Structure

- Key Definitions

- Risk of Harm

- HIPAA Carve Outs

- State Agency Notifications

- Credit Monitoring, Remediation

Addressing a Plan Breach

• Be Prepared

• Cyber Coverage

• Internal Challenges for the HR/Benefits Professional

• Coordinating External Resources

• Special Issues With Vendor/Carrier Breaches