If your company has not started a wellness program, it may be the year.
As 2016 benefits are approaching, more employers than ever are expected to push workers into plans to control them for dangers, monitor their activity, and encourage them to get the right pills, food and exercise.
This includes a huge collection of health data outside the established medical system, not only by health retailers such as Redbrick, Audax and Vitality, but also by companies offering fitness services, smartphone applications, and devices that follow steps and heartbeats. These partners transfer employees' results to wellness service providers.
Standards for the confidentiality of this information have developed at a slower pace than industry. This creates risks that could be circumvented for workplace discrimination, credit scrutiny, or marketing, say consumer advocates.
Here you can ask about your company's plan.
Q. What information will my employer see?
Many employers only receive group anonymous data. The seller says how many employees are overweight or have high blood pressure, for example.
However, sometimes employers can see isolated results, setting the ground for possible discrimination against disabled people or chronic illnesses. Or they can guess them. Discrimination due to disability and illness is illegal but difficult to prove.
Employees should ask exactly what information they will return to their company and whether they will recognize them.
Q. Is the program covered by the HIPAA privacy law?
The Law on Mobility and Accountability for Health Insurance limits the exchange of certain medical information to doctors, health insurers and other authorized users. The question of whether a wellness plan is covered by the HIPAA is a good, first attempt to judge confidentiality.
Workplace wellness programs offered separately from an employer's health insurance program are not protected by the HIPAA. Other privacy laws may apply. But it is often often impossible for employees to say without asking.
Even in programs covered by the HIPAA, some appointed managers in your workplace can see health reports, including identities, though they are supposed to keep them confidential.
Using a wellness gateway often allows the seller to share personal data with unknown "third parties". These will be insurers, data warehousing companies and other partners that are necessary for the program, say sellers. They will protect the information, as well as everyone, they say.
E. My employer says he only sees the team results. Does this guarantee privacy?
In smaller businesses it is sometimes easy for managers to match employee identity with results from group reports. The same applies to large companies when revealing wellness data by a group or department.
Ask how far the results will dissipate.
Q: How many other companies see my wellness data?
Workplace wellness often involves many businesses gathering or sharing your information. The main provider of wellness can work with laboratories, application publishers, fitness equipment makers, gyms, reward reward companies and others – with its own confusion policy.
Employees deserve a clear explanation of the companies that get their data, the form they need, the way they will be used and the way they are protected, say the supporters of privacy.
Q.: What kind of privacy policies do subcontractors and other third parties have to follow?
A privacy standard for wellness contractors, designated by the National Quality Assurance Committee, requires the principal health vendor as well as third parties to comply with the HIPAA.
But this policy is not universal. NCQA recognizes only a few tens of hundreds of wellness companies. NCQA standards are voluntary and do not provide consumer rights.
Q. Can anyone try to identify people in the team results that share my wellness plan?
Wellness privacy policies often give vendors space to share data that has been removed from names, addresses, and other identifying features. This information is not protected by the HIPAA.
Experts have shown that such results can be redefined by combining them with public databases. As an added protection, the Limeade wellness vendor and the portable device manufacturer Fitbit forbid third-party partners to try to redefine the information they share.
But not all suppliers do the same.
This article first appeared at www.khn.org