So-called "wearables," such as fitness trackers, are becoming more and more ubiquitous every day. It's easy to see why. They count our steps, monitor our heart rate, measure the quality of our sleep, and we can use that information to improve our health.
But, while they offer certain benefits, fitness trackers may also present risks for employees who bring them into the workplace.
Unprecedented Employer Access to Private Information
The reason we use fitness trackers is the same reason they pose a potential liability for employees - data. These gadgets helpfully collect reams of biometric information about us and store it, usually in the cloud. This all fine assuming the data is only accessible to the user. It becomes problematic in the workplace, however, when others access the information, neither with or without the user's permission.
for example, many employers are outfitting employees with fitness trackers to stem the rising cost of health insurance. Trackers do everything from reminding someone working at a desk to get up and move around every hour, to tracking steps and recording exercise sessions. At some companies, employees who meet fitness goals are rewarded, and can also compete with co-workers for prizes.
This workplace trend is entirely unprecedented. Historically, the state of someone's health has been regarded as a very private and personal matter, but employers are now privy to information that was once extremely confidential.
Fitness Tracker Data Evidence
From discrimination and harassment to wage-and-hour abuse, There are many ways in which the employer-employee relationship can break down, and sometimes litigation is the only recourse. Taking a case to court requires evidence, often including electronically stored data that fitness trackers collect. If employees grant employers access to that data, what guarantees do they have it will not be used against them in litigation?
Consider this scenario, for example. A warehouse employee files a request for accommodation under the Americans with Disabilities Act (ADA) with his employer, asking for a change in duties due to a back injury. Specifically, he asks to be moved to tasks that do not require heavy lifting. The employer refuses. The employee, who has been participating in a workplace health and wellness program and wearing a company-provided fitness tracker, then files a suit under the AD alleging the employer has failed to provide a reasonable accommodation.
As it prepares its defense, could the employer access the data from the employee's fitness tracker to see if he has been engaging in any strenuous activity in his off-hours that might indicate he is, for example, lifting weights at the gym? Could that then be used against the employee in court?
What if that employee injured his back on the job and filed for worker's compensation, but was denied? Could the same data be used against him if he files a lawsuit challenging that decision?
Liability for Security Breaches
A study released earlier this year about the security of fitness trackers found they are easily hacked and many hacking software applications exist, creating not only personal privacy risks but also threats to corporate network security.
Hackers can use wearables and other fitness trackers to infiltrate company networks and install rogue software, called malware. When the wearable connects via Wi-Fi or Bluetooth to a network to upload its stored data to the cloud, the malware can transfer to the host network. Depending on what the program was designed to do, it could establish security backdoors for hackers to exploit, or use the network in a brute force attack against other servers.
An employee who uses an employer-provided fitness tracker or making unauthorized use of the corporate network to connect a personal device could unwittingly be a vehicle for malware. If the employee's device is the cause of the breach, the employee could face consequences, including termination or litigation.
Think Twice About Using a Fitness Tracker at Work
Fitness trackers seem innocuous, but the devices and the data they collect pose significant privacy and security risks for employees and employers. It may be in a company's best interests to promote fitness trackers as part of corporate wellness initiatives, but employees still have reason to be wary. Any worker considering participating in a company wellness program should ask to review the company's policies around the treatment of their sensitive data, who owns it, and how it may be used.