Using employee data to boost productivity is not a new concept. Since the Industrial Revolution, managers have gathered and analyzed employee data to improve their bottom line. Now, with automated technology to monitor employees and ubiquitous technology to push notifications to employees, companies are grappling with how to manage their relationships with employees. Where is the limit on tracking employees? When does pushing notifications to employees transition from gentle nudges to an attempt to control an employee? A recent HBR article titled “Tech is Transforming People Analytics. Is That a Good Thing?” by Tomas Chamorro-Premuzic and Ian Bailie attempted to answer these questions. Chamorro-Premuzic and Bailie advocated that companies need to adopt an ethics charter to govern how they use employee data and limit what companies can and cannot do.
I agree with Chamorro-Premuzic and Bailie. As social media’s rise demonstrated, regulators and society cannot match laws to the rapid rate of change with new technology. Therefore, companies have to take a leading role and establish a code of conduct when using employee data in the burgeoning field of people analytics. The code of conduct should be a mutual agreement between companies and employees to establish limits on information collection, transparency on collection methods, and safeguards to prevent unauthorized users from accessing sensitive employee data. The code of conduct could become the basis for government regulation when regulators eventually close the gap with private sector companies.
As previously mentioned, the code of conduct should limit what information employers can collect from employees. While employees reluctantly agreed to have their activity monitored on their work computers and mobile devices, new technology like wearables opens the door to new information that employers could access. Is it reasonable for an employer to track an employee’s heart rate, blood pressure, or activity levels? Accessing health data could give employers insight into employee health and allow employers to offer preventative care or reduce an employee’s workload to mitigate stress. But, taken to the extreme, health data could be a screening tool that unintentionally blocks some employees’ career opportunities. For example, a highly qualified employee might suffer from high blood pressure due to family history, and the employee wants to apply for a recently opened, stressful supervisory position. Should the company use the health data to infer that the employee might jeopardize their health by accepting the role? Is it the employee’s role to evaluate how a stressful position might impact their health? While I cannot answer these questions, companies need to engage with their workforce and understand what information they will collect, how to use the information they collect, and when employees can expect to have privacy.
Additionally, the code of conduct should specify the collection methods that companies will use. Employees have adapted to companies monitoring them on their company-supplied electronics. Still, new collection methods include analyzing private messages amongst employees and cameras that can track employee movement around the office. As companies field new technology, they should notify employees, allow employees to opt-in or out, and define when information collection happens. The final point on telling employees when information collection occurs is crucial as employees transitioned away from the office during the COVID-19 pandemic. As mentioned in the article, PWC attracted criticism when it used technology to monitor whether employees were at their computers or not. A code of conduct will help prevent similar situations.
Finally, as employees consent to tracking, companies incur an obligation to safeguard worker data and limit who can view the data. Companies should have firm limitations on the groups that can access the data and communicate those limitations to employees. Suppose information leaks to an unauthorized party; companies should be required to offer monetary compensation or risk mitigation protection to employees. In that case, a code of conduct would outline the steps that companies have to take, providing comfort to employees concerned about their privacy.