​Some hotels choose to hide their figurative eyes rather than face a property’s security and safety issues, believing that it is a good strategy for limiting liability in civil lawsuits. But courts have held hotels to the security and safety standards and best practices in place at the moment a critical incident occurs. No claim of ignorance of local standards nor any amount of retrofitting will absolve the company from a charge of negligence. What can reduce a hotel’s liability, however, are regular internal security audits, proper records, and the correct use of CCTV.

Self-critical analysis. Anthony G. Marshall, president of the Educational Institute of the American Hotel and Lodging Association (AHLA), explains, “By common law, hotels are required to exercise ‘reasonable care’ for the safety and security of their guests.” This continuously evolving standard clearly requires hotels to inspect for hazards. “Then hotels have two choices: repair or remove the hazard or adequately warn guests about it so that the guests can avoid it. The failure to do either can result in a finding of negligence,” he states.

The courts have said that hotels must take “a reasonable and prudent approach” to security, says Jim Stover, hospitality service director with Wausau Insurance. Courts do not demand that “one break-in in a parking lot results in a barbed-wire fence,” he explains. Each facility simply needs to come up with solutions that work best for that location.

Marshall recommends that hotels create an in-house security and safety committee composed of representatives from each hotel department. The committee should convene monthly to tour a selected department as a group, looking for ways to improve security and safety. Afterward, the committee should meet with the general manager to discuss its concerns and possible solutions to any problems found.

The existence of an in-house committee dedicated to the improvement of safety and security can help the hotel demonstrate its commitment to these issues. “It shows an encouragement of security culture,” he notes.

A more extensive self-analysis is the internal security audit. While major hotel companies such as Marriott have security auditors available from corporate headquarters, smaller hotel chains usually do not. In that case, most insurers will work with the hotels, says Stover.

It benefits both parties, he notes. From the perspective of the insurance carrier, helping the hotel reduce general liability will help the insurer hold down both worker’s comp and guest claims. And for hotels, the benefits are not only better security, but sometimes bottom-line savings.

“I preach it to policyholders,” Stover states, stressing that audits should be conducted annually if not more often. In some cases, he notes, the audits provide the justification for revamping the property’s security to increase cost-effectiveness.

Stover cites the case of a Wausau-insured hotel in Texas that was paying off-duty state police approximately $100,000 per year to act as security officers. After an audit that included a thorough review of area crime and business security norms, the hotel decided to replace the police with electronic keycards and an in-house unarmed security officer, providing the same level of security at much less cost.

Dick Hudak, formerly the director of security for Sheraton Hotels and Resorts, says that Sheraton’s insurance carrier conducted safety audits, looking at such areas as the boiler room, fire escapes, and gas supplies entering the kitchen. Hudak, who is currently the corporate safety and security director for Loews Corporation, favors having corporate security handle the audit if possible. At Loews, which owns 20 properties in major U.S. and Canadian cities, Hudak enlists the company’s insurer to conduct yearly safety audits; then he follows up with a more detailed security audit.

Ray Wood, director of loss prevention for Marriott Vacation Club International (MVCI), agrees that audits in conjunction with the insurance carrier are valuable. Wood, who is responsible for more than 50 properties as far afield as Thailand, Spain, France, and Aruba, says that such audits are a good way to reduce liability and maintain the focus on prevention.

According to Wood, all new MVCI properties need to undergo a security audit before opening and then are usually audited annually thereafter. Wood, who heads up the audits, says that they include a walk-through of the physical property to identify potential security and safety problems such as poor floor surfacing and inadequate exterior lighting.

During the audit, Wood also makes sure that all construction meets local and Marriott standards. In addition, he talks with all department heads to assess whether the hotel is in compliance with Marriott’s internal policies and practices and whether there are areas where security training is lacking. If problems are discovered, arrangements are made for appropriate remediation.

Wood reviews all safety reports as well, along with the outcomes of in-house security and safety meetings and the trends in area crime statistics to determine whether there has been an escalation of incidents such as car break-ins or sexual assaults that may indicate areas where security practices should be scrutinized. The area crime profile can be gleaned from local police departments (many of these are beginning to place crime statistics online) by requesting a crime-grid report for the area surrounding the hotel. There are also companies that produce crime grids for a fee. Another way to identify local crime trends is to canvass area hotels and businesses to discover the types and frequency of security incidents that these establishments have experienced.

Central Florida attorney Jim Etscorn, a partner with Baker & Hostetler, LLP, has defended numerous large lodging properties in civil litigation. “If there is a particular type of crime in the area, the hotel should consider how to prevent its occurrence on the property,” he says. Otherwise, if a similar incident subsequently occurs on the property and someone is hurt, “the hotel will find it difficult to justify its lack of action in court.”

Internal audits only. De Treville (a coauthor of this article) and all the experts interviewed for this article agree that security audits and related documentation should remain internal affairs. No states or jurisdictions require outside security inspections, but some companies offer inspection and certification services, claiming they provide a way to show guests that security is a priority at the property. This desire is economically driven, as market research has shown that a high percentage of travelers factor hotel safety and security into their choice of lodgings and that they would be more likely to stay in a hotel that is safety and security certified.

