Hotel Online  Special Report



 How to Safeguard Your Guests from
Being the Next Identity Theft Victims


By Diana S. Barber, Esq., February 2004

Did you hear the one about the guest who checked in to a luxury hotel room and found a guest folio print out for the previous guest in the waste paper basket in the guest room?  Personal information was located on the guest folio and was in the hands of a stranger who had ample opportunity to steal the previous guest’s identity.  This happens all too often in large and small facilities.

During my recent visit to a 5-star hotel, I walked by an empty meeting room with the door wide open.  On a table just inside the door was the daily guest recognition report that showed the arrival dates of all the VIPs and celebrities in the hotel including personal comments about the guests.  It also contained a detailed meeting itinerary for a professional football team. Personal information of this nature should never be left in plain view in any public space, but it happens.

Identity theft can occur in hotels and motels and should be taken very seriously.  The Federal Trade Commission has stated that identity fraud is one of the fastest growing white-collar crimes nationwide and affects one in four Americans.  In 2002, the FTC received 161,819 complaints about identity theft and it is estimated that it costs each victim more than $1,000 to correct the damage made to their accounts and their reputations.  Identity thieves capture information about your guests and use it to commit fraud, steal money, and charge items to credit accounts and even create new accounts.  How can you protect your patrons and guests from being victims of identity theft?  Here are some basic security rules for you to pass on to your managers and supervisors to decrease the likelihood that your patrons and guests will be the next victims of identity theft.

  • Training is the most important rule. Hotel personnel should never announce out loud the guest’s name and room number at the front desk during check-in or in the food and beverage outlets in the hotel or facility.  If during the check-in process, you or any of your employees overhears a guestroom number being announced, immediately assign a different room for the guest. In addition, instruct your wait staff not to request a guest’s room number out loud in restaurants.  Have the guest write it on a piece of paper then destroy the paper.  Never, ever say the room number out loud. Believe it or not, this is still happening at hotels and motels across America.
  • Instruct your housekeeping staff to leave a kind note for the guest reminding them to never leave important papers containing personal information in plain view in your guestroom, the lobby, any of the food and beverage outlets or in any meeting room space.  Remind them to put all personal information, such as airplane tickets, passports, etc. in the in-room safe located in the guestroom when absent from the room. 
  • Remind guests, and meeting planners so they can advise their attendees, to make sure all computers, including laptops and PDAs (which usually contain valuable and personal information) are secured in all meeting rooms or hand carried by the owner from the guestroom or meeting room space.
  • Have your front office and accounting office procedures that address your efforts to safeguard guests’ personal information in writing and available for your guests to see.   Find out if there are any leaks or holes in your process.  Who has access to guests’ data and is it secured?  Are the employees trained on maintaining the privacy of guests, and how so and how often?  How secure are your fax machines? Does personal guest information lie around for anyone walking by to see?  Hotels and motels need to focus on these issues and if you haven’t, you need to do so immediately.
  • Do not place calls directly to guestrooms without the caller knowing the name of the guest assigned to the guestroom for that day. Although your telephone operators want to be helpful to callers, they should never give out names or partial names of any guests to outside callers.
  • Do not slip guestroom folios under the guestroom doors the evening prior to checkout.  Mistakes by your night shift hotel staff can and do happen and valuable personal information may find it’s way into another guestroom or worse yet, stranded in the middle of the hallway for all guests and employees to see.
  • Check the credit card receipts printed from all outlets in your hotel, such as retail shops and restaurants.  Some receipts still print the entire credit card numbers.  Others only print the last four digits of the credit card number. Having the entire number printed on the receipt can be hazardous to your guests’ financial health. This is usually a simple software programming issue and it will protect your guests if you promptly remedy this situation. 
  • Remind all meeting attendees to remove their convention badges outside the meeting venue as it provides immediate personal information to any stranger the attendee passes by.  Also, remind meeting planners to be careful as to what information is stored on the back side of the convention badges because if it is lost or misplaced, the information displayed, albeit intended for the ease and convenience of the attendee (such as cell phone numbers of colleagues), can end up in the wrong hands.
  • Inspect your wastepaper refuse system or trash dumpsters for your hotel or facility.  It is in a secure area?  Is it inaccessible to the general public?  Does a fence or wall surround it?  If thieves will go through your personal household trash receptacles to gain personal information, imagine what they could find if they gained access to the waste paper dumpster located at your hotel or motel. Some thieves have admitted that they go dumpster diving at accounting and law offices to gain proprietary information.  What will they find if they dive into your dumpsters?
  • Be aware of the potential for identity theft with your hotel if you engage shoptalk or shop call systems. This is when you contract with a third party provider to record live reservation calls for purposes of spot checking the reservation agents for compliance efforts and for training purposes.  These audio recordings which include names, addresses and credit card information are now in the hands of someone, other than the hotel staff, that can abuse the process and use this information to steal personal information.  Make sure you have written agreements with these companies, together with clear and precise language in the contracts prohibiting any type of use of the information contained on the tapes.  The information on the tapes should be limited to hotel use only.
  • In case one or more of your guests’ identity has been stolen during their stay at your hotel or motel, be prepared to offer assistance by sharing with them the FTC hotline for identity theft at 1-877-IDTHEFT (438-4338) and their accompanying website This will enable them to get a head start on the process to regain control of their identity.

Diana S. Barber, Esq., former vice president/associate general counsel for The Ritz-Carlton Hotel Company is the founder of LodgeLaw, A Division of Barber Law Associates, a law firm specializing in hospitality law.  She also teaches at Cecil B. Day Hospitality School at Georgia State University and is a member of Georgia Hospitality & Travel Association.  For more information, Ms. Barber can be reached at (770) 813-9363 or

 Diana S. Barber, Esq. 
LodgeLaw, P.C. 
5925 Masters Club Drive 
Suwanee, GA  30024
(770) 813-9363 
Also See: LodgeLaw, P.C., a Hospitality Specialty Law Firm, To Open in Northeast Atlanta; Firm President is former Ritz-Carlton Vice President and Associate General Counsel / June 2003

To search Hotel Online data base of News and Trends Go to Hotel.Online Search

Home | Welcome! | Hospitality News | Classifieds | Catalogs & Pricing | Viewpoint Forum | Ideas/Trends
Please contact Hotel.Online with your comments and suggestions.