ACCESS MY ACCOUNT: Plan ParticipantPlan Sponsor

Is your Employer protecting the privacy of your 401(k) participant data?

Expect no privacy of your personal data in your 401(k), as Wall Street continues to rip off 401(k) participants through the charade of “Service Provider”, while acting as Product Peddler to fatten their profits.

Many employees are confident that their health records are kept private, because the Health Insurance Portability and Accountability Act (HIPAA) ensures that strict rules are followed by all those who handle these records.

However, the same doesn’t go for personal data in employee 401(k) accounts.

There’s no question, under ERISA, that employers have a fiduciary “Duty of Care” to ensure this data is handled with prudence.

So to get a better handle on this, employees often take a first look at the firm their employer has hired to administer their 401(k) account and ultimately protect the privacy of their 401(k) personal data.

Are they confident that their personal data in their 401(k) account is as secure as their personal data handled under HIPAA?

Unfortunately, too many soon discover there is no HIPAA equivalent for 401(k) plans. They’re not sure what’s happening with the personal data in their 401(k) accounts!

This is followed by the ugly realization that the firm, selected by their employer, to administer their 401(k) account actually has many business interests. And while they do administer 401(k) accounts, their main business is selling their own products and services to individuals.

When they were first hired to take over the 401(k) accounts, they’ve promised the employer they wouldn’t share any personal data. However, they did make one BIG exception by admitting they would share the data with other affiliated business units within their own company.

And so now, with the advantage of administering the 401(k) account (with all the personal data), they now have an inside track to sell more of their stuff to the participant.

This is called “cross-selling”

And the folks handling these 401(k) accounts (whether they work for a Bank, an Insurance Company, a Payroll Company, or a Mutual Fund Company) soon learn that part of their job is to “cross-sell” the participant some of their company’s products….all with the advantage of knowing critical personal data of the Buyer, the Participant.

And so, the participant soon finds themselves as a target market for product sales, rather than a customer to be serviced.

Enter the Courts…and the recent, unprecedented legal settlement by Vanderbilt University where it agreed to tell Fidelity Investments, their 401(k) recordkeeper, to stop using participant data for cross-selling purposes. Similarly, Northwestern University and their recordkeeper, TIAA, are in Court facing the same cross-selling issue.

Why the sudden attention by the Courts on cross-selling? Because these same recordkeepers have been forced (through free-market competition) to reduce their traditional recordkeeping fees, and now they must look to cross-sell to boost revenue.

So what can a participant do to avoid this mess, and keep their personal 401(k) data private?

  1. Make sure their employer hires a firm to administer their 401(k) account which has no other business interest, except the sole task of administration of their account. No sales, just service.
  2. Avoid hiring firms that are primarily in the business of selling products and services to individuals, such as proprietary mutual funds, insurance policies, or payroll-derived benefits.

With lower recordkeeping fee revenue, these companies know there’s more profit to be made in the business of selling, rather than serving.

Here’s a simple test…

Give the below a go to determine whether the privacy of personal data in your 401(k) is protected:

If the firm entrusted to administer your 401(k) is also in the business of selling their products to individuals, then you can expect to be regarded more as a Target rather than a Customer, because that’s where their money is made. And the sale to you becomes so much easier to make, when they know your personal data.

Cross-selling has put the participant in the crosshairs, with its first casualty being the privacy of the participant’s personal data.

Here’s what you can do…

Tell your employer you expect privacy of all your data in your 401(k) account. This begins by hiring a firm that is 100% focused on plan administration, and not looking to target the participant in the hopes of making the next sale.

Share This Story, Choose Your Platform!

Brian J. Schiedel

Principal – Retirement Plan Consulting

Brian Schiedel is responsible for monitoring daily valuation recordkeeping services, ensuring that transactions meet strict procedural guidelines, and providing compliance and other consulting services for Burke Group’s retirement plan clients. He serves as the direct Relationship Manager for more than 30 retirement plans.

Prior to joining Burke Group, he obtained his bachelor’s degree in management science from the State University of New York at Geneseo. He has also obtained the Qualified 401(k) Administrator (QKA) designation through the American Society of Pension Professionals and Actuaries (ASPPA).