We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Breaches Within Breaches: The Crossroads of ERISA Fiduciary Responsibilities and Data Security.
- Authors
MORAN, GREGG
- Abstract
Although the drafters of the Employee Retirement Income Security Act of 1974 ("ERISA") likely could not have anticipated the data security issues of the twenty-first century, ERISA's duty of prudence almost certainly requires employee benefit plan fiduciaries to protect sensitive participant data in at least some manner. This Article suggests the Department of Labor should issue a regulation clarifying fiduciaries' data security obligations. Given that fiduciaries are in the best positions to recognize their plans' individual security needs and capabilities, the regulation should not attempt to micromanage fiduciaries' substantive data security policies; rather, it should focus on the procedures by which they adopt their substantive policies. In addition to promoting specially tailored policies for protecting sensitive participant data, this regulation would resolve much of the confusion surrounding the application of ERISA to the data security field.
- Subjects
UNITED States; DATA security failure laws; EMPLOYEE Retirement Income Security Act of 1974; FIDUCIARY responsibility; EMPLOYEE benefit laws; DATA security laws; PRUDENCE; TRUSTS &; trustees; UNITED States. Dept. of Labor
- Publication
University of Miami Law Review, 2019, Vol 73, Issue 2, p483
- ISSN
0041-9818
- Publication type
Article