Cybercrime and Benefits Plans
May 24, 2022
According to recent estimates from the University of Maryland, there is a cyberattack every 39 seconds. Data breaches and cyberattacks are daily headlines—and employee benefits plans are no exception to that threat.
In fact, employee benefits plans are even more vulnerable as the coronavirus pandemic continues. Organizations and benefits providers are relying heavily on electronic access, ultimately creating new vulnerabilities.
The Risks
Virtually any type of employee benefits plan is vulnerable to hackers. The plans can be exposed to risks relating to privacy, security and fraud.
Retirement, savings and health plans are attractive targets for cybercriminals seeking access to plan assets and the personal information of participants and beneficiaries. Sensitive information is valuable information when it comes to cyberattacks.
Benefits plans are at risk as a result of the following factors:
- Personally identifiable information such as Social Security numbers, birthdates and email addresses have significant value to hackers. That information can be misused over a long period of time since it is permanently associated with an individual.
- Financial information, including enrollment data, account balances, direct deposit information and compensation are highly attractive. Hackers could target those online accounts to request loans, distributions and withdrawals.
- Lastly, there are multiple attack points for hackers since benefit plans are connected to several outside service providers, such as those that offer retirement plans, health insurance, vision insurance, dental insurance, short-term or long-term disability insurance, and flexible spending accounts.
Some examples of cyberthreats include phishing, malware and ransomware attacks. Lost or stolen mobile devices, laptops and flash drives that hold personal information are additional tangible threats to benefits plans.
The Consequences
Cyberattacks on benefits plans can have substantial consequences for all parties involved. Consider the following:
- Significant costs may be incurred in detecting the extent of the breach, investigating and managing the incident response, recovering compromised data and restoring overall system integrity.
- The theft of personally identifiable information and other plan assets may result in monetary losses to participants, beneficiaries, the plan, the plan sponsor and service providers.
- Organizations may experience operational disruption and reputation damage as a result of a security breach. Additional costs will be incurred to respond to and resolve either of those issues.
- Breaches of health plans may result in potential violations of the federal law that restricts release of medical information, exposing the plan sponsor and service providers to fines.
Mitigating Risks
As many employees and providers may be working from home, it’s especially important to understand cyberthreats and how to proactively protect sensitive organization and employee information. To mitigate cyber risks, consider the following measures:
- Properly monitor technology. To better protect and control data, it’s important to maintain up-to-date technology across the organization. Identify current vulnerabilities by conducting a gap analysis, penetration testing or other assessments.
- Educate employees. Start with properly training employees, especially those who are working remotely, on how to handle personnel data. This could be as simple as compiling and sharing cybersecurity tips. Think about physically protecting electronic devices and information (e.g., locking laptops and hiding information on camera) in addition to secure document storage and destruction. Pay special attention to common risks like passwords, attachments and Wi-Fi networks. Employees should always be vigilant, but may have their guards down while working from home.
- Educate participants. Similar to the points above, it’s important to educate participants about cybersecurity and different kinds of potential threats. It’s a good idea to thoroughly explore and ask questions about service providers’ security policies.
To shift cyber risks, consider the following measures:
- Review contracts. Legacy contracts don’t consider modern-day cyber risks. It’s important to review contractual arrangements to ensure vendors provide an appropriate level of protection against cyber risks.
- Obtain comprehensive insurance policies. Cyber liability insurance covers financial losses that result from data breaches and other cyber incidents. Most policies include both first-party and third-party liability coverages. It’s important to review and understand business insurance policies to understand whether additional coverage is needed.
With many employees working remotely as a result of the pandemic, plan sponsors should consider updating work-from-home policies to include cybersecurity clauses.
Other Considerations
Open enrollment season is a good time to carefully review organization and vendor security technology and policies, along with any contracts, insurance or other coverage. All parties involved should have adequate data protection strategies in place.
Always be prepared for the worst to happen. In the unfortunate event of a security breach, it’s important to be prepared with a basic communication and action plan. Even better, incorporate security breaches in an organization’s comprehensive reputation management plan. Keep in mind all internal and external audiences, and appropriate actions to protect information and restore overall system integrity. If not handled quickly and appropriately, reputational damage could be an additional threat to all parties involved in employee benefits plans.
Click here to download a pdf of the Top Tips to Avoid Cyberattacks.
To learn more about mitigating cyber risks in today’s digital world, contact SimcoHR today.
Sign up for our newsletter.
