Along with health data comes privacy concerns

The Challenge Posed By Your Company’s Employee Health Data

Along with health data comes privacy concerns
Along with health data comes privacy concerns
Image Credit: Animated Heaven

Let’s face it, if you were the person running your company you would have a lot of big issues that you needed to deal with in addition to worrying about the importance of information technology. One of these issues would be the simple fact that your health-care costs for employees are ballooning. Since we now live in the 21st Century, you’d probably look for a high-tech way to get your hands around this problem. You could give your employees activity trackers and introduce high-tech wellness programs that keep track of employee’s exercise, sleep, and nutrition. However, by doing this you are going to create a bunch of privacy issues that the CIO is going to have to find a way to deal with.


Why Are Companies Implementing These Programs?

The answer to this question is actually pretty simple: health care costs a lot of money. Companies are trying to get their workers to become more proactive when it comes to their health. They do this by offering gift cards as incentives and discounts on health benefits. If the company can get their employees to work towards becoming healthier, then there is a good chance that they’ll see a drop in the amount of sick leave that employees take. The ultimate goal is to create an environment where workers will be incentivized to be healthy.


Who Gets To See The Collected Health Data?

This is where things start to get a bit tricky. The good news for workers is that there are federal laws that relate to this kind of thing. The third-party wellness providers that are generally the ones who are collecting the data want to prevent discrimination and so they generally only share worker’s aggregated information and they only share it with the worker’s employer. Things can become a bit blurry when an employer starts to offer an incentive program that challenges employees to meet certain health targets. When this is happening, a provider may notify an employer about which employees succeeded.


Is There A Privacy Issue Here?

What the person with the CIO job need to be aware of is that in addition to measuring health related data from workers, these types of health programs often involve taking a detailed online health assessment. These assessments can include questions on sensitive topics such as alcohol consumption and pregnancy. The concern is that by opting in, an employee may put their data at risk. What the CIO need to look into is if the provider is covered by HIPAA which is the U.S. main health-privacy law. The issue is that many firms that are not part of group health plans may not be covered by this law.


Are Employees Required To Participate In Health Plans?

It turns out that an employer cannot require their employees to provide information as a part of a health care fitness plan. This includes such things as monitoring data and online assessment tests. However, the person in the CIO position needs to understand that many employers offer generous financial incentives to get their employees to participate.


Is There A Possibility That Employees Could Be Discriminated Against?

What CIO needs to realize is that the companies that collect worker health care data make money by selling that data to other firms. Even if this data is sold as aggregated data it may be vulnerable to individual identification. Marketers and life insurance companies may target employees with certain health conditions. These employees may either get targeted ads or they may start to be discriminated against. In general, wellness programs are good things. However, CIOs need to take steps in order to protect worker’s health care data.


What All Of This Means For You

As health care costs continue to rise, more and more companies are looking for ways that they can keep their health care costs under control. One of the ways that they have identified that they can do this is by implementing fitness programs that their employees can enroll in. However, these programs collect a great deal of personal information about employees and now the CIO is going to have to make some decisions about what to do with that data in order to protect employee privacy.

Companies are implementing fitness programs for their employees in an effort to find ways to lower their health care costs. If they can get employees to participate, they will become healthier and the number of sick days used may go down. Federal laws control who gets to see the data that has been collected. However, if the employer offers an incentive program, the people who both succeed and those who don’t may be able to be identified. Often these programs have an online survey component that may ask very personal questions. CIOs need to make sure that this data is kept private. Employees can opt out of participating in programs like these. CIOs need to be careful what gets done with the collected data. The firms that collect the data may sell it to other firms who may target employees with ads or discriminate against them.

I think that we can all agree having healthy employees is something that every firm would like to make happen. Implementing a fitness program sounds like a good idea. However, because of the personal nature of the data that is collected by these programs, the company’s CIO has to step in. It will be your responsibility to make sure that you know where the data is going, that individuals can’t be identified, and that employees don’t end up getting discriminated against because of their health care data. If you can get this right, then the company’s health care costs should go down and perhaps a party can be thrown for everyone to attend!


– Dr. Jim Anderson Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™


Question For You: Do you think that the CIO should be responsible for collecting the data and then pass it on to outside firms?


Click here to get automatic updates when The Accidental Successful CIO Blog is updated.
P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!

What We’ll Be Talking About Next Time

Guess what? The person with the CIO job has another question about the importance of information technology that they are going to have to find the answer to. This time around the question is just exactly how we can go about securing all of the so-called “smart” devices that are going to be constantly connecting to the internet and sharing data. As the internet of things starts to take off, the security questions need to be answered right now.

Leave a Comment