Category Archives: Guest Issues

by | July 26, 2011 · 10:25 am

Hospitality Industry Security Risks: Hotel "Cyber Liability Myths Exposed"

Cyber Liability Myths Exposed

By Brad Durbin – Petra Risk Solutions 

 

In today’s e-commerce society, operating your hotel without cyber liability coverage is like attempting to drive your car blindfolded on a  Southern California  freeway during rush-hour traffic. 

Here are three common myths and misconceptions I’ve heard repeatedly when discussing cyber liability insurance coverage with hotel owners and operators. 

Myth #1 – “I use the online reservation system offered by my franchise.  They’ll cover me if their system is hacked and my guest’s personal information is compromised.”

This is by far the most common misconception among hoteliers about their exposure and responsibility for a data breach. It’s easy to see why.  You are using your franchisor’s reservation system, which is offered as part of your franchise agreement.  Why wouldn’t they cover you if their system is hacked? 

The answer is in your contract.  While some franchise agreements are more favorable in this area than others, most contain special provisions regarding the use of their online reservation systems.  These provisions typically state that the hotel will be responsible for defending the franchisor and holding them harmless, regardless of whether the data breach came from within the online reservation system. 

The exposure is even greater for non-franchised properties using third party reservations system providers or wholesalers.  I have yet to come across a contract for these services that could be viewed as favorable for the hotel in the event that the reservation system is breached. 

 Myth #2 – “If a hotel guest’s credit card information is stolen at the property level, my Payment Card Processing company will cover me under their policy.” 

Most hoteliers erroneously assume that their Payment Card Processing Company (PCP) will have their best interest in mind in the event of a data breach.  I’m not sure why.  No business, regardless of how great or longstanding your relationship with them has been, will volunteer to pay significant attorney costs and consumer notification fees for you unless they are contractually obligated to do so.  Not surprisingly, most PCP contracts are heavily weighted in favor of the PCP provider regardless of where the data was taken from or if the PCP company is to blame.

Your liability is even greater for a data breach that can be traced back to the hotel property level.  If this happens, the Payment Card Industry (PCI) mandates that you conduct a forensic accounting audit of all your records.  These audits can cost $20,000 – $25,000 for a single location, limited service property. This amount does not include fines typical for any non-compliance issues discovered during the audit. 

Myth #3 – “Cyber liability coverage is a waste of money.”

Most states have laws requiring you to notify EVERY GUEST in your database upon discovery of a breach (e.g. California Senate Bill 1386).  Analysts estimate that the average cost for this notification is approximately $30 per record.  Multiply this by the number of records in your system, or the number of guests who have stayed at your hotel over the years, and you can see just how financially devastating these claims can become. 

For a typical limited service franchised property with $2,500,000 – $5,000,000 in annual room revenue, a cyber liability policy with a $1,000,000 limit can usually be obtained for less than $7,000 annually… an extremely fair price point considering the risks and hefty costs associated with a data breach.

Final Thoughts

When a hotel data breach occurs, guests won’t know or care that another company may be responsible.  They will come directly to the hotel for a remedy. The ENTIRE FINANCIAL BURDEN for notification costs, legal defense, and monetary settlement of all related claims may be borne directly by the hotel – if it does not have an appropriate cyber liability insurance policy in force.

To protect your hospitality assets, select and obtain cyber liability coverage that will address PCI fines, consumer notification costs, credit monitoring, and any government or regulatory action levied against your business in the event that a data breach is discovered.  Not all cyber policies include coverage for these areas, so it’s important for you to work with a qualified hospitality insurance broker. 

Securing proper cyber liability insurance coverage is a cost effective method for hoteliers to help mitigate the risks associated with owning and operating a hotel in today’s digital society. 

———————————————————————-

Brad Durbin is a Hospitality Insurance Specialist with Petra Risk Solutions. For questions about Hotel Cyber Liability or any other Hospitality Risk Solutions, contact Brad at bradd@petrarisksolutions.com.

Comments Off on Hospitality Industry Security Risks: Hotel "Cyber Liability Myths Exposed"

Filed under Crime, Guest Issues, Insurance, Liability, Management And Ownership, Risk Management, Technology

Tagged as , , , , , ,

by | July 23, 2011 · 7:41 am

Hospitality Industry Health Risks: New Insurance Offerings Cover "Bed Bug Infestation, Loss Of Revenue And Guests' Risk Of Bringing Bed Bugs Home"

“…The new offering covers lost revenue resulting from treating rooms, as well as paying for the cost of eliminating the bugs…”

“…It can also cover business or leisure travellers against the risk of bringing bedbugs home from a conference or overnight stay…”

Lloyd’s underwriters have teamed up with insurance broker Aon and Global Excess Partners, an innovator in new insurance products, to develop a comprehensive bedbug insurance solution for travellers and the hospitality industry.