Navigating health insurance options can feel overwhelming, especially with all the terms and guidelines around coverage and affordability. At Simco, we want to help you and your employees make sense of it all, from understanding what qualifies as credible coverage to how affordable coverage is determined, and what the income limits mean for Marketplace tax credits in 2025. What Is Credible Coverage? Credible coverage refers to health insurance plans that meet or exceed the minimum standards set by government regulations. This is important because if you have credible coverage, you generally don’t qualify for premium tax credits through the health insurance Marketplace. Examples of credible coverage include: Employer-sponsored group health plans Medicare and Medicaid Certain veterans’ health plans Individual health insurance plans that meet minimum essential coverage standards Most employer-sponsored health plans, whether from small businesses or large corporations, are considered credible coverage. This means if you or your employees have health insurance through your job, it likely meets these standards, protecting you from paying unnecessary penalties and possibly disqualifying you from claiming Marketplace subsidies. Why does credible coverage matter? Because if you already have credible coverage, you generally won’t qualify for premium tax credits on Marketplace plans. The government uses this benchmark to ensure people aren’t “double-dipping” by receiving subsidies when they already have adequate insurance. What Does Affordable Coverage Mean? Affordable coverage refers to the cost threshold for employer-provided health insurance that determines if it’s affordable relative to your household income. The IRS sets this threshold annually, and for 2025, the maximum employee-only premium cost to be considered affordable is 9.02% of your household income . Here’s how it works: If the monthly premium you pay for employee-only coverage is less than 9.02% of your household income, your coverage is deemed affordable. If it costs more, you or your employees may be eligible for Marketplace subsidies or tax credits if you choose to enroll there instead. This affordability standard helps employees understand if they have access to reasonably priced insurance through their employer or if Marketplace options might be a better fit financially. Income Guidelines for 2025 Marketplace Tax Credits To qualify for premium tax credits that help lower the cost of Marketplace health insurance, your household income must fall within certain federal poverty level (FPL) ranges. For 2025, individuals and families with household incomes between 100% and 400% of the federal poverty level may be eligible for these credits. The exact dollar amounts vary depending on your household size and location, but generally, the lower your income within this range, the greater your potential tax credit. These credits are designed to make health insurance more accessible and affordable for people who do not have credible or affordable coverage through an employer. Why This Matters as the 2025 Annual Enrollment Period Approaches With the 2025 Annual Enrollment Period (AEP) approaching soon (October 15 to December 7), it’s the perfect time to review your Medicare coverage and evaluate your options. Many people discover that their current plans may no longer be the best fit, or that marketplace options and tax credits could help bridge coverage gaps. Simco is here to guide you and/or your employees through the complexities of health insurance during AEP and beyond. We’ll assess your situation, explain your options, and guide you through enrollment with confidence. Have questions? Contact us today! We’ve got you covered.
At Simco, we’re always looking for ways to bring more value to the businesses we serve. Now, we’re excited to announce a powerful new addition to our suite of advisory services: Simco Financial , our new investment advisory division focused on business retirement plans. “This is a big step forward for us,” said Marc Simmons, founder and CEO of Simco. “Just like we’ve built strong advisory support around HR and benefits, we’re now doing the same for retirement. Simco Financial gives our clients direct access to licensed investment advisors, right from within the Simco ecosystem.” Why We’re Expanding Into Investment Advisory For many business owners, offering a retirement plan is a key part of attracting and retaining top talent. But navigating the complex world of 401(k)s, fiduciary responsibilities, and investment options can be overwhelming, especially when it’s not your day job. “We believe the retirement plan is an incredibly important part of the life cycle of a business,” Simmons explained. By bringing licensed investment advisors in-house, Simco can now deliver unbiased guidance on a range of retirement solutions, from custom 401(k) plans to products like the Simco PEP (Pooled Employer Plan). Whether clients are starting a new plan or reevaluating an existing one, they’ll now have a dedicated advisor to support them from strategy through implementation. What This Means for Our Clients “This advisory service is completely unbiased,” Simmons emphasized. “The PEP, which we often promote, is just one of the products we offer. Our team is here to advise on whatever platform or solution is truly best for your business.” In other words: you’re not locked into a one-size-fits-all option. Simco Financial advisors work with your goals in mind and help ensure your retirement plan is compliant, cost-effective, and competitive. What’s Next? For now, Simco Financial is focused on group retirement plans for businesses . Individual investment services are on the horizon, but not yet available. “We’re starting with the group side,” said Simmons. “But stay tuned, there’s more to come.” With this move, Simco is continuing to expand its value to clients as a true one-stop advisory partner . From HR and benefits to now retirement planning, businesses can get the support they need: simplified, centralized, and personalized. Disclosures: Simco Financial is a registered investment advisor and a division of Simco. Investment advisory services are offered through Simco Financial only to clients or prospective clients where Simco Financial and its representatives are properly licensed or exempt from licensure. The information provided herein is for educational and informational purposes only. Investment and Insurance Products Are: Not Insured by the FDIC or Any Other Government Agency Not a Deposit or Other Obligation of, or Guaranteed by, Any Bank or Bank Affiliate Subject to Investment Risks, Including Possible Loss of Principal Simco's Pooled Employer Plan (PEP) is offered through Simco HCM. Investment advisory services related to the PEP are provided by Simco Financial. Insurance products are sold through Simco Capital, which is licensed in the state of New York.
