Just Exactly How Legal Is It To Track Your Employees?

Just because you can, does not mean that you should track employees
Just because you can, does not mean that you should track employees
Image Credit: Gabriel Garcia Marengo

As the person with the CIO job, you have a great deal of power that comes with your assignment dealing with importance of information technology. The big question that you always need to be dealing with is just exactly how should you go about using this power? A great example of this has to do with the wave of so called “wearables” that are only now starting to enter the workplace. These clever little computers that people adorn their bodies with are neat, but they bring with them some sticky questions about just exactly what you can do with all of that data.

The Challenge Of Knowing Where Everyone Is

So just exactly how did we get into the situation that we currently find ourselves in? It turns out that a new breed of company has shown up, FitBit and Apple being two of the most popular, and they are now offering wearable products to their customers. If a customer purchase one of these products they can put them on their wrists, turn them on, and their every movement both during the day and while they sleep at night will be monitored and recorded. Fancy software can then tell the wearer how many calories they burned during a day, how many steps they took, and what their heart rate was at any point during the day. This is great information for those of us who are trying to lose a few pounds, but what happens if our companies get their hands on this data?

Sharing this type of data with our employer is exactly what is starting to happen. The thinking goes like this. The company that provides your company with health insurance is very interested in making sure that you are living an active, healthy lifestyle. They are so interested that they are willing to pay you to do it. That means that if you are willing to share your wearable data with them and provide them with proof that you are being active, then they will be willing to sell you health insurance at a lower price because they believe that you will be healthier. This all sounds fine and dandy, but then what happens if someone gets passed over for a promotion and the person who gets the promotion is more active than they are – did their wearable data play a role in their promotion?

The one thing that the person in the CIO position does not want to have happen is for the company to get into any potential legal or ethical headaches that might come along with collecting data on employees health. Any sort of employee tracking plans always have to be strictly optional on the part of the employee. As the employer, you would probably not want to be handling the employee tracking data and so this might be a good task to hand off to a third party. Any data that the company received from this company would of course have to be anonymized..

What To Say When You Know Too Much

All of this medical monitoring and collecting of health data on employees can land a CIO into hot water. A case in point would be if the monitored data shows that an employee is currently doing poorly on tracked activity measures, what’s a CIO to do? The CIO will have to determine if they want to start a conversation with this employee in order to determine if they are dealing with a disability.

You might be thinking that this is something that you could just let go if the employee does not speak up about it. However, you’d be wrong. Past legal precedent has shown that companies that have enough information to recognize a problem are obligated to take action. If you don’t do anything and yet you have an employee’s detailed activity log, then you are going to be hard pressed to be able to show ignorance of the employee’s disability.

There can be other situations where data may become available to the company that the employee may not have. A retina scanner could possibly detect the onset of diabetes. In a case like this, you will have to determine if you feel that you have an obligation to inform your employees. The good news here is that you probably do not have an obligation to test for such conditions. Clearly the arrival of wearables in the workplace is going to have a dramatic impact on the employee / employer relationship.

What All Of This Means For You

CIOs already have a lot of challenges on their hands. However, it is starting to look like they are going to have one more shortly. “Wearables” or small computers that are built into clothing or jewelry are starting to show up in the workplace. These devices track employees and produce a great deal of data. What’s a CIO to do?

Wearables can track a number of different things all at once. In addition to knowing where your employees are at all times, they can also keep track of number of steps walked, heart rate, etc. This information can be valuable to health insurance companies who are willing to offer employees a discount if they are living an active healthy life. However, as CIO you need to make sure that there is not a legal downside to acquiring this data. Often times you want to get a 3rd party firm to handle all of the tracking data and only provide you data without any trackable components. A big challenge for any CIO and company can occur when you have enough data to determine that a monitored employee may have a health problem. You’ll need to decide if you will inform them or not.

Privacy concerns aside, wearables are becoming more and more popular. What this means for CIOs is that you are going to have to be making some decisions about what you want to do with all of that data sooner rather than later. Be careful to not violate any worker privacy issues and you can help your employees to become more healthy as you manage their data.

– Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™

Question For You: Do you think that keeping track of where employees are at during working hours is a violation of privacy?

Click here to get automatic updates when The Accidental Successful CIO Blog is updated.

P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!

What We’ll Be Talking About Next Time

Implementing a cyber-defense system for your company sure sounds like a good thing for the person with the CIO job to do. Just exactly what does that mean? I guess you purchase and install tools that will allow you to detect if the bad guys are able to get in, you create policies for what various people are supposed to do if this happens, and you make sure that your most precious assets are safely hidden away even if the bad guys get in. Putting all of this together is good, but how do you know if it will work? Sounds like it might be time to go have a talk with the military.