Wellness programs at work: could your boss be spying on your health?

Privacy experts raise concerns about data collected through employer wellness programs, which they say have potential to become surveillance programs

No one wants a sick colleague, least of all their employer. Little wonder then that a host of companies are springing up to keep employees as healthy as possible.

Workplace wellness is a $6bn industry in the US, according to the Rand consultancy. But the latest generation of tech-intensive wellness companies are bringing with them a host of privacy problems alongside their promises of health.

In an effort to cut healthcare costs, large employers have started data mining their workers to assess their health status and target them in ways that might head off trouble.

Health information company Castlight Healthcare, for example, recently developed a new product that scans insurance claims to find women who have stopped filling birth control prescriptions, as well as women who have made fertility-related searches on Castlights health app, according to Wall Street Journal.

The data mining was designed to pinpoint women who might be attempting to get pregnant, according to Jonathan Rende, Castlights chief research and development officer. The Castlight app would then send her emails or in-app messages geared towards pregnancy-related services like obstetricians or other pre-natal care.

What if you were just trading one form of birth control for another? Photograph: Phanie Sarl/Corbis

The news of an employer-sponsored program being able to determine that employees are trying to get pregnant alarmed privacy activists worried that employers would be able to obtain this information.

We strictly maintain complete employee confidentiality, and are fully compliant with all Health Insurance Portability and Accountability Act [HIPAA] security and administrative protocols governing protected health information, Castlight spokesman Jim Rivas said. Castlight is 100% compliant with all federal privacy laws governing the handling of employee data. Moreover, employers that use our system never, under any circumstance, see individual employee data from Castlight Action.

According to Rivas, employee data is anonymized, aggregated, and all the employer ever sees is the size of the group of employees at risk for certain conditions. Castlight said it imposes a minimum on the size of the group with the intention of making it difficult to identify individual employees.

Yet privacy experts still worry that such information is out there.

What does your boss know?

The big worry here is: even if the data broker reports aggregate data, a) it has this information on an individual level how else might it use it? and b) if you get granular enough, its pretty easy to figure out who exactly the top-level data is referring to, said Frank Pasquale, a law professor at the University of Maryland, who studies health privacy.

Pasquales fears are backed by probably the most well-known example of this. AOLs CEO, Tim Armstrong, announced in early 2014 that two AOL-ers that had distressed babies that were born that we paid a million dollars each to make sure those babies were OK in general. While he did not name names, it was easy to figure out who the two employees were. Deanna Feis husband Peter Goodman was one of those two employees.

Since then, Armstrong had apologized for his comments and Fei has written a memoir, Girl in Glass, about her prematurely born daughter Mila. By default, Fei has become an advocate for health privacy.

Its now two years after my familys public ordeal with AOL, and I still hear from people all the time who were targeted by their employers because they needed medical care. Sometimes the targeting is well-intentioned, but the consequences are still disastrous, Fei said.

For example, a woman with a high-risk pregnancy who received mailings from her company that alerted her co-workers, her neighbors, and her in-laws to her condition before she even decided whether to continue with the pregnancy.

If information gathered through a wellness app was obtained by the employer and had an adverse effect on the employee, the US Equal Employment Opportunity Commission (EEOC) would assume it is sex discrimination.

You are being demoted. You are denied a promotion. You are not getting a certain kind of assignments. All these kind of employment practices those would be covered, said Mary-Kay Mauren, senior attorney adviser at the EEOC.

The issue is what the employer does with the information, said Corbett Anderson, assistant legal counsel from the EEOC office of legal counsel. According to him, the EEOC is currently working on two different rule-makings related to wellness programs. The rule-makings do not specifically address this issue, he said.

Mailings like those mentioned by Fei or other communications have to be authorized by the employer, but come directly from companies like Castlight. According to the Castlight spokesman, such communications encourage certain preventive or assistive actions to be taken where they might not otherwise think to look for care.

If such communications phone calls or mailings can be intercepted by other family members or others, it raises issues about privacy, said Dania Palanker, senior counsel at the National Women Law Center.

Other privacy experts have pointed out that employers do not have access to employees medical histories. Unless, they are provided to them by the employees through the companys wellness program. Such wellness programs have the potential to become surveillance programs, according to Ifeoma Ajunwa, who teaches law at the David A Clarke School of Law at University of the District of Columbia.

I dont think all employers employ them that way, she said. I am not saying that all wellness programs are surveillance programs, but what we are seeing with the current status of the law, they do have that potential for unscrupulous employers to use them as a way to check on their employees and investigate the health of their employees.

Optional versus affordable

The employers and the various companies behind the wellness programs point out that all wellness programs are optional. Yet when tied to financial incentives that can make a significant difference in the price tag of ones healthcare, optional becomes well, not so optional, experts argue.

Are financial incentives really financial penalties? Photograph: Alamy

These programs are often connected to large financial incentive that either makes your health insurance much more affordable or less affordable depending on whether you participate, said Palanker. You could have an employee that doesnt really want to sign up for this, but they in a way have no choice, because its the only way they can afford your healthcare.

According to Deborah Peel a physician and founder of Patient Privacy Rights, the high deductibles and co-pays have contributed to deterioration of the relationship between people and their doctors.

Why dont we encourage people to see the person that really will take responsibility for their health and help them? What they have done by demonizing patients and cutting their access to effective treatment is they have created this whole new industry of profits this wellness bullshit, said Peel. So now instead of a doctor, what are you going to get? An app. Instead of a doctor! Give me a fucking break.

Financial incentives linked to wellness programs are extortion, Peel said.

If bosses really care about their employees health, why dont they give them greater health insurance benefits and no deductible so they can go see their doctors and caretakers? How many millions are they paying to these wellness companies? Why not give the money to the employees and make it possible for them to see doctors, buy healthy food and exercise? Why not invest in the employees in a way that supports them and does not violate them?

Read more: http://www.theguardian.com/business/2016/feb/29/wellness-programs-boss-spying-on-your-health