Cyberattacks have managed to invade all walks of life, and employee benefit plans are no exception. When a plan is attacked, the fallout can be overwhelmingly expensive and burdensome to correct. Many plan sponsors are purchasing cyber liability insurance coverage to supplement their data security measures. Understanding those policies – and their exclusions – is important for sponsors who are exploring such coverage.
The Department of Labor has issued final regulations under Section 503 of ERISA that purport to enhance the disability benefit claims and appeals process for plan participants. These regulations amend the DOL’s disability claims procedure regulations issued in 2002. The new regulations generally affect the procedures for filing disability benefit claims, providing notice of adverse benefit determinations, and appealing adverse benefit determinations.
Under both ERISA and the Internal Revenue Code, certain transactions involving qualified retirement plans and “disqualified persons” or “parties in interest” (such as a plan trustees) are prohibited. One example of a “prohibited transaction” involves a plan fiduciary (e.g., plan trustee) using plan assets to purchase property for his own benefit or as an indirect loan because he cannot afford the purchase without the plan assets (ERISA § 406).
The United States Supreme Court’s decision on October 6, 2014, to deny review of various appellate court rulings (including the Tenth Circuit, the federal appeals court covering Colorado), which had struck down bans on same-sex marriage as unconstitutional, effectively legalized same-sex marriage in the state of Colorado.
On January 25 2013, the Department of Health and Human Services (HHS) issued its final Omnibus Rule, mandating, among other things, that covered entities update their Business Associate Agreements (“BAAs”) with service providers who maintain, utilize, or come into contact with protected health information (“PHI”). Group health plans are considered covered entities and the Omnibus Rule’s expansion of the definition Business Associate meant that several plans entered into BAAs with a variety of service providers by or before last September.