Partner Anna Copestake comments in The Sunday Times on trustee accountability in relation to scheme data security
In 2021, organisations of every ilk are faced with an ever-evolving cyber-threatscape and pension schemes are not exempt. It’s surely only a matter of time before we start reading about a noteworthy uptick in the number of major incidents involving the pension sector. Unless, that is, cybersecurity measures are built into the foundations of pension providers to make meaningful reductions to risk.
The legal liability perspective cannot be overstated. Anna Copestake, commented:
“Trustees are ultimately accountable for the security of their scheme data, it was not a ‘once and done’ job when the General Data Protection Regulation came into force in 2018. They need to remain aware of the cyber-footprint of their scheme and the impact any breach could have. They should have regular training to keep pace with the evolving risks and regulatory expectations. Legal obligations must be met, which includes having adequate oversight of third-party service providers.”
Read Anna’s comments in The Sunday Times via Raconteur.
The views in this article are intended for general information purposes only and should not be used as a substitute for professional advice. Arc Pensions Law and the author(s) are not responsible for any direct or indirect result arising from any reliance placed on content, including any loss, and exclude liability to the full extent. Always seek appropriate legal advice from a suitably qualified lawyer before taking, or avoiding taking, any action. If you have any questions on the points raised in the above, please do not hesitate to get in touch.