When you think of “wearable technology,” activity trackers aregenerally the first item to come to mind.

|

But there are many more types of wearable technology that allorganizations, especially smaller ones, are starting to integrateinto their daily operations, explains Kirstin Simonson, CPCU, ARM,AU, ASLI, second vice president for Travelers Global Technology,based in Minneapolis.

|

“With the potential to bring fundamental change to businessoperations, we’re seeing a sincere effort among small businesses tointroduce wearable technology,” Simonson says. The types of devicesbeing used are contingent on the business’s needs and industry. Forlabor-intensive industries, such as construction, manufacturing andhospitality, the focus lies on increasing productivity whileenforcing workers’ safety. Smart glasses and sensor-infused gloves areamong the pioneering wearables slowly entering theseindustries.

Evolving technology

Wearable technology and the Internet of Things are poised toredefine mobility, Simonson says. SNSResearch estimates that wearable device shipments accounted fornearly $20 billion of revenue in 2015 with projections for marketgrowth at a compound annual growth rate of 40 percent until 2021.Another research firm, Soreon, predicts that the health care wearablesmarket alone will top $40 billion by 2020.

|

A small business looking to integrate new technology intoexisting its workflows can be hindered by the finite amount ofresources available, such as time, capital and labor. “Every typeof emerging technology requires an impact assessment to understandnuances such as personal vs. enterprise device discrepancies, andcompliance with national and industry-specific regulations,” notesSimonson.

|

Another concern, she points out, is whether technology mightcause a driver to become distracted, with accidents potentiallytranslating into third-party, auto and worker’s compensationliability.

|

Related: Make that Fitbit a lie detector

|

Risk-assessment-form

|

(Photo: iStock)

Develop safeguards

Business owners need to establish safeguards when developing arisk mitigation program for the use of wearables. Simonson advises.“Conduct a risk assessment that analyzes the business’s ability toadopt new technology, engaging all stakeholders who will beaffected, including IT, board members, human resources, legal,vendors and customers.”

|

Companies can also minimize their exposure to cyber risk byrequesting security features in their wearable devices, she notes.Examples include:

  • Remote erase: Wearable users can erase ordisable their device if it is ever lost or stolen.
  • Bluetooth encryption: Bluetooth technology offers an encryptedapplication program interface when exchanging data between a deviceand a data store, but few companies take advantage of this standardbecause it decreases battery life.
  • Cloud security: Because data is oftentransmitted from a wearable device to a cloud data-store, it isvital to ensure the cloud is protected by assessing vulnerabilityand limiting access to select personnel.

DDOS attack

|

(Photo: iStock)

Wearable technology downsides

The few downsides to wearable technology include patentlitigation as new technology comes to market and the occasionalallergic reaction to wearable materials, Simonson observes.

|

It’s still too early to see trends. But here are some examplesof potential pitfalls that business owners should be aware of:

  • Signal interception: An employee’s smartglasses are synced to his smartphone, which connects to a companynetwork where sensitive customer data is stored. A thief interceptsthe Bluetooth feed between the smart glasses and the cloud datastore, stealing customers’ credit card details.
  • Malware infection: A smart watch user connectsher device to a phone to book travel on a company credit card. Thewatch is infected with malware that detects and records financialactivity. Because her password is transferred from the smart watchas plain text, the malware captures and sends the information to ahacker group that runs up huge credit card charges at the company’sexpense.
  • E-commerce site shutdown: An employee connectshis personal wearable device to a company network. Outdatedsoftware and unauthorized website browsing infect the device with avirus that executes a distributed denial of service attack on thecorporation’s network, shutting down the company’s e-commercesystem for two business days.

Magnifying glass -- data -- fingerprint

(Photo: iStock)

Wearables and cyberattacks

Companies should deal with a cyberattack that occurs through awearable device the same way as one that comes through any othermeans, says Simonson.

  • Communicate promptly: Notify stakeholders whoare affected by the breach. Internal parties include techspecialists, client service managers, public relations departmentmembers and C-level executives. External parties include clients,customers and vendors.
  • Use forensic analysis: Engineers can usetraffic analysis to determine a breach’s cause in real time,capturing traffic data, reviewing archived access records foranomalies and logging investigation results, including networkvulnerabilities.

Man with smart watch at desk with computer

|

(Photo: iStock)

Bring your own wearable device issues

In many cases, employees are bringing their own wearable devicesto work and accessing the employer’s network or data, raisingseveral issues. Simonson notes that these risks may include:

  • Cyber risk: The risk of financial loss,business interruption or reputational damage may be because of anorganization’s failure to secure data held within its informationsystems. This can result from a cyber criminal’s attack,ineffective IT governance, security software failure or even adisgruntled employee.
  • Technology errors and omission risk: A companycan be held liable for economic loss if its device fails to work asintended because of an error, omission or negligence. Wearabledevice failures can affect business continuity and reputation.
  • Bodily injury risk: For wearable devices todeliver on quality-of-life benefits, they must be used as intendedand function properly at all times. Should the device fail, thevendor and manufacturer could be liable for damages from bodilyinjury, illness or the death of a user.

Related: Are millennials a cybersecurity risk atwork?

Man reviewing contract terms and conditions

(Photo: iStock)

Check the fine print

A company’s contract practices impact its exposure to risk andliability in the event of an incident, Simonson says. To manageexposure, companies should evaluate the following provisions:

  • Limitation of liability: The policy shoulddisclaim liability for certain types of damages arising fromincorrect wearable use or negligent activity, which can provide adefense in the event of litigation.
  • Damage caps: Agree on a threshold for coveringdamage expenses with the wearables provider or users of a device toprotect a business’ bottom line. This ceiling can be limited by aspecific dollar amount, or based on factors defined in thecontract.
  • Contractual risk transfer: Shift risk to otherparties outright through appropriate contract language. This is anattractive option for companies that hire independent contractorsor lease equipment from other businesses.

Simonson said she believes that implementation will become morewidespread as governance programs are established, trainingresources evolve and the insurance industry develops coveragepolicies for the diverse risks that each device can bring about.With some careful planning, businesses can manage the risk whiletaking advantage of the benefits that wearable technology canoffer.

|

Related: Wearable technology: The new game changer inworkers’ compensation

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

  • All PropertyCasualty360.com news coverage, best practices, and in-depth analysis.
  • Educational webcasts, resources from industry leaders, and informative newsletters.
  • Other award-winning websites including BenefitsPRO.com and ThinkAdvisor.com.
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Rosalie Donlon

Rosalie Donlon is the editor in chief of ALM's insurance and tax publications, including NU Property & Casualty magazine and NU PropertyCasualty360.com. You can contact her at [email protected].