I’ve written before about how businesses need to carefully safeguard the privacy of their customer’s information, but a recent privacy incident nearly took my breath away because it struck so close to home. It’s not because of what actually happened but what could have happened.
Here’s what transpired: My wife and I were recently traveling to a distant city. We both have crazy schedules, so we wound up taking separate flights. She arrived before me and checked into the hotel to take a nap. When I got to town a couple hours later, I hopped onto the hotel shuttle and was promptly whisked to the front desk.
I’ll pause from telling the story for a moment to note that the name of the city and the identity of the nationally recognized top-tier hotel chain won’t be part of this story. It’s not my intention to single out one community or one company or to get a poor front-desk worker fired because I’m creating a privacy fuss over something that could have turned into a serious privacy blunder (but fortunately didn’t).
So, back at the front desk, I gave the smiling and courteous check-in person my name (not my photo ID and not my credit card, but just simply told her my name). Perhaps it was my bubbling charisma (maybe) or my good looks (doubtful), but she smiled again, handed me a key and wished me a pleasant stay. I nodded, smiled back with a perplexed look that is probably typical of jetlagged and weary travelers, and went up to the room where my wife was sleeping. Although I appreciated the courteous and well-intentioned actions of the front-desk person, unfortunately, our world is not as safe as it once was.
My wife’s privacy, security and safety were nearly violated because no one asked me to confirm who I was. What if someone else overheard my wife when she checked in and when she left instructions for the staff at the front desk to give a guy named Jeff Finkelstein a key? Could someone pretending to be me assume a confident air and sport a trustworthy smile and receive a key to her room? This thought (and others more sinister) ran through my mind. Suddenly, even the quiet and soft notes of the music playing in the elevator couldn’t soothe my nerves. I’m sure official hotel corporate policy written on page 257 of the employee handbook clearly states that hotel staff must check a photo ID before they hand over a key to a room, especially when someone else is already in the room.
The problem is one of human error, and humans tend not to learn well from policies stated in a thick, four-inch binder that’s probably collecting dust in a storage room. We learn best from stories, from real things that happen to real people. So if you’re reading this article and you relate what happened to me to how your business or organization collects, shares and uses customer information, resist the urge to type out a terse memo to your staff. Instead, just forward my story to them with a couple comments like: Let’s make sure this doesn’t happen here.?