Love ‘Em or Hate ‘Em…but don’t ignore your Lawyer’s advice!

Yesterday, while banging around some golf balls at Pinehurst (pardon me while I name drop!) the guy next to me on the driving range joked with his buddy that the balls represented his lawyer! He was whacking them left, right and down the middle and doing so with a vengeance. It started me thinking about how in the hospitality industry sees lawyers… with a more than just a bit of annoyance.

Sure, we all know they come in handy when reviewing agreements we have to sign. And, of course, we love to know they are there when there is some unpleasant situation that threatens our company or employees. Naturally we want a (really!) good one if something needs to be remedied. But… truth be told, we view them as a necessary evil. Why do we have such a love-hate relationship with them?

I am going to step up and say this: We don’t appreciate them enough! And I say this while wearing my usual “privacy protectionist persona.”

The media continues to scream about data breaches and privacy violations yet it seems while hoteliers seek lawyers out after a breach, they often have not availed themselves to the best legal advice around beforehand.

Take for example this weekend’s release of the “inside the hotel elevator video” where Solange Knowles (Beyoncé’s sister) whups JayZ upside the head. Selling it was a violation of guest privacy! As you might expect, the hotel is pursuing the person who marketed the video – but the damage is already done.

Another example is the recent decision by a shareholder to sue Wyndham for hurting his investment due to negligence because of the 2012 data breach. Wyndham’s legal team has their hands full. Not only do they have to deal with the Federal Trade Commission and the possible class action of the individuals whose credit card data and valuable PII was compromised, but now they see shareholders stepping up with claims that due to their “negligence in protecting guest information” shareholders’ monetary investment, thus financial well-being, has been “harmed.” This is a new angle!

No matter what happens, everyone goes running to a lawyer after the fact. My money says the legal eagles out there are all asking themselves why no one listens to their advice about the ‘what if’ scenarios and take recommended precautions?

According to one specialist attorney “the law regarding liability for breaches is still developing. It should be noted that usually a business entity is not legally liable to another for damages to another, unless the business did something wrong, such as being negligent, to cause the damage.” We all grasp the risk of damage to the brand because of a data breach but how many hoteliers understand the damages increase if the plaintiff can prove it was avoidable.

Here at HER, we took a step back and starting thinking about lawyers. In the recent issue of Hospitality Upgrade Magazine, several hotel industry lawyers contributed articles and made key points that we think you may appreciate:Ask a Lawyer about Data Security

1 – According to Richard Sheinis* Data Security Attorney in Atlanta Georgia, “a business is generally liable for the actions of employees and thus a business can be liable for losses suffered by hotel guests as a result of their personal information being disclosed because of employee negligence.”

He further states “If it is found that the employee was negligent because he was not properly trained or supervised on data security procedures, this lack of training or supervision can be another basis for the hotel to be held liable. Therefore, the importance of training and supervision is two-fold. It can reduce the likelihood of a data breach occurring in the first place. Second, if a breach does occur, it can reduce the likelihood of the business being liable for damages experienced by hotel guests.”

2 – Data breaches at companies of all sizes occur because of employee mistakes and negligence.

3 – The study by the Ponemon Institute “Global Cost of a Data Breach” found that 35 percent of data breaches are attributable to negligence or human error.

So strongly do we feel that we could and should take more a proactive stance, that HER is getting certified by IAPP while we open dialogs with specialists on this front from data breach insurance companies to legal advice and everything in between.

We are so passionate about the legal side of it that next week on Thursday May 22nd we are hosting a webinar with two leading experts in the field.

ASK A LAWYER is your chance to ask a legal eagle something about data security you may always have wondered…we are bringing this to you in partnership with VENZA Group and strongly encourage you to call in!

Our ‘’Legal Eagle” Scott Warner, part of the Hospitality, Travel and Tourism Group, at Garvey Schubert Barer, a global firm representing a broad range of clients in the food, beverage and hospitality industry. He is a regular contributor to Hospitality Upgrade Magazine where he has honed in on the Privacy debate as his expertise includes computer law, licensing, e-commerce, data collection and protection, privacy, and various other internet related legal issues. He has represented a global website portal in developing privacy policies to comply with EU privacy and data requirements and also represented major company as they responded to obligations under multi-state data breach laws.

Our Moderator Jeffrey Parker, VP and Chief Funologist from Stout Street Hospitality/Magnolia Hotels. Jeff is another regular contributor to Hospitality Upgrade. In his most recent article he included the following commentary:   “The time is now to start treating all of our customers’ personal data like credit card data, even if they are not taking steps to protect it themselves. Forget about PCI, you should already be compliant, get ready for the personal information protection revolution.”

We could not have said it better.

Join us in this discussion and sign up here at this link for our webinar and learn how you can make a few pre-emptive strikes in your favor.  Start doing more to protect guest information and you will save down the line on those attorney fees if a breach does occur!

After all there are only two kinds of companies today: those who know have been breached and those who don’t know it yet.

Click here to register for the Webinar: ASK A LAWYER


Written by Marion Hughes-Roger, VP of Business Development for Hospitality Evolution Resources, LLC.


The Venza Group® has partnered with Hospitality Evolution Resources Consulting (HER Consulting) to create the hotel industry’s first role-based, eLearning training modules about protecting guest privacy and keeping guest data safe. This innovative curriculum comprehensively covers best practices that involve all members of a hotel staff including management, front desk, IT, sales and housekeeping. Through realistic scenarios, learners are trained to protect guest information that falls outside the PCI encryption standards as well as their own data. The Venza Group® and HER deliver the industry’s first engaging, informative and proactive approach to what is becoming the hottest industry issue today: protecting Personally Identifiable Information (PII). For more information, please dial (770) 685-6500.


View other posts by Marion.