The California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, went into effect on January 1, 2020. The CCPA placed significant limitations on the collection and sale of a consumer’s personal information and provides consumers new and expansive rights with respect to their personal information.
Less than one
Individuals who serve as a fiduciaries to their company’s retirement plan often feel they may not be sufficiently informed or qualified to make prudent decisions for the plan. They might ask themselves: “How do I know which are prudent investments?” or “What amount of plan fees are ‘reasonable’”? Now, the DOL is requiring plan fiduciaries
In April, we posted about the U.S. Department of Labor’s (DOL) Employee Benefits Security Administration (EBSA) issuing cybersecurity guidance for employee retirement plans. That is, April 14, 2021. Shortly thereafter, the DOL updated its audit inquiries to include probing questions for plan fiduciaries about their compliance with “hot off the press” agency guidelines.
So, what
By now, plan fiduciaries and their service providers likely have heard about the DOL’s cybersecurity guidance. The Department of Labor’s stepping into cybersecurity in this way – a posting of best practices on the agency’s website – has left plan fiduciaries with some questions. Here are a few:
Today, the U.S. Department of Labor’s Employee Benefits Security Administration (EBSA) issued much anticipated cybersecurity guidance for employee retirement plans. This comes more than four and a half years after the ERISA Advisory Council, a 15-member body appointed by the Secretary of Labor to provide guidance on employee benefit plans, shared with the federal
When California voters approved Proposition 24, the California Privacy Rights Act (CPRA), on November 3, 2020, the result was to substantially amend the California Consumer Privacy Act (CCPA) which became effective only 10 months earlier. We outlined the basic rules for determining when the CCPA applies, and summarize here the changes made by
One of the last things pension plan participants would want to learn as they get ready to celebrate the Christmas holiday is that personal data from their pension accounts may have been compromised. This is the case, unfortunately, for approximately 30,000 Now:Pensions customers whose names, postal and email addresses, birth dates and the equivalent of
With the California Consumer Privacy Act (CCPA) now in effect (January 1, 2020) and enforceable by California’s Attorney General (“AG”) (July 1, 2020), the AG has published Frequently Asked Questions (FAQs). Designed to aid consumers in exercising their rights under the CCPA, the FAQs also contain helpful reminders for businesses and service providers regarding
A little more than one year ago, we reported on a settlement (Cassell et al. v. Vanderbilt University, et al.) involving the alleged wrongful use of personal information belonging to retirement plan participants, claimed to be “plan assets.” This year, similar claims have been made against Shell Oil Company in connection with its 401(k) plan.
Wrongful use of retirement plan participant data was among the claims made by a class of 40,000 participants against the plan sponsor and others in Cassell et al. v. Vanderbilt University et al. Specifically, the plan participants claimed that the University inter alia breached its “loyalty and prudence” duty by failing to protect confidential employee