“Hotels today are safer and more secure than ever before because of this market demand,” says the AHLA’s Marshall. But Marshall says that a nonprofit organization representing the hotel industry would be the preferable accrediting entity.

However appealing to the customer, “inspections by outsiders is a dangerous premise,” says Wood. While some states protect the records of inspections performed by law enforcement officers, plaintiffs attorneys can subpoena other outside audit records. The results of outside inspections can, therefore, be used against hotels in civil court, he explains.

Records. Written records of a security audit can be akin to a double-edged sword. No records or poor records will make it difficult for a hotel to credibly assert in court that it regularly assessed its security and corrected problems. However, records that are too detailed may simply provide ammunition for the opposition should a civil case be brought.

Hudak believes that it is better to make “sweeping statements” in an audit report, while making a more specific oral report. For example, the written report might say “improve visibility in hotel parking lot,” while the oral report specifically recommends cutting back trees and increasing lighting foot-candles. Conversely, the response to the general recommendations of the audit should be documented to indicate exactly what follow-up actions were taken and to prove that a reasonable effort was made.

CCTV. One liability issue that vexes hotels is the use of CCTV cameras. Although cameras were initially viewed by some visitors as an invasion of privacy, most guests have done a volte-face over the last decade and now say they enjoy the sense of security derived from feeling that someone is watching over them. The problem is that seldom is anyone watching.

Many hotels do not have the staff to dedicate to full-time camera monitoring. They record their camera images as evidence for vandalism and for use in other postincident investigations. But plaintiffs attorneys have used the lack of monitoring to posit that the hotel did not “think it was important enough to dedicate a person to watch,” says Hudak.

According to Marriott’s Wood, because courts have held that “if you can afford the cameras, you can afford someone to watch them,” all of the company’s MVCI properties with CCTV also have 24-hour monitoring by dedicated security officers. Whether a property has cameras is based on the security assessment of the site.

“CCTV systems are typically $20,000 to $100,000, plus the cost of labor. Some hotels just don’t need them because they don’t have incidents,” Wood explains. “We put them in when there have been incidents or we feel an incident is likely to occur. Each property stands on its own.”

All MVCI hotels are also designed using the principles of crime prevention through environmental design, says Wood. Thus, properties without CCTV systems still have been built and landscaped to increase witness potential and decrease the likelihood that a perpetrator would choose that area to commit a crime.

Too much territory? Whether the use of CCTV in hotel parking lots and garages increases liability is another issue hotels must consider. Stover, a member of the Loss Prevention Committee for the AHLA, says that it has always been the committee’s recommendation that CCTV not be placed in parking lots unless it is monitored around the clock.

Hudak says that one hotel general counsel he has talked with takes the view that by placing cameras in parking lots, the property is “expanding its zone of protection,’ thereby increasing liability.

Marshall does not believe that cameras should be eliminated from parking lots because of this supposition alone, however. “If you get an economic benefit from directing people to park in that area, then in court the security blanket may be extended that far” regardless of whether there are cameras or not, he says.

Loews’ Hudak shares the view that cameras in parking lots increase liability. While they do deter crime, he says, cameras also raise the expectation of response. Additionally, cameras can suffer from placement issues and be affected by weather conditions, even when they are continuously monitored. He believes it may be better to introduce regular guard tours of the lot and increase lighting and witness potential. These options may also prove more cost effective.

Signage. Because a visible CCTV camera might encourage a guest to venture into an area he or she would otherwise have avoided, Marshall recommends that appropriate signage be placed near the unmonitored cameras or at the front desks. For example, signs might read “This camera records on a 24-hour basis” or “Security cameras tape all public areas. No continuous monitoring.” Marshall does not believe that revealing a lack of monitoring will cripple the camera’s deterrent value. “Crooks don’t want to be on video no matter what,” he says.

However, Marriott’s Wood disagrees. In court, he says, “perfectly innocent activities can be twisted. For example, if a company has signage in place and it’s only in English, a plaintiff’s attorney could argue that it should have been in multiple languages. Instead of getting credit for the signage, it’s used against them.”

Hotels can take advantage of CCTV technology without increasing liability by designing a “nonreactive” system that focuses cameras on access points such as the lobby entrance, the loading dock, and stairwells, says Hudak. Areas of increased liability—the swimming pool, exercise room, game room, and parking lots—should be part of regular patrols by security staff.

The experts interviewed also agreed that a camera should record the front desk. Audio is not recommended, as it is illegal without consent in most states and can raise privacy concerns. For example, a front-desk employee of a Kanawha County, West Virginia, Comfort Inn brought a civil lawsuit in a case that involved recorded audio as well as video. The employee charged the hotel with invasion of privacy. A jury decided that recording audio had violated laws against wiretapping, and the plaintiff was awarded both punitive and compensatory damages.

Limiting hotel liability is, in itself, a risky business. But security audits, good record keeping, and proper use of CCTV will help to make the property safer and to secure the company against charges of negligent security.

Richard H. de Treville, CPP, is security consultant for the Florida Hotel and Motel Association and director of security services for Safemark Systems, Inc., of Orlando. He is a member of the ASIS Council on Hospitality and Themed Entertainment. Ann Longmore-Etheridge is associate editor of Security Management.