The risks of collecting employee health data

Link to article

A Washington Post article from 2019 describes an increasing trend in employee wellness programs, with employers collecting detailed health data like step count, hours of sleep, and more. The article describes employers calling individual employees to congratulate or admonish them on their daily health behaviors, and detailed incentive programs that gave employees cash if they hit personalized goals based on their specific health needs. Although wellness programs that encourage employee health should be applauded, the detailed level of data being collected raises some concerns about data use, security, and employee consent and education.

It’s easy to imagine how increased data on health and fitness could add value to an employee – information allows individuals to better manage their own behaviors and take the appropriate actions to improve their own risk factors. But what about how employers use the information, particularly when it isn’t anonymized, as in the case described in the article? Our health data, particularly when combined with other information that our employers have, could lead to insights that employees might be less comfortable with. What if our health data reveals dependencies on drugs or alcohol? What if location data shows that we might have a gambling problem or an extramarital affair? Furthermore, employers might purposefully or subconsciously take this information into account when making employment decisions – say, if layoffs are necessary and the company knows that some employees are at risk for requiring expensive treatment. Most employers have limited, if any, obligation to share the insights from the data they collect with their employees, and it would be difficult for an employee to prove discrimination based on the data that they consented to provide.

In general, worker surveillance technology is outpacing regulation, which should be cause for concern, particularly given the sensitivity of the information involved. What legal recourse is there for workers whose information is misused? Will employees who opt out of these programs be penalized for not handing over their health data? Providing access to our most intimate information – data that we often don’t understand ourselves – fundamentally realigns the power dynamic between employee and employer, particularly when there are limited options to reduce or punish employer abuse. Even for employers with the best of intentions, there is still significant risk. The article notes that many employers have not taken the appropriate cybersecurity precautions to protect the information that they are collecting. The exposure risks and the long-term implications for an employee whose data is accidentally revealed are enormous.

Finally, how much are employees even aware of what they’re signing up for when they pick up an employer-provided Fitbit or step tracker? Much of this data is collected passively, without explicit consent for the myriad of ways that it could be used. Although data-driven wellness programs are often heralded as putting power into the hands of employees, we should be clear-eyed about who they really benefit – employers put these programs in place because a healthier workforce reduces their insurance premiums. Although they may not required by law, companies that collect health data have an ethical obligation to put in place robust education, security, and consent mechanisms to protect the rights of the employees.


Books and Movies in the era of AI


Data Transparency-Privacy Tradeoff During a Pandemic

Student comments on The risks of collecting employee health data

  1. Thanks for a very interesting read Amina. I believe you hit the nail in the head with your closing statement that says that employers have an ethical obligation to put in place robust education, security, and consent mechanisms to protect the rights of the employees. Since regulation is lagging to protect employees, it is crucial that employers take this step proactively. However, how many will do so? More often than not, employees will sign whatever in order to get certain benefits, and we seldom read the fine print. I’m all for the benefits that come with employers and employees tracking health data, but I’m very concerned with regulation around this lagging behind.

  2. Very nice post! A few thoughts:

    Completely agree on the concerns around data privacy and security. Personally, as someone working in the healthcare space, I’m absolutely shocked that the data in this case was not anonymized. Not only are there the issues you cited when it comes to layoff decisions, but also there are potential interpersonal effects in the workplace. It’s easy to imagine someone in the workplace with access to the un-anonymized data bullying or even blackmailing an employee with that knowledge.

    Also agree on the points around regulation. One potential “solution” might be to have a 3rd party company be the one to handle all the health data, so that the client itself isn’t able to see any of it (except maybe some metadata). The 3rd party company would obviously need to have high integrity and top-level cybersecurity. Admittedly this is a little like the Equifax-TransUnion-Experian triumvirate which handles credit reports for everyone, and they were pretty bad with both integrity and cybersecurity. But putting the thought out there.

  3. Thanks for putting together this article, Amina. I enjoyed reading it!

    Your comment about the potential invasive and personal insights that could be gained by an employer linking health data with other information they have on their employees really struck me. While I believe that anonymization of the health data is key, I worry that simply removing names would not fully solve the issue. I keep coming back to the research of Latanya Sweeney, who showed that 87% of people in the United States are uniquely identified by {date of birth, gender, ZIP}. It would likely be fairly simple for an employer to re-identify their employees even in the absence of a name (given the wealth of information they have on their employees outside of the health data). I would therefore hope that employers might consider a more rigorous anonymization approach (perhaps Differential Privacy), even if it means slightly less precise analyses of the data.

  4. I agree that regulation is lagging behind employer innovation in data collection and use. I’m curious to see the interaction effects between that trend, and the upcoming expected consolidation of employer power that results from COVID. In an era with smaller corporations and a strong overall job market, with less consolidated economic activity (i.e. no google, amazon, etc.), my tendency would be to let companies collect and use data as they will (assuming they meet the basic standards of getting consent and providing education). I would assume that employees would effectively regulate employers by voting with their feet, and moving to employers they do not find so invasive if they are uncomfortable with data collection. However, crises like COVID serve to further consolidate employment opportunities, with the likely failure of many small businesses, and the continued success of tech giants. I am concerned that large companies will use this opportunity to advance cost saving or productivity boosting agendas, without regard to what many of us would consider basic human liberties (owning our own health data).

  5. Thanks for sharing Amina. I am frankly surprised/horrified that an employer in the US can capture and collect sensitive data such as health and wellbeing parameters through a Fitbit-type of device. In my view, consistent with European standards and regulations: (i) employees should own this data and should have full control over it; (ii) only with explicit consent could employers have access to the data; (iii) data provided to the employer should never be used against the employee (eg. in disciplinary measures, for promotion purposes, etc.); and (iv) this kind of sensitive information should be stored in safe environments/servers and the employer should not be able to share the info (whether anonymized or grouped collectively) with any other third party.

Leave a comment