Some employees don't like the idea of employers monitoring their health, especially if it means their private data is at risk.
Wellness programs already are under attack from critics who say that pressuring employees to lose weight or adopt other lifestyle changes can lower workplace morale.
Now media scrutiny of certain programs that require employees to disclose medical information that could be shared publicly has intensified skepticism of wellness initiatives.
A prominent example comes from Houston, where city employees were required to disclose their disease history and other essential health information to a private company hired by the city to conduct a wellness program.
The authorization form that employees signed when disclosing the information, however, told workers that their answers would no longer be subject to privacy law, could be shared with a third-party vendor and be posted in "areas reviewable to the public."
City employees who declined to fill out the forms had to pay $300 more per year for health care.
After loud objections from city employees, including the influential police union, the city changed course and hired a different company to conduct the wellness program.
Privacy advocates are concerned that the Houston example is becoming the rule, not the exception, and that regulations have not caught up to the relatively new but rapidly expanding $12 billion wellness industry.
“The privacy issues are profound,” Pam Dixon, executive director of the World Privacy Forum, told PBS. “If people are being asked to wear a biometric electronic device, or use a mobile app or work within a wellness program, that data can be used in ways that may be very, very surprising to people.”
Wellness companies and vendors serving them told PBS that confidentiality is an important part of their brand.
Audax Health, the wellness vendor at the center of the controversy in Houston, insisted that it keeps its data on program participants to itself.
“We do not sell or resell personal health information to anyone,” including marketing companies and data brokers, David Sclar, Audax’s chief privacy officer, said in a statement. “We do not allow third parties to market to Zensey users.”
And yet, PBS found that the company's own fine print in its privacy statement allows the company to share data with third parties, whether or not it chooses to exercise that right.
Regardless, privacy proponents want more than mere assurances from corporations. They want legal guarantees.
And on that front, the picture is murky. Many wellness contractors are not subject to HIPAA regulations.
In another instance examined by PBS, an executive of Welltok, another wellness company, was apparently unaware that his company's privacy statement allowed it to share data with others.
After learning of it from a reporter, Jeff Cohen, the firm's co-founder, suggested he would work to change it.
“That goes against everything we represent — probably one of those where a lawyer told us to put it in there,” he said in an interview. “I’m going to go back and talk to our compliance person” about the language, he said.
Continue Reading for Free
Register and gain access to:
- Breaking benefits news and analysis, on-site and via our newsletters and custom alerts
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the property casualty insurance and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.