Wearable devices such as smart watches and fitness trackers have become increasingly popular as the technology matures and the devices become more affordable. Many forward-thinking employers, with an eye towards controlling health costs, have implemented or are considering implementing wellness programs that use wearable devices to track employee fitness and incentivize healthy behaviors. While employer-sponsored wellness programs can be an effective means of limiting such costs, employers must be cognizant of the issues this data collection can pose. Creating and implementing policies regarding the use of employee fitness data can both protect the employer from potential claims and provide clarity to the employee.
Employers must initially consider what data is collected, who owns that data, and who has the right to view or share that data. Many popular wearable devices do much more than merely count the number of steps taken daily. Devices can monitor obvious signifiers of health such as heart rate or blood pressure. Devices may also collect and store other data. For example, a device used to log miles walked may also be storing GPS data, providing an electronic roadmap of where an employee has been. Employers must first become aware of precisely what data is collected in order to draft sensible policies regarding its use.
Once an employer understands the universe of data that is collected, an employer must next consider the ownership and user rights to that data. For example, Fitbit, one of the market leaders in wearables, shares aggregated data with its partners and the public, albeit in a de-identified manner. Fitbit also reserves the right to share personally identifiable information in connection with a sale or reorganization of the company, and further reserves the right to disclose information pursuant to a subpoena if Fitbit believes it is reasonably necessary to do so. See Fitbit Terms of Service. An employer that encourages its employees to use the devices and services that companies like Fitbit offer should be aware of the potential methods by which employee data may be disclosed.
Employers should also consider how wellness data could be used in potential claims when crafting use policies and whether data collection runs afoul of any applicable state or federal laws. For example, if an employer is penalizing sedentary employees but rewarding those who are most active, a disgruntled employee might be tempted to bring a discrimination claim. Additionally, if an employer is a HIPAA-covered entity, it must make certain that personal health information is not impermissibly disclosed. Furthermore, an employer must make sure that collected health information does not constitute an impermissible medical examination of its employees under the Americans with Disabilities Act.
Employer-sponsored wellness programs and the use of wearable devices can provide real benefits to both employee health and employer bottom lines. Wise employers should carefully draft policies to make sure employee data is protected and all applicable laws are complied with. Accordingly, it is best to consult with an experienced attorney to assist in drafting appropriate policies and navigating this emergent legal terrain.