Benefit Plan Cybersecurity Considerations: A Recordkeeper and Plan Perspective
Loading...
Penn collection
Wharton Pension Research Council Working Papers
Degree type
Discipline
Subject
Cybersecurity
Personally Identifiable Information (PII)
benefit plans
data security
robo-advisor
Economics
Finance
Personally Identifiable Information (PII)
benefit plans
data security
robo-advisor
Economics
Finance
Funder
Grant number
License
Copyright date
Distributor
Related resources
Author
Rouse, Timothy
Levine, David
Itami, Allison
Taylor, Benjamin
Contributor
Abstract
The U.S. has no comprehensive national law governing cybersecurity and no uniform framework for measuring the effectiveness of protections, though retirement plan record keepers maintain the personally identifiable information on millions of workers, collecting names, birth dates, social security numbers, and beneficiaries. Plan sponsors frequently engage consultants and attorneys to help them secure sensitive data, but more work is necessary to engage a larger discussion around this issue. The SPARK Institute has outlined a flexible approach for an independent third-party reporting of cyber security capabilities with several key control objectives.
Advisor
Date Range for Data Collection (Start Date)
Date Range for Data Collection (End Date)
Digital Object Identifier
Series name and number
Publication date
2018-12-01
Volume number
Issue number
Publisher
Publisher DOI
Comments
The published version of this working paper may be found in the 2019 publication: The Disruptive Impact of FinTech on Retirement Systems (https://pensionresearchcouncil.wharton.upenn.edu/the-disruptive-impact-of-fintech-on-retirement-systems/)