As benefits enrollment for 2016 approaches, more employers than ever are expected to nudge workers toward plans that screen them for risks, monitor their activity and encourage them to take the right pills, food and exercise.
This involves a huge collection of health data outside the established medical system, not only by wellness vendors such as Redbrick, Audax and Vitality but also by companies offering gym services, smartphone apps and devices that track steps and heartbeats. Such partners pass worker results to the wellness providers.
Standards to keep such information confidential have developed more slowly than the industry. That raises risks it could be abused for workplace discrimination, credit screening or marketing, consumer advocates say.
Here’s what to ask about your company’s plan.
What information will my employer see?
Many employers get only anonymous, group data. The vendor reports how many workers are overweight or have high blood pressure, for example.
But sometimes employers can see individual results, setting the stage for potential discrimination against those with disabilities or chronic illness. Or they can guess them. Discrimination based on disability and illness is illegal but hard to prove.
Workers should ask exactly what information will get back to their company and whether it will identify them.
Is the program covered under the HIPAA privacy law?
The Health Insurance Portability and Accountability Act restricts sharing of certain medical information to doctors, health insurers and other authorized users. Asking whether a wellness plan is covered by HIPAA is a good, first attempt at judging confidentiality.
Workplace wellness programs offered separately from an employer’s group health insurance plan are not protected by HIPAA. Other privacy laws might apply. But often it’s often impossible for employees to tell without asking.
Even in HIPAA-covered programs, a few, designated managers at your workplace can see health reports including identities, although they’re supposed to keep them confidential.
Use of a wellness portal often gives the vendor permission to share personal data with unidentified “third parties.” Those would be insurers, data-storage firms and other partners necessary to the program, vendors say. They’ll protect the information as well as anybody, they say.
But the open-ended nature of the permission gives consumer advocates the creeps. Read the privacy and terms-of-use disclosures. Ask questions if you’re uncomfortable.
More info and original published by │ Times