According to Lloyd’s, bedbug infestations are on the rise, causing hotel owners, landlords and businesses major problems.

High levels of infestation have been reported in the US and Europe, with New York topping the list of cities in a bedbug battle.

Bedbugs are regarded as the most difficult of pest to treat, more so than cockroaches, ants and termites, as they are elusive, can live for a year or more without eating and can withstand a range of temperatures from nearly freezing to 50 degrees Celsius.

For more:  http://www.insurancedaily.co.uk/2011/07/23/lloyds-and-aon-team-with-bedbug-offering/

Comments Off on Hospitality Industry Health Risks: New Insurance Offerings Cover "Bed Bug Infestation, Loss Of Revenue And Guests' Risk Of Bringing Bed Bugs Home"

Filed under Claims, Guest Issues, Health, Insurance, Liability, Management And Ownership, Risk Management

Tagged as , , ,

by | July 21, 2011 · 6:30 am

Hospitality Industry Pool Safety: Young Boy Saved From Near Drowning In Michigan Hotel's "Murky" Pool During Pool Party

“…Blackman Township Public Safety deputy director Jon Johnston says the boy was pulled from the pool, limp and unresponsive. He adds the the child was a guest at a birthday party among nearly 25 other kids when he ended up in the deep end…”

“There were several adults in the immediate pool area and the mother was in the gathering area surrounding the pool so it was situation where one the kids they lost track of,”

A four-year-old boy is recovering, in serious condition on Wednesday after nearly drowning in a hotel pool. It happened at the Avalon Hotel and Conference Center in Blackman Township late Tuesday night. A guest from Stevensville, Michigan is being credited with saving the child’s life.

“The water was a little murky but I knew I saw somebody at the bottom of the pool — little legs, little arms.”

Bettig and his family were at the Avalon Hotel, just off US-127 for a memorial service for his father. “We came home to sit around the pool and look at some pictures of Dad and about fifteen minutes into looking at the photos my son bought it to my attention that there was a boy floating in the water,” said Bettig. “If it wasn’t for his eyes noticing — a couple minutes could have gone by and the little boy might not have had a chance.”

He says the child was underwater for a couple minutes before Bettig dove in. The child was pulled from the pool with a strong pulse but not breathing on his own. He was taken to Allegiance Hospital and then flown to the University of Michigan hospital.

For more:  http://www.wilx.com/news/headlines/125881063.html

2 Comments

Filed under Guest Issues, Health, Injuries, Insurance, Management And Ownership, Pool And Spa, Risk Management

Tagged as , , ,

by | July 18, 2011 · 9:23 am

Hotel Industry Building Safety Risks: The 30th Anniversary Of The Kansas City Hyatt Regency "Skywalks Disaster" Is Remebered For The 114 Killed, 200 Injured From "Failed Building Engineering Plans"

“…Plans had both walkways hanging from the same vertical support rods. But a revision had the lower skywalk hanging from the upper one on separate rods. That increased the load on the upper skywalk and added to the stress on the bolts, which were doomed to pull free of the welded box beams to which the rods were attached. The flaw was obvious in hindsight…”

“…There were no criminal charges, but the engineers lost their licenses. There were about $140 million in judgments and settlements…”

[youtube=http://www.youtube.com/watch?v=715wyClHTVw]

 Thirty years ago today the music stopped when the skywalks in the elegant Hyatt Regency hotel lobby suddenly crashed down on a crowd of people enjoying big-band tunes and a night out. The 114 people killed in the disaster will never age. The injured, the victims’ loved ones and the rescuers, however, are three decades older.

A broken water pipe threatened to drown those trapped. Electrical wires were sparking. People were crushed beyond recognition.

The hours went by as Ortega and dozens of other emergency responders — firemen, emergency medical technicians, citizens — carried bodies either to a temporary morgue or a makeshift emergency room. A man’s leg was amputated by chainsaw in order to free him. Ortega saw a police officer try to pull a screaming man out and his arm came off.

