Nursing home sued based on Illinois biometric privacy law
The employees of Paramount of Oak Park Rehabilitation & Nursing Center, LLC, have filed a putative class action against the nursing home, alleging that the facility’s mandatory daily biometric fingerprint scans violate their privacy rights under the Illinois Biometric Information Privacy Act (BIPA), according to a report by National Law Review.
The BIPA requires all companies that collect and use biometric information to obtain written consent from employees before collecting such data.
The act gives individuals the right to sue for violations and, if they are successful, are able to recover liquidated damages ranging from $1,000 (or actual damages, whichever is greater) for each violation for negligent violations to $5,000 for each violation for intentional or reckless violations, in addition to legal fees and costs.
Martin Ragsdale, on behalf of the class, claims that Oak Park requires employees to submit to at least two fingerprint scans each day — one for clocking in and another for clocking out.
He alleges that the facility’s practice is “invasive” and “exposes the workers to serious and irreversible privacy risks — risks that BIPA was designed to avoid — including the ever-present risk of a data breach.”
Ragsdale requests that the Illinois circuit court grant an injunction barring Oak Park from further collecting fingerprints, require Oak Park to delete all the fingerprints it has collected to date, and award the class an unspecified amount in damages and legal fees.
There have been at least 26 employment class actions based on the BIPA that have been filed from July to October in Illinois state court.
Much like the case against Oak Park, the class actions allege employer misuse of timekeeping systems that fingerprint scan and store the biometric data of employees.
The lawsuits claim the employer failed to provide sufficient notification and obtain written consent or failed to implement a valid use policy.
While Illinois may be considered the leader in biometric data protection, several other states have enacted laws comparable to the BIPA, while other states are considering such legislation.
In July, Washington state passed a new law governing the collection and use of consumers’ biometric information, which experts view as a more business-friendly version of the Illinois Biometric Information Privacy Act (BIPA) which could serve as the model for other state legislation.