web statistics
Hospitality Posts
Hospitality Posts

Hospitality Posts (140)

Generation Y, commonly referred to as “millennials,” comprise the roughly 80 million people who were born between 1976 and 2001. A great deal has been written about this unique generation that has grown up immersed in a world of technology and social media: they are frequently stereotyped as self-involved with a strong sense of entitlement, coddled, and even labeled “Generation me.” Regardless of whether these frequently bandied about assertions are true, in the next few years, millennials will make up approximately 40% of the U.S. population. In the hospitality industry, this means not only tailoring and reshaping services to accommodate millennials, but also recognizing that an increasing percentage of hotel and restaurant employees are currently, or will be, part of this generation. Notwithstanding the likelihood that millennials will flock to this robust, growing industry, it only makes sense that hotel and restaurant employers would be actively looking to hire employees who mirror their customer base.

In terms of attracting and hiring millennials, employers should be mindful that this is a generation that fully embraces technology. Thus, job descriptions should always be listed online, and posts should be creative and convey sufficient information about a company’s culture and career path opportunities. Millennials seek employment where they perceive they will be doing meaningful work, and care a great deal about the environment and sustainability. They are the most ethnically diverse workforce to date. In terms of motivation and training, millennials seek constant feedback, and prefer to be coached rather than managed. They tend to change jobs frequently, want flexibility with their schedules and are reticent to embrace a traditionally typical work shift, or work day.

While employers will want to take certain considerations into account when recruiting and retaining new millennial talent, management should be cognizant of the potential legal implications of unwittingly kowtowing to some of these employees’ most common workplace expectations.

Do Your Due Diligence

Social Media Policies: 

While it is important to embrace technology, hospitality employers need to implement clear, specific social media policies.  The National Labor Relations Board (NLRB) has found that most social media policies are overly broad and unlawful. Social media policies cannot constrict free speech, or chill an employee’s right to organize.  Thus, if your employee takes to LinkedIn or Facebook to complain about what he or she perceives to be an unfair work policy, it is considered protected speech and cannot be retaliated against.  Further, many companies have internal online job boards where employees can share information, and post video clips.  Hospitality management should be clear regarding what constitutes an appropriate post.  


While having a diverse workforce is optimum, hospitality management needs to ensure that they are providing routine training on harassment and discrimination in the workplace.  There should be a clear anti-harassment policy disseminated and explained, and employers should keep up with changes in the law regarding religious discrimination. 

Flexible Work Schedules:

Veering away from standard shifts in the hospitality industry can potentially lead to problems. Hotel and restaurant management face off-the-clock exposure, and unorthodox schedules could also make it difficult to track hours.  Overtime, meal and rest break violations are fertile ground for class action lawsuits, and employers should be careful to keep accurate records with their timesheets and payroll.  

Managing Versus Coaching, Consistent Feedback: 

Written documentation is imperative when it comes to employee feedback.  Hospitality management should treat all feedback as if it were a performance review, and document all comments noting both exemplary and poor performances.  Further, millennials want to be promoted quickly, so be careful not to make promises you cannot keep if you are commending an employee’s work.

Job Hopping: 

Hospitality employers need to continue to recruit, harness and retain talent, while acknowledging that most members of this generation change jobs quite regularly.  Hence, it’s important to have solid confidentiality and non-solicitation agreements in place to protect trade secrets and prevent improper customer solicitation, should an employee leave to work for a competitor.  

Providing Access to Information, Knowledge Sharing:

Millennials want to be in the know, and crave transparency.  This means hospitality employers should ensure they are taking the proper steps to protect their businesses should their employees be given access to sensitive, confidential information.

Continuing Education Policies:

Those hotels and restaurants that offer continuing education in hospitality management for interested employees need to ensure that these policies do not have a discriminatory impact on a protected class of employee.

Job Security: 

Ironically, despite the fact that they tend to change jobs often, millennials have an expectation of job security.  Management should always convey from the outset that the employer-employee relationship is “at-will” and can be terminated at any time, and for any reason.

As it continues to experience significant growth, hospitality will remain an exciting, cutting-edge industry that continues to attract talented individuals. While managing millennials will certainly require an adjustment in approach for traditional-minded hotel and restaurant owners, it is worth the effort, as this generation houses an arsenal of creative and innovative talent. Learning how to get the most out of working with millennials, while being mindful of the potential legal downfalls, will help your hotel or restaurant strike a healthy balance.



While restaurant management may have good intentions to develop an allergy accommodation program, it may never be fully instituted or fully communicated to the staff. The Model Retail Food Code which was modified by the FDA in 2009, states that the “Person in Charge” of a food establishment must know and understand food allergens. They are also required to make sure that their employees are trained how to handle food allergy guests and how to recognize allergy symptoms.

