During the 2013 holiday shopping season, I was one of the millions of shoppers affected by the Target data breach. Fortunately, no fraudulent charges were posted to my card(s). I quickly received new debit and credit cards from my bank, but it was an inconvenience to update settings for automatic debits from my accounts and stored credit card numbers on frequently used websites.

The risk of a privacy breach extends far beyond individual consumers like me. Pension and benefit plan sponsors must be aware of the very real threat of a privacy breach as they are entrusted with their members’ highly personal information such as birth dates, medical histories, beneficiaries and more.


Sadly, many of us have been affected by a privacy breach in one way or another. I appreciate the convenience of online banking and shopping, but I’m always a little unsettled when I hear about some retailer or bank being hacked. With the extensive amount of personal information plan sponsors must store, the thought of a breach of that data is even more alarming.

In the May/June issue of Plans & Trusts, author Fazila Nurani points out that most privacy breaches are “caused by inadequate information-handling practices and simple human errors.”

[Related: Steps for Avoiding a Privacy Breach]

She quotes Ann Cavoukian, Ontario’s former information and privacy commissioner: “The incidence of identity theft has skyrocketed largely because of poor information management practices by organizations, especially relating to data storage and retention, coupled with the explosive collection of personal information.”

Nurani suggests five key steps for reducing a plan sponsor’s risk of a privacy breach:

  1. Create accountability.
  2. Develop working policies and procedures.
  3. Establish personal information safeguards.
  4. Create a privacy training program.
  5. Monitor compliance.

It’s likely impossible to avoid the risk of a privacy breach completely but, as Nurani points out, it’s vital that plan sponsors minimize their risk as much as possible by developing and strengthening a privacy management program.

Kathy Bergstrom
Editor, Publications at the International Foundation






Kathy Bergstrom, CEBS

Editor, Publications at the International Foundation

Favorite Foundation service/product: Benefits Magazine and Plans & Trusts

Benefits related topics that interest her most: Financial literacy, health and wellness programs

Favorite Foundation conference moment: Hearing attendees sing “O, Canada” at Canadian Annual in addition to hearing the anthem sung in both French and English.

Personal Insight: Whether she’s collecting information for a magazine story or hanging out with her family and friends, you know Kathy is fully engaged. Her listening ear and introspective nature provide reassuring presence to those enjoying her company.

Recommended Posts

Legal & Legislative Reporter: Medical Provider May Not Bring Claim on Behalf of Participants and Beneficiaries

Guest Contributor

Every month, the International Foundation releases the Legal and Legislative Reporter, a compilation of new employee benefits–related case summaries. Below is a summary we thought you’d be interested in. Content provided by Morgan, Lewis & Bockius LLP. The U.S. District Court for the […]

Five Steps to Nurture Belonging in the Workplace

Guest Contributor

Benefits Magazine Extras articles provide you with bonus content on a mix of benefits topics as well as deep dives and analyses on the latest benefit trends and compliance issues. Visit ifebp.org/benefitsmagazine to see the latest Benefits Magazine Extras as well as the bimonthly print […]

Navigating Uncertainty

Christine Vazquez, CEBS

In today’s business environment, change is constant. Earning a Certified Employee Benefit Specialist® (CEBS®) designation can help benefits professionals improve their ability to manage organizational change. The self-study CEBS courses provide critical knowledge and skills to scan the environment and strategically tailor benefit […]

DOL Guidance on Mental Health Parity: Proposed Rules for NQTL Comparative Analyses

Jenny Gartman, CEBS

Many health plan sponsors continue to struggle to comply with the Mental Health Parity and Addiction Equity Act (MHPAEA), particularly the requirement to conduct a comparative analysis of nonquantitative treatment limitations (NQTLs) that has been effective under the 2021 Consolidated Appropriations Act […]