Incident Response Plans: Be Prepared for a Data Breach

As plan fiduciaries, sponsors are ultimately responsible for data protection. That’s true even when day-to-day cybersecurity is delegated to the third-party administrator (TPA) handling benefits administration.

That’s why it’s important for sponsors of plans with outsourced administration to oversee cybersecurity and create an incident response plan.

Have a question? We have answers.

Send us a message. 

Speak with Us

Key aspects of cybersecurity oversight

Thorough oversight of outsourced cybersecurity includes these steps:

It’s also important for plan sponsors with outsourced administration to have an incident-response plan they can follow in the event of an actual data breach.

What to include in an incident response plan when you've outsourced to a TPA

You'll need an incident response plan even if you've outsourced all of your administration tasks to a TPA. To develop a meaningful incident response plan in this scenario, address all of the following:

Be prepared — and avoid finger-pointing

Monitoring outsourced cybersecurity gives you confidence that your plan data is being adequately protected.

Creating an incident response plan helps ensure you’ll be prepared to respond if plan data is breached. If you’ve outsourced functions to more than one vendor, having an incident response plan will help avoid finger-pointing among vendors in the event of a breach.

Read other insights

Pregnant Businesswoman Looking Away At Desk

Health Plan News and Strategies for Plan Sponsors: Q1 2020

Get an overview of the news and strategies health plan sponsors need to know.
Smiling Business People Shaking Hands

Segal Acquires Public Sector Consulting Industry Leader LRWL

We've signed an asset purchase agreement to acquire the business of LRWL Inc., a leader in public sector retirement systems implementation services.
African American woman pushing father in wheelchair

Tami Simon Discusses Why Employee Caregivers Matter to All

Segal's Tami Simon talks to SHRM about how improving the lives of employee caregivers helps the entire organization.

Don't miss out. Join 16,000 others who already get the latest insights from Segal.