ERISA Benefit Plans: Addressing and Preventing a Data Breach
|OnDemand Webinar||$209||Add to Cart|
Find out how to prevent a plan data breach and what to do if one occurs.
Companies experience data breaches every day, but when they affect the company's benefit plans there are some unique issues to consider. This is particularly true when the plans are subject to ERISA and HIPAA. Questions concerning the application of ERISA preemption, determining who is responsible for the breach response, and related issues often can unduly delay the breach response. This topic will help businesses, and in particular their HR, legal and benefits leaders to understand the nuances ERISA and HIPAA raise when a data breach affects covered plans. Learn best practices for avoiding a breach and, should one happen, how to respond.
AuthorsJoe J. Lazzarotti, Esq., Jackson Lewis P.C. Damon W. Silver, Esq., Jackson Lewis P.C.
Unique Data Security Considerations for ERISA Plans
• What Is an ERISA Plan?
• Why Are Group Health Plans Special?
• What Is ERISA Preemption and Why Is It Important?
• Vendor Management and Contracting
Best Practices for Preventing Plan Breaches
• Assess Risk to Plan Data
• Policies and Procedures
• Implementation, Training and Turnover
• Plan Documents
• Vendor Management
• Periodic Review
Summary of Data Breach Statutes and Regulations
• HIPAA, State Laws, EU
• Basic Structure
- Key Definitions
- Risk of Harm
- HIPAA Carve Outs
- State Agency Notifications
- Credit Monitoring, Remediation
Addressing a Plan Breach
• Be Prepared
• Cyber Coverage
• Internal Challenges for the HR/Benefits Professional
• Coordinating External Resources
• Special Issues With Vendor/Carrier Breaches