150 million Americans get health insurance from their jobs and many companies now have employee wellness programs (EWP). These programs often require employees to fill out health assessments and/or undergo genetic screening. Some use apps or devices to track what food employees buy or eat - all of this is done to save money by identifying employees with health "risks." Saying no to participating can mean paying hundreds of dollars more for health insurance. When an EWP is administered through a 3rd party vendor, no health privacy laws applies, even they collect and share sensitive health information from employees. How are these programs designed and do they work? What are the privacy risks?