Open enrollment season: the yearly juggling act of compliance, employee questions, and endless paperwork. If you’re still managing benefits with spreadsheets, emails, and disconnected systems, it’s time for a serious upgrade. At Simco, we’ve seen firsthand how automating open enrollment through a unified Human Capital Management (HCM) platform makes life easier for HR teams and employees alike. Here are five reasons why your business should make the switch, and why your workforce will thank you. 1. Slash Errors and Save Time with Automation Manual benefits administration? It’s a recipe for costly mistakes and wasted hours. A unified HCM platform syncs data instantly across HR, payroll, and insurance, cutting out double entries and compliance slip-ups. That means fewer headaches for your HR team and more accurate payroll deductions for you. What you get: Real-time updates when employees change status or eligibility Automatic compliance checks Less time answering repetitive benefits questions 2. Give Employees a Smooth, Self-Service Experience Your employees live on their phones (whether it’s banking, booking appointments, or shopping). Benefits enrollment should be just as easy. With a single login, employees can compare plans, enroll, and update info anytime, anywhere. Bonus: AI-powered decision tools make choosing the right coverage simpler than ever. Why it matters: Boosts employee confidence, satisfaction, and engagement Fits their busy schedules, not yours Simplifies benefits communication and reduces HR support requests 3. Stay Compliant Without the Last-Minute Scramble Open enrollment comes with a complex web of federal, state, and local regulations that must be followed precisely. From tracking Affordable Care Act (ACA) requirements to managing COBRA eligibility and distributing mandatory notices, the compliance checklist can quickly become overwhelming, especially when benefits data is scattered across spreadsheets, emails, and disconnected systems. Without a centralized platform, HR teams often find themselves scrambling at the last minute to gather accurate information, complete audits, and submit reports, putting the organization at risk for costly penalties and damaging employee trust. A comprehensive HCM system builds compliance into the process from the ground up. Eligibility rules, coverage limits, and regulatory requirements are automatically enforced and updated, minimizing human error and ensuring you stay ahead of deadlines and regulatory changes, reducing stress and protecting your business. 4. Stand Out in a Competitive Talent Market Benefits remain one of the most powerful ways to demonstrate to your employees that they are valued. However, a confusing or frustrating enrollment process can quickly undo that goodwill, leading to disengagement and even turnover. In today’s competitive job market, providing a seamless benefits experience is no longer optional, it’s essential. According to our HCM technology partner isolved’s 2025 Workforce Report: 50% of employees say they would seriously consider looking for a new job following a poor open enrollment experience. 90% of job seekers actively compare benefits packages before accepting a job offer, often prioritizing ease of access and clarity. This means that a complicated or outdated enrollment process isn’t just an inconvenience, it’s a real risk to your ability to attract and retain top talent. Investing in a user-friendly, automated benefits platform helps position your company as a modern employer of choice, showing that you care about your employees’ experience every step of the way. 5. Free Up Valuable Time for Your HR Team Open enrollment season often means an overwhelming amount of compliance tasks, employee questions, and administrative work, all on a tight deadline. When benefits management is manual or spread across multiple disconnected systems, it drains your HR team’s time and energy. Automating open enrollment with a unified platform reduces the need for repetitive data entry and minimizes errors, which means fewer fire drills and less time spent fixing problems. This allows your HR professionals to shift their focus from paperwork to higher-value activities like employee engagement, strategic planning, and talent development. In other words, the right technology doesn’t just streamline processes, it gives your HR team the bandwidth to do what really matters: support your people and help your organization thrive. Ready to leave enrollment headaches behind? Get in touch with us today to see how a unified HCM platform can transform your benefits process, making it easier, smarter, and more employee-friendly.
