As concerns about privacy increase, this trend is likely to expand to more and more states.ĭata breach notification statutes. Comparable legislation is pending in several other states. Other states have followed Illinois' lead on biometric-information privacy laws: Texas and Washington have similar laws on the books, although they entail less-comprehensive requirements and do not offer the opportunity for individuals to bring private lawsuits for violations. Employers may not sell, lease, trade or otherwise profit from any individual's biometric information.
Additionally, employers may not disclose biometric information except in limited circumstances. And it's easy to see why attorneys have taken notice: The penalties associated with BIPA range from $1,000 to $5,000 per violation and include attorney fees.īIPA requires employers to adopt policies regarding biometric data collection and retention, obtain consent before collecting biometric data, and take steps to securely store and protect from disclosure any biometric information that is collected. More-recent lawsuits have taken aim at smaller employers in Illinois. The statute flew under the radar until a surge of class-action lawsuits was filed in 2015, targeting companies such as Facebook and Shutterfly for alleged violations. Citing the public's concern with the use of biometrics for business transactions and the heightened risk of identity theft that biometric information entails, the Illinois Legislature sought to protect individual privacy and encourage private entities to bolster information security. Illinois took the lead with this legislation, passing its Biometric Information Privacy Act (BIPA) in 2008. Several states have passed laws that regulate how companies may collect, store and disclose biometric information from employees or other individuals.
#BIOMETRIC TIME CLOCK POLICY SOFTWARE#
Companies are gradually incorporating biometric identifiers into other consumer transactions, such as using facial recognition software or fingerprint scans to authenticate users' identities when making ATM withdrawals or unlocking their phones, for example.Īs biometric technologies become more common, laws continue to develop and provide more guidance to employers about properly collecting, storing and using biometric information:īiometric information privacy statutes. In the workplace, the most common example of biometrics involves the use of employee fingerprints to access facilities or clock in and out through timekeeping systems. Biometric identifiers include fingerprints, voiceprint, retina or iris scans, and scans of hand or face geometry.
But the benefits of these technologies are accompanied by legal scrutiny, so companies must remain aware of their obligations regarding employee biometric data.īiometric data refers to unique, measurable human biological or behavioral characteristics that can be used for identification. Best of all, this technology is impervious to abuse and falsification, cuts costs and administrative time, and can be operated by anyone with just the touch of a finger.Ĭompanies are increasingly incorporating technologies into the workplace that use employee biometric data to accomplish these objectives. If the employee’s finger scan matches the templates held on file, the employee will successfully clock in or out.Imagine a new technology that enables HR professionals to accurately monitor employee attendance and ensure facilities are accessed only by authorized personnel. The reader will then compare the employee’s finger scan to the templates held on file. To clock in and out, you will select either In Day or Out Day, enter your 4 digit employee code, and place your finger on the Time Clock’s sensor. In addition, the reader does not create or save the type of image file required by the Integrated Automated Fingerprint Identification System, the national fingerprint and criminal history system maintained by the Federal Bureau of Investigation Criminal Justice Information Services Division. The finger scan templates are not suitable for law enforcement fingerprint matching. The template files cannot be reverse-engineered to reproduce a fingerprint because the reader does not save the necessary information. The Time Clocks do not store an image of the actual fingerprint the templates reflect only limited information gleaned from the fingerprint. After HR receives the signed policy, an employee’s finger or fingers are scanned to create a template that represents the points along the unique features and minutia found in employee’s fingerprint pattern. Prior to using the Time Clocks, a completed Biometric Information Security Policy must be signed (link to form is below).
Training & Employment Opportunity - Metro Area.