New technologies continue to transform the workplace and raise additional legal considerations for employers. Wearable technologies such as smart glasses, watches, and exoskeleton suits are valuable tools that help workers increase productivity. However, these technologies may also collect and track personal information, including location data, brain activity, and other medical information.
Several states and regulatory agencies enacted laws and regulations to protect employees using wearable technology in the workplace. Employers who are implementing or planning to implement wearable technology should be aware of the following key considerations:
1. Wearable Technologies and the ADA:
Wearable devices with sensors may be considered "medical examinations" under the Americans with Disabilities Act (ADA). For example, some devices collect data on heart rate, blood pressure, eye movement, and more. Additionally, employees might be required to disclose health information before being permitted to use wearable technologies. In these cases, employers must limit medical examinations and disability-related inquiries to situations that are job-related and consistent with business necessity. And, any medical information should be stored in a secure manner. Employers may also need to engage in discussions about reasonable accommodations if the employer learns about a medical condition or disability as a result of the wearable technology.
2. Avoiding Discrimination Based on Sensitive Data:
Employers must ensure that the data collected from wearable technologies is not used to discriminate against employees based on protected characteristics, such as race, color, religion, sex, age, or disability. For example, using wearable data to infer that an employee is pregnant and taking adverse actions based on that assumption could be actionable. Also, tracking an employee’s location to identify visits to medical providers and then improperly investigating the purpose of those visits could violate privacy laws and lead to discrimination or retaliation claims.
3. Privacy Practices and Data Security:
Before collecting sensitive medical and personal data through wearable technologies, employers should review their privacy policies to ensure that proper notice has been provided to employees. In California, an employer governed by the CCPA/CPRA may need to update its privacy policy and notice to employees. It is also critical that employers maintain this sensitive information securely and in compliance with applicable state and federal regulations.
While wearable technologies can significantly improve workplace efficiency, they also raise significant concerns regarding the collection and safeguarding of sensitive personal information and the potential fallout from having that knowledge. Employers must address potential compliance issues related to privacy laws to avoid legal pitfalls. It is advisable for employers to work with legal counsel to stay informed about relevant laws and regulations.
For more guidance, feel free to contact Dan M. Forman or Linda Wang of CDF’s Privacy Practice Group, or your favorite CDF attorney for a consultation.
