With the world becoming more technologically advanced, we are finding ourselves producing and collecting data in all aspects of our lives. Although much of this data is collected for beneficial reasons, it comes with a trade off of privacy. Whether it is the tracking of GPS locations, web search history, or device usage, another party can view the data collected for different purposes. The latest trend in data collection is in the health technology sector and it is growing exponentially.
Health monitoring devices are projected to grow from $372 million in 2013 to $16 billion in 2023.[1] These devices are growing in popularity due to their ability to not only monitor the user’s health in real time but their ability to provide insights on the user’s health parameters to his or her physician. Individual consumers are not the only ones utilizing this technology, as surveys found that 35 percent of employers are currently using wearable devices for their employees’ wellness programs.[2] Currently, about 44 percent of employers use this data to strategically plan their employee wellness programs with their employees’ health benefits in mind.[3] However, there are growing concerns of other uses of this data by employers, such as during times when employers need to make hiring and promotion decisions.[4]
With costs of insurance and future production by the employee in mind, the employers use of devices that can track an employee’s sleep patterns, physical activities, or mood can be used to make employment decisions.[5] This is especially concerning if the tracking of this data is mandatory. Some employers are already guising participation in these wellness programs as “voluntary,” however the structure of these programs makes it seem less optional than facially advertised. For example, even though CVS Pharmacy calls their plan “voluntary,” they demand that all employees provide health data through their wellness program or otherwise face a monthly fine.[6] Some employers, such as BP, even use employees’ health information to adjust health care premiums according to the amount of the employees’ physical activity.[7] This data provides a substantial benefit to employers through cost savings and productivity levels at the cost of potential employment decisions, discrimination, and invasion of employees’ privacy rights.[8]
The legality of this practice by employers and questions of privacy protections of employees are a major concern. Discrimination by an employer based on the employee’s health data does not seem to be protected under the Americans with Disabilities Act (ADA).[9] So if an employer decides to discriminate against an employee on the basis of their collected data, the employee may not be protected. Privacy law does not seem to offer protection to employees in this situation as well.
Although the Health Insurance Portability and Accountability Act (HIPPA) was designed to protect patients’ health information, it does not protect the kind of data that health monitoring devices provide.[10] This is a concern especially when the data is passed from the employee to a third party that is not a health care provider, as it falls outside the statutory HIPAA protections against health care providers, employers, or health care clearinghouses.[11] Third party startups, that do not fall under the definitions provided by HIPPA, are gradually being used by employers to collect their employees’ health data for them.[12] The lack of the employees’ data being kept private by HIPPA along with the concern of potential hacking of this data held by third parties is likely to be an emerging issue.
A change in employment and privacy law is necessary to address these rising issues. Protection of employees from discrimination on the basis of their health can begin from amendments to current statutes, specifically the ADA, to include data collected from employer wellness programs. Similarly, privacy statutes, such as HIPPA, should have definitions amended to include third party startups as types of organizations HIPPA protects individual’s privacy from. While the use of health monitoring devices may benefit both employers and employees, the rapid increase in the use of this technology calls for an immediate review of current policies.
Albert Roh is a second-year law student at Benjamin N. Cardozo School of Law and a Staff Editor of the Cardozo Arts & Entertainment Law Journal. He has background in tech startups and has an interest in intellectual property, startups, brand development, and real estate.
[1] Carole Jacques, Mobile Health Devices Market To Grow 8-Fold to $41.8 Billion in 2023, Lux Res. (July 1, 2014), http://www.luxresearchinc.com/news-and-events/press-releases/read/mobile-health-devices-market-grow-8-fold-418-billion-2023.
[2] Thomas Beaton, 35% of Employers Use Wearable Devices for Wellness Programs, mHealthIntelligence (April 27, 2017), https://mhealthintelligence.com/news/35-of-employers-use-wearable-devices-for-wellness-programs.
[3] Id.
[4] Brown, Elizabeth A. The Fitbit Fault Line: Two Proposals to Protect Health and Fitness Data at Work, 16 yale J. of Health Pol., L., and Ethics 1, 20 (2016).
[5] Id. at 5.
[6] Id.
[7] Id.
[8] Id. at 6.
[9] 42 U.S.C.A. § 12112 (2009).
[10] Brown, supra note 4 at 24.
[11] See 45 C.F.R. § 160.103; Id. at 25
[12] Brown, supra note 4 at 18.
