An alleged exposure tied to TinyPulse shows how a routine workplace tool can become a high-risk container for personal records, even before the technical root cause is known.