Free Consultations: 651-778-0575

Does an CVS’s ‘health fine’ violation employees’ privacy rights?

CVS Caremark Corporation, the nationwide pharmacy and health insurance chain, recently announced a new workplace wellness policy aimed at keeping their insurance expenses down in anticipation of health care costs continuing to rise.

All employees of the company will now be required to submit to a blood draw and other tests intended to determine their obesity risk, and smokers will be required by the company to enroll in anti-smoking programs. Employees who refuse to participate in the scheme will be fined $600 a year, although the fine is likely to rise over time.

Is this a violation of employees’ privacy rights? Certainly, many privacy rights groups think it is, but legal observers say it is unlikely to be overturned by the courts.

Considering the cost of health care today, combined with the fact that employers can save money on insurance costs if they encourage healthier lifestyles among workers, observed John Banzhaf, a law professor at George Washington University, it only makes business sense for employers to butt into their workers’ lives. Banzhaf is an advocate of differential health insurance pricing based on people’s health habits.

The fact is, smokers and medically obese people are not directly protected by employment law, as Banzhaf pointed out, and may therefore be legally discriminated against.

“All of this is legal, and it is part of a greater trend,” he told Reuters. “But you have to be able to find out if someone is obese, which means you have to be able to weigh them, take their height and do the calculations.”

He may very well be right. Last year, a class of workers brought suit against Broward County, Florida, under the Americans with Disabilities Act. The employees claimed that the county’s wellness program violated the ADA by requiring medical exams and allowing the county to inquire about employees’ disabilities, activities that are prohibited by the law.

The 11th Circuit tossed out the suit because the text of the ADA includes a “safe harbor” provision permitting employers to engage in those activities as part of “a bona fide benefit plan that are based on underwriting risks.”

CVS says it has taken steps to ensure that management has no access to private patient records by outsourcing the program’s administration to an organization called WebMD. Nevertheless, the advocacy group Patient Privacy Rights argues that CVS’s new policy is simply too intrusive.

“They draw blood, that’s data collection. You have to go through a screening, that’s data collection. You have to call WebMD’s center, that’s data collection. People’s sensitive health data is being used for commercial purposes,” said the group’s director.

Today, about 79 percent of large employers include health assessments in their medical insurance plans, although few if any go so far as to fine employees for refusing to participate in them. Do you think this is going too far?

Source: Thomson Reuters News & Insight, “A new CVS wellness program raises privacy concerns,” Anna Louie Sussman, March 25, 2013