Search form

Illinois Nursing Home Faces Employee Class Action Based on State Biometric Privacy Act

By Joseph J. Lazzarotti
  • October 23, 2017

Alleging that mandatory daily biometric fingerprint scans violate employees’ privacy rights under the Illinois Biometric Information Privacy Act (BIPA), employees of Paramount of Oak Park Rehabilitation & Nursing Center, LLC, have filed a putative class action against the nursing home.

The BIPA requires companies that collect and use biometric information to obtain a written release prior to collecting such data. Under the BIPA, individuals may sue for violations and, if successful, can recover liquidated damages ranging from $1,000 (or actual damages, whichever is greater) for each violation for negligent violations to $5,000 for each violation for intentional or reckless violations — plus attorneys’ fees and costs. Our FAQs provide basic information on the BIPA and include recommendations and best practices for companies that collect or use biometric information.

Martin Ragsdale, on behalf of the class, claims that Oak Park requires a minimum of two fingerprint scans from employees each day — for clocking in and clocking out. Ragsdale argues that the nursing home’s practice is “invasive” and “exposes the workers to serious and irreversible privacy risks — risks that BIPA was designed to avoid — including the ever-present risk of a data breach.”

Ragsdale, on behalf of the class, requests that the Illinois circuit court:

  1. Grant an injunction barring Oak Park from further collecting fingerprints,
  2. Require Oak Park to destroy fingerprints it has collected to date, and
  3. Award the class an unspecified amount in damages and legal fees.

New Trend of Employee Biometric Class Actions

From July 2017 to October 2017, at least 26 employment class actions based on the BIPA have been filed in Illinois state court. Similar to the suit against Oak Park, the class actions allege employer misuse of timekeeping systems that collect fingerprint scans. They claim the employer failed to provide proper notification and obtain written consent or neglected to institute a valid use policy.

Although some consider Illinois the leader in biometric data protection, other states have enacted laws similar to the BIPA, and still others are considering such legislation.

Questions to Consider

Companies that want to implement technology that uses employee or customer biometric information (for timekeeping, physical security, validating transactions, or other purposes) should consider the following:

  • Whether the company actually captures biometric information as defined under applicable law;
  • Whether the company provides proper notification and obtains written consent/release;
  • How long biometric information is retained;
  • How biometric information is accessed, stored, and safeguarded; and
  • Whether the company has a data breach response plan that covers biometric data.

***

Many see the use of biometric technologies as a way to help secure other confidential information against data breaches that continue to cripple governments, businesses, and other organizations. Of course, biometric information is itself sensitive, personal information that requires protection, as demonstrated by the growing number of new laws. 

Jackson Lewis attorneys are available to answer questions about whether your company’s practices comply with applicable law.

©2017 Jackson Lewis P.C. This Update is provided for informational purposes only. It is not intended as legal advice nor does it create an attorney/client relationship between Jackson Lewis and any readers or recipients. Readers should consult counsel of their own choosing to discuss how these matters relate to their individual circumstances. Reproduction in whole or in part is prohibited without the express written consent of Jackson Lewis.

This Update may be considered attorney advertising in some states. Furthermore, prior results do not guarantee a similar outcome.

Jackson Lewis P.C. represents management exclusively in workplace law and related litigation. Our attorneys are available to assist employers in their compliance efforts and to represent employers in matters before state and federal courts and administrative agencies. For more information, please contact the attorney(s) listed or the Jackson Lewis attorney with whom you regularly work.

See AllRelated Articles You May Like

January 29, 2018

Fitness Industry Workplace Law Update – Winter 2018

January 29, 2018

Welcome to our premiere issue! Our goal is to keep fitness industry clients and contacts informed about employment and labor law issues that may affect your organizations. We hope you find this newsletter valuable and invite you to share it with interested colleagues and contacts. In this issue, we provide a brief summary of hot... Read More

January 24, 2018

2018: The Year Ahead for Employers

January 24, 2018

An executive summary of recent changes in workplace law and a look ahead to 2018. Read More

January 23, 2018

Data Privacy Day: Top 10 for 2018

January 23, 2018

In honor of Data Privacy Day, we provide the “Top 10 for 2018.” While the list is by no means exhaustive, it provides key issues organizations should consider in 2018. 1. Greater Focus on EU Data Protection Requirements Many U.S. organizations mistakenly think the European Union’s data protection requirements do not apply to them.... Read More