Once upon a time, ESPN host and celebrity Erin Andrews checked in to the Marriott Nashville while traveling to cover sports events. We all know what happened next – a stalker, a camera in the peephole, a viral video and a massive lawsuit finding the hotel at fault (and rightfully so given the scale of this security breach). What’s most important for you as hoteliers not directly affiliated with this property to understand are the implications of this case – both from a risk management as well as an insurance perspective – of which there are many.
The scariest part of all this is that even with the best practices already in place, this incident might have still happened. However, what every hotel must learn from this is that the hotel was not found culpable by a jury because the stalker was successful, but because the property made it easy for this stalker to make the video.
Insurance policies
First off, you should know that if a hotel is corporate-owned and operated, it likely has a massive insurance umbrella policy for a few hundred million dollars. They self-insure for a large amount of this, maybe $25 million. And if it is a franchisee owner-operator, they have to carry this $25 million of liability insurance (most franchisees are required to carry at least $10 million) along with the primary $1 million per occurrence.
So, when you burn through the first layer of liability and add the umbrella required to be carried, $26 million is already in play. I’m inclined to believe that the primary general liability carrier admitted defeat in this case, instructed involved parties to pay the full amount and looked to the umbrella carrier to take on the rest. Not that they did not put up a legal fight on the merit of the case, but they likely knew they were going to get blown away.
This sense of impending doom often triggers insurance industry underwriting to change dramatically. There will be numerous questions in the next few years about ‘peep hole maintenance’ on every supplemental application to obtain hotel insurance. And it will crossover to how to properly verify someone is a guest at the hotel when they cannot properly identify themselves.
Risk management takeaways
From a risk management point of view, it goes without saying that employees must be better trained to never give out any information about guests at the property. If someone calls and asks to be put through to a specific guest, you can place the call to the room if they are registered, but you do not confirm or deny the guest is actually registered there. If the hotel operator is pressed to confirm if a guest is registered, tell the caller the policy is to put them through based on the information on hand. Blame it on the computer, but never admit or deny anyone is staying there by name.
Building on this, if someone calls for a guest who does not answer, then asks if said guest is registered, the hotel staff should simply say, “I will try to connect you.” If the caller is adamant about reaching this person, perhaps by invoking a sense of urgency (hospitalization, death in the family, business emergency and so on), you simply advise that all you can do is try to connect you to the party without confirming or denying they are a guest.
Next, peephole functionality (and cleanliness) must be added to the housekeeping checklist, much like checking to make sure the fire evacuation map is in place. This shouldn’t take more than ten seconds.
Thinking more holistically, we must brainstorm potential cases where hotel employees may be lax on security protocols, and then adjust the procedures accordingly. As an example, an intoxicated guest shows up late at night and says he lost the key to his room. Does the front desk or night auditor demand identification to confirm that the guest is who he says he is? Or, does the hotel staffer blindly trust this guest because he looks to be impaired? In large conference hotels, these procedures are in place and working, although often the front desk clerks are not accompanied by dedicated security team members better suited to handle these nuanced scenarios.
In the next year or two, there will more detailed questions emanating from insurance companies asking about common sense procedures with respect to guest privacy and safety, all stemming from the huge payout in the Erin Andrews case. How does a hotelier prevent a guest of the hotel from stalking another guest, whether that takes the form of following another guest to his or her room, or by forcibly entering another guest’s room? Would these hypotheticals be treated differently if the assailant was intoxicated?
Ultimately, these are new spins on age-old issues in the hospitality industry. Regardless, hotels are expected to react accordingly if they wish to be in their insurance providers’ good books in the foreseeable future. Adapt to new industry standards, mitigate the risk, and you’ll be just fine.
About the author
Tom Cleary is an Equity Partner with the Sihle Insurance Group in Clearwater Florida and a member of Cayuga Hospitality Consultants. Based in Florida for his entire career, Tom has expertise in commercial insurance with a focus on hospitality and real estate as well as flood and wind exposures. Products offered include property, liability, automobile, crime, umbrella and workers’ compensation throughout the United States and the Caribbean. Tom also serves as a regional director for The Cornell Society, has been a board member and longtime member of the Florida Restaurant and Lodging Association, and serves in an advisory capacity to the Resort Hotel Association.
