During the 2013 holiday shopping season, I was one of the millions of shoppers affected by the Target data breach. Fortunately, no fraudulent charges were posted to my card(s). I quickly received new debit and credit cards from my bank, but it was an inconvenience to update settings for automatic debits from my accounts and stored credit card numbers on frequently used websites.

The risk of a privacy breach extends far beyond individual consumers like me. Pension and benefit plan sponsors must be aware of the very real threat of a privacy breach as they are entrusted with their members’ highly personal information such as birth dates, medical histories, beneficiaries and more.

5-26_reducing-risk-privacy-breach

Sadly, many of us have been affected by a privacy breach in one way or another. I appreciate the convenience of online banking and shopping, but I’m always a little unsettled when I hear about some retailer or bank being hacked. With the extensive amount of personal information plan sponsors must store, the thought of a breach of that data is even more alarming.

In the May/June issue of Plans & Trusts, author Fazila Nurani points out that most privacy breaches are “caused by inadequate information-handling practices and simple human errors.”

[Related: Steps for Avoiding a Privacy Breach]

She quotes Ann Cavoukian, Ontario’s former information and privacy commissioner: “The incidence of identity theft has skyrocketed largely because of poor information management practices by organizations, especially relating to data storage and retention, coupled with the explosive collection of personal information.”

Nurani suggests five key steps for reducing a plan sponsor’s risk of a privacy breach:

  1. Create accountability.
  2. Develop working policies and procedures.
  3. Establish personal information safeguards.
  4. Create a privacy training program.
  5. Monitor compliance.

It’s likely impossible to avoid the risk of a privacy breach completely but, as Nurani points out, it’s vital that plan sponsors minimize their risk as much as possible by developing and strengthening a privacy management program.


Kathy Bergstrom
Editor, Publications at the International Foundation

 

 

 

 

 

Kathy Bergstrom, CEBS

Editor, Publications at the International Foundation

Favorite Foundation service/product: Benefits Magazine and Plans & Trusts

Benefits related topics that interest her most: Financial literacy, health and wellness programs

Favorite Foundation conference moment: Hearing attendees sing “O, Canada” at Canadian Annual in addition to hearing the anthem sung in both French and English.

Personal Insight: Whether she’s collecting information for a magazine story or hanging out with her family and friends, you know Kathy is fully engaged. Her listening ear and introspective nature provide reassuring presence to those enjoying her company.

Recommended Posts

Mental Health Parity: What Plan Sponsors Need to Know During Period of Nonenforcement of 2024 Final Rule

Kathy Bergstrom, CEBS
 

Following the announcement last month that the Departments of Labor (DOL), Health and Human Services (HHS), and the Treasury will put a hold on enforcing the 2024 final rule on the Mental Health Parity and Addiction Equity Act (MHPAEA), health plan sponsors […]

The New Look of Virtual Care: What’s Right for Employers and Plan Sponsors?

Guest Contributor
 

Benefits Magazine Extras articles provide you with bonus content on a mix of benefits topics as well as deep dives and analyses on the latest benefit trends and compliance issues. Visit ifebp.org/benefitsmagazine to see the latest Benefits Magazine Extras as well as the bimonthly print […]

Ontario’s New Long-Term Illness Leave Takes Effect Soon: What Employers Need to Know

Amanda Wilke, CEBS
 

On December 19, 2024, Ontario’s Working for Workers Six Act, 2024 (Bill 229) received Royal Assent. Amongst the changes in the bill amending the Employment Standards Act, 2000 (ESA), was the introduction of unpaid long-term illness leave, effective June 19, 2025. While the law […]