Benefit Plan Cybersecurity Considerations: A Recordkeeper and Plan Perspective

Thumbnail Image

Files

FinTech_Chapter_06___Rouse_et_al.pdf (157.35 KB)

Related Collections

Wharton Pension Research Council Working Papers

Degree type

Discipline

Subject

Cybersecurity
Personally Identifiable Information (PII)
benefit plans
data security
robo-advisor
Economics
Finance

Funder

Grant number

License

Copyright date

Distributor

Related resources

Permalink

https://repository.upenn.edu/handle/20.500.14332/43987

Author

Contributor

Abstract

The U.S. has no comprehensive national law governing cybersecurity and no uniform framework for measuring the effectiveness of protections, though retirement plan record keepers maintain the personally identifiable information on millions of workers, collecting names, birth dates, social security numbers, and beneficiaries. Plan sponsors frequently engage consultants and attorneys to help them secure sensitive data, but more work is necessary to engage a larger discussion around this issue. The SPARK Institute has outlined a flexible approach for an independent third-party reporting of cyber security capabilities with several key control objectives.

Advisor

Date Range for Data Collection (Start Date)

Date Range for Data Collection (End Date)

Digital Object Identifier

Series name and number

Publication date

2018-12-01

Volume number

Issue number

Publisher

Publisher DOI

Journal Issues

Comments

The published version of this working paper may be found in the 2019 publication: The Disruptive Impact of FinTech on Retirement Systems (https://pensionresearchcouncil.wharton.upenn.edu/the-disruptive-impact-of-fintech-on-retirement-systems/)

Recommended citation

Collection

Working Papers

DSpace software copyright © 2002-2026 LYRASIS