Read more: http://www.kansascity.com/2011/07/16/3018298/the-hyatt-disaster-30-years-later.html#ixzz1STcYIVOk

Comments Off on Hotel Industry Building Safety Risks: The 30th Anniversary Of The Kansas City Hyatt Regency "Skywalks Disaster" Is Remebered For The 114 Killed, 200 Injured From "Failed Building Engineering Plans"

Filed under Claims, Guest Issues, Health, Injuries, Insurance, Liability, Maintenance, Management And Ownership, Risk Management

Tagged as , , ,

by | July 17, 2011 · 8:10 am

Hospitality Industry Health Risks: Nevada Hotel Guests Exposed To "Bacteria Causing Legionnaires' Disease"; Water Treatment Capabilities Increased

“…Spokeswoman Stephanie Bethel of the Southern Nevada Health District said Thursday that six cases of the sometimes-deadly form of pneumonia have been reported among Aria guests by the Centers for Disease Control….”

The hotel says in a letter to guests that it added additional water treatment and the latest tests show no detectible levels of the bacteria.

The Aria Resort & Casino on the Las Vegas Strip is warning guests who stayed during a two week window that they may have been exposed to high levels of the bacteria that causes Legionnaires’ disease.

Bethel says all six people were treated and have recovered. Hotel officials say water tests in several guest rooms between June 21 and July 4 detected elevated levels of the bacteria Legionella.

For more: http://www.guardian.co.uk/world/feedarticle/9748294

Comments Off on Hospitality Industry Health Risks: Nevada Hotel Guests Exposed To "Bacteria Causing Legionnaires' Disease"; Water Treatment Capabilities Increased

Filed under Guest Issues, Health, Insurance, Liability, Management And Ownership, Pool And Spa, Risk Management, Training

Tagged as , , , ,

by | July 15, 2011 · 6:36 am

Hospitality Industry Federal Law Compliance: Hotel Management Must Have Comprehensive Knowledge Of "Americans With Disabilities Act" (ADA) Regulations

For more:  http://www.ahla.com/knowledge/

 

Comments Off on Hospitality Industry Federal Law Compliance: Hotel Management Must Have Comprehensive Knowledge Of "Americans With Disabilities Act" (ADA) Regulations

Filed under Guest Issues, Insurance, Legislation, Liability, Management And Ownership, Risk Management, Training

Tagged as , , , ,

by | July 14, 2011 · 7:14 am

Hospitality Industry Guest Credit Card Security: Tips For Securing Hotel Computer Systems Against Credit Card Data Theft (Video)

[youtube=http://www.youtube.com/watch?v=iCmZ9DlrI9o]

Sue Zloth, is a member of the HFTP PCI Compliance Roundtable, provides key tips for securing guests’ credit card data at the 2011 Hospitality Industry Technology Exposition and Conference (HITEC) conference.

  • Change default passwords on all new information systems
  • Do not allow remote access into hotel computer systems
  • Minimize areas where credit card data is stored

Comments Off on Hospitality Industry Guest Credit Card Security: Tips For Securing Hotel Computer Systems Against Credit Card Data Theft (Video)

Filed under Crime, Guest Issues, Liability, Maintenance, Management And Ownership, Risk Management, Technology, Theft, Training

Tagged as , , , ,

by | July 13, 2011 · 10:19 am

Hospitality Industry Guest Security: Hotels Launch "Radio Frequency Identification Technology" (RFID) To Better Secure Guestrooms And Limit Guest Access To Different Floors

One of the latest innovations to be launched in the customer security market within the hospitality industry is non-contact Radio Frequency Identification (RFID) technology. This allows guests to access the hotel and their rooms simply by waving their room card, rather than having to insert it into a lock.

The RFID cards can also be extended to lift-systems with cards encoded to allow guest’s access to only the floors that they are entitled.

This means that visitors can be rest assured that from the front door to their rooms, their safety is of the utmost concern, which will only enhance the customer experience.

  • Hoteliers need to ensure that they have a robust threat assessment procedure in position and ensure that a crisis plan is prepared and rehearsed. Security operations need to be agile to respond or expand to meet the required needs if new threats emerge.
  • When enforcing security checks or CCTV, be sensitive, as the guests still need to feel as sense of relaxation as well as safety.
  • Ensure all current staff is trained to identify, inform and respond to any suspicious activity or any crisis that a hotel could face.
  • Hotel staff should remain visible. This gives guests peace of mind and is a key way to deter any criminal activity.
  • Where possible, incorporate security features into the guest experience but do not let a security operation intrude on the customers stay.
  • Outsource specialist tasks like outdoor patrols and vehicle checks to trained third-party security providers. However, ensure they are trained in guest interaction by the hotel so they adhere to your standards.

