The loss of Americans’ privacy through the growing use of their data continues to be a major topic in the media. This focus is now turning to the retirement industry.

Plan and participant data plays a key role in our retirement system – from the basic operation of retirement plans, to designing wellness solutions, implementing distributions and beyond. Almost all aspects of plan operation and participant interaction rely on data.

Notably, plaintiffs’ lawyers have begun to focus on privacy issues as well. To begin to prepare for a world where data could be a key compliance consideration, there are three basic questions that advisors can begin to ask now to begin to develop a framework for navigating the interaction of privacy and retirement.

The Legal Framework

The first question is: Which legal rules govern the use of retirement plan and participant data?

Often, the answer can depend on the exact data and exact usage, but key rules to keep in mind include the following.

ERISA. ERISA sets out rules relating to the use of “plan assets.” A key question is whether data is a plan asset. In two recent cases, we now have conflicting signals. In one case involving Northwestern University, the court dismissed claims implicating plan data as a plan asset. In another case, involving Vanderbilt University, the settlement inckluded an agreement to limit the use of plan data by the plan recordkeeper on a go-forward basis. (Note that settlements do not constitute binding law.)

Read more @NAPA