As wearable fitness trackers are gaining traction, the new Equal Employment Opportunity Commission (EEOC) rules are asking employers to slow down to make sure that the information being collected through wearables for workplace wellness programs is being used for legal purposes.
Wearable fitness trackers are provided or subsidized by 23.2% of employers according to the newly released survey by the International Foundation, Workplace Wellness Trends: 2017. All sectors, including corporate (29.1%), public employers (20.8%) and multiemployers (22.4%), reported that they will increase emphasis on wellness-related technology and/or gamification over the next two years.
[Free Member Webcast—The Results Are In: Workplace Wellness Trends]
Kristen Whittle, in the member webcast, Employee Wellness Challenges: Keeping Them Well, Keeping You Compliant, explains that the goal of the new EEOC rules that became effective January 1, 2017 is to provide guidance to both employers and employees.
Which laws are at play?
- Americans with Disabilities Act (ADA)—Employers must provide access to wellness programs for employees with disabilities and provide reasonable accommodations, as needed.
- Affordable Care Act (ACA)
- Genetic Information Nondiscrimination Act (GINA)—Prohibits the use of genetic information in making employment decisions in all circumstances.
- Health Insurance Portability and Accountability Act (HIPAA)—Employers must certify to group health plans that it will safeguard protected health information.
FitBits and Apple watches, among other wearables, not only count steps but provide data including activity levels, sleep patterns and heart rates. As these devices become central to workplace wellness programs, it is especially important that employers understand that many of the new EEOC rules govern privacy and security issues associated with the collection, storage and sharing of individual data collected through workplace wellness programs.
Whittle offers the following tips when designing a program that includes wearable fitness trackers.
- Determine the universe of data that will be collected (i.e., steps, heart rate, blood pressure, sleep patterns, etc.).
- Determine who will have access to the data and how it will be stored (i.e., data must be stored in separate, confidential files).
- Ensure compliance with ADA/GINA/etc. (i.e., notices, incentives, etc.).
- Incorporate into thoughtful policy (i.e., deliberate collection that is secure and confidential).
[Related: Workforce Wellness online learning course]
According to Barbara J. Zabawa, J.D., M.P.H., and JoAnne M. Eickhoff-Shemek, Ph.D., authors of a newly published book, Rule the Rules of Workplace Wellness Programs, “What is at stake for the wellness industry is its credibility with the wellness program participant. As consumers become more aware of the Big Data, its gold mine status, its lack of transparency and its potential for misusing personal information, they may become more dubious of data collection efforts.”
Here are a few items from the authors’ extensive compliance checklist.
- Use vendors to collect health data, so as to create a firewall between the employee data and the employer to prevent inappropriate use of data.
- Seek to understand the web of information sharing that occurs when employee health data is collected. Does the wellness vendor work with labs, app publishers, fitness device makers, gyms or rewards companies? If so, review the privacy and security policies of each of those downstream vendors.
- Implement applicable privacy and security policies and procedures, even if you are not subject to HIPAA, to garner trust in your wellness program.
According to Zabawa and Eickhoff-Shemek, “Workplace wellness compliance training can help professionals and organizations appreciate the different needs of individuals, the importance of adhering to the rules and the risk involved when one does not adhere to the rules. This appreciation can lead to workplace wellness programs that are more sensitive to participant concerns and needs, which will undoubtedly increase the level of trust by participants in these programs.”
While the current health care system and the rules that will follow are in a state of flux, Kristen Whittle advises workplace wellness programs to rely on the rules as they presently exist and watch for updates. It is not only important to have written policies and procedures in place but to train your staff to follow them.
Research Analyst at the International Foundation