For more:  http://www.hotel-industry.co.uk/2011/07/identification-systems/

Comments Off on Hospitality Industry Guest Security: Hotels Launch "Radio Frequency Identification Technology" (RFID) To Better Secure Guestrooms And Limit Guest Access To Different Floors

Filed under Guest Issues, Liability, Management And Ownership, Risk Management, Technology

Tagged as , , ,

by | July 10, 2011 · 5:20 pm

Hospitality Industry Fire Risks: Maryland Hotel Suffers Over $3 Million In Structural And Content Damage As Fire Alarms Successfully Assist Evacuation, Limiting Injuries

A four-alarm fire that injured three people and caused several million dollars in damages to a Days Inn hotel in Catonsville began in a locked storage room, Baltimore County fire investigators said Sunday.

Guests said they heard fire alarms go off, then encountered heavy smoke in the hallway.

The cause of the fire on the seventh floor at the Days Inn at 5701 Baltimore National Pike is still under investigation, said Elise Armacost, director of public information for the Baltimore County Fire Department and Office of Homeland Security and Emergency Management. Authorities contradicted earlier reports from hotel patrons blaming the fire on smoking materials.

Fire dispatchers were notified of an alarm at the Days Inn at 8:14 p.m. Saturday. Engine 13 of Westview station arrived first and found billowing smoke. The fire escalated to four alarms and involved nearly 70 pieces of equipment, including units from Howard and Carroll counties, Baltimore city and other jurisdictions, officials said.

Firefighters evacuated about 160 patrons from the building and the guests were relocated to other hotels and motels.

Two guests suffered minor injuries and were transported to nearby hospitals. One firefighter was treated at the scene for minor injuries.   Fire investigators estimate that the fire caused about $2.5 million worth of damage to the hotel and about $1 million to the hotel’s contents.

“We heard the fire alarm go off, then stop, and go off again,” said Omar Oliver of Landover, who was visiting with Theresa Tolson and had rented a third-floor room.

“We called downstairs and they said it was nothing, just somebody playing with the fire alarm,” Oliver said. “Then the TV went out and we started to smell smoke.”

At least one guest was evacuated from an upper floor down a fire department ladder.

For more:  http://elkridge.patch.com/articles/four-alarm-hotel-fire-began-in-locked-storage-room

2 Comments

Filed under Fire, Guest Issues, Injuries, Insurance, Management And Ownership, Risk Management, Technology

Tagged as , , , ,

by | July 7, 2011 · 6:35 am

Hospitality Industry Guest Room Security: Large Hotel Operator Converts Rooms To "Electronic Lock System", Replacing Mechanical Card Locks As "Magnetic Strip Keycards" Provide "Full Audit Accountability"

  • Each keycard is encoded using a portable Front Desk Unit (FDU), uniquely designed for the hotel industry
  •  The magnetic strip keycard reader provides full audit accountability, enabling management to provide legal support in the event of unauthorized access to a room.
  • For emergency use the Generation E-760 door locks provide emergency access through a mechanical key (fixed or recodable) or electronic override plus an emergency keycard.
 
La Quinta Inns & Suites has announced an agreement with Kaba to install the ILCO 760 locking systems in approximately 140 La Quinta hotels. Implementation will begin in fall 2011.
 
“KABA ILCO products demonstrate the reliability that La Quinta wants for its operators and guests,” says Gerald Rodriguez, vice president of purchasing for LQ Management L.L.C. “We were also impressed with KABA’s willingness to engage in a long-term partnership with La Quinta. This will enable us to provide security to our guests, and professional service and operational excellence to our hotels and their staff into the future.”
 
La Quinta began evaluating electronic lock system providers to replace its mechanical card locks in early 2010. This effort included field testing locks from several manufacturers to verify the best solution for La Quinta’s hotels. After testing, La Quinta chose KABA ILCO 760 locks and the Front Desk Unit (FDU).
 
 

2 Comments

Filed under Guest Issues, Insurance, Liability, Maintenance, Management And Ownership, Privacy, Risk Management, Technology

Tagged as , , , ,