The first food allergy case I consulted on involved a man who told his server that he was allergic to seafood. She recommended that he order the French fries. The restaurant was extremely busy, which means the kitchen was very busy too. She eventually served him the French fries. The patron consumed them. Within 10 to 15 minutes he began to feel uncomfortable and made his way to the ER. Shortly after he arrived, the man expired. The cause of death was attributed to anaphylactic shock due to a seafood allergy. The fries were cooked in the same oil as the calamari. The restaurant had written policies in place which stated that the food for anyone with a seafood allergy was supposed to be fried in a separate pot with fresh oil. However, no one enforced or followed the rules. The restaurant was so inundated that there isn’t a clear idea of how or when the policy was violated. Either way, the lack of communication between the staff on food allergies probably resulted in the death of the man. Since the man was 72 years old, his family agreed to settle for $1.2 million. If the person had been younger, the settlement would have been considerably larger. All in all, had the restaurant followed the established allergy program, this tragedy could have been avoided.

The major food allergens to watch out for include: milk, eggs, peanuts, tree nuts (such as almonds, walnuts and pecans), soybeans, wheat, fish and shellfish (such as crab, lobster and shrimp). The latest allergy trend appears to be guests that request gluten-free products. 

Some tips to manage allergy accommodation include having a written policy that has been fully communicated to the entire staff. All allergy training should be documented and employees should be evaluated for competency. The wait staff should be trained on how to effectively listen to the allergy concerns of their patrons and how to communicate their allergy needs to the kitchen staff. The restaurant needs to have a master menu that lists all of the ingredients required for that dish in case a patron inquires. The days of “Secret Recipes” are long gone. Transparency is the new standard. All servers should know who the most knowledgeable (PIC) about food allergies or ingredients on any given day if a patron has any questions.

Any allergy training should include a section that reviews the signs and symptoms of allergic reactions. It’s important that the staff understands that the symptoms of a food allergy tend to develop within minutes of exposure, but may take as long as two hours. The most frequent signs include: a) hives, itching, or skin rash; b) swelling of the lips, face, tongue and throat, or other parts of the body; c) wheezing, nasal congestion or trouble breathing; d) abdominal pain, diarrhea, nausea or vomiting; e) dizziness, light-headedness or fainting.

Of all the issues that a restaurant must deal with, it can seem like allergy accommodation is not a priority. However, this can be a life threatening matter. There are roughly between 200 to 300 reported deaths due to food allergies. In addition, there are over 30,000 ER admissions, half of which are due to restaurant related situations. One way to combat this situation is to purchase and provide kitchen staff with a purple allergy tool prep kit. Another way is to have an advisory notice on the menu that states if you have a medical condition or food allergy please inform your server. One best practice to institute would be to designate one person in the front of the house to deliver allergy safe orders to patrons and one person in the back of the house to prepare it. Since there are many issues to be confronted in regards to allergy accommodation, allergy programs should be reviewed by a food health and safety expert before training and implementation begins.

When the inevitable happens call 911 and report that a guest is having an anaphylactic shock at your establishment.

Food allergies are as unique as each individual who has them. To avoid problems in the future, food safety and allergy training are imperative to the success and safety of your restaurant.

Allergy Facts:

Peanuts is the most common food allergen for children

Shellfish and peanuts are the most common food allergens with adults

Allergens can be transmitted in frying oil or steam

Serving Tips:

Sanitize menu jackets between uses

Replace condiment containers and holder with a set that has been sanitized

Set up a code on order slips that indicates the specific allergen to avoid for the kitchen

Have mock allergy rehearsals to test the efficacy of your allergy program

Check labels – tuna may contain casein, Worcestershire contains anchovies, soy sauce contains wheat

Most hospitality businesses allocate time and capital to efficiently collect and process data in order to improve sales, customer service and loyalty, and operations efficiency. Technological advances have made it easier to manage a wide range of information about customers, vendors, and employees. Virtually all businesses that use computer systems are to some extent vulnerable to costly exposures associated with system breaches.

Hotels and restaurants are no exception and, in fact, have much higher levels of exposure because they collect vast amounts of private data from customers as a part of their day-to-day operations through credit card transactions, online reservations, and rewards programs. Private data may be both personal (names, physical addresses, email addresses, social security numbers) and financial (credit card and banking). While technology helps your business run more efficiently, it also increases your risk for data privacy and security breaches, as well your liability to affected customers. Unfortunately, many hospitality companies have not upgraded their risk management plans to address the inherent exposures associated with today’s sophisticated data management. A breach can severely impact the financial stability and continuing success of a company, and so it’s important to understand the risks associated with data breaches and to develop plans to mitigate them.

Hospitality: A Targeted Industry

According to Nicholas J. Percoco, hospitality businesses often proves to be an easy target for criminals who are looking for high transaction volume, a large database of customer records, and low barriers to entry. In fact, organizations analyzing data breach trends consistently cite hospitality as the single most vulnerable industry:

Percoco, head of Trustwave Spider Labs, believes that the criminal element targets the food and beverage industry because of high transaction volume, which makes it possible to turn criminal activities into money very quickly. Trustwave Spider Labs found that food and beverage companies not only have systems that are vulnerable to infiltration, but often fail to detect a breach until long after it has occurred. Their study revealed that criminals stay undetected in a breached food and beverage system for an average of 173.5 days. The combination of high transaction volume and undetected breach time can prove devastating to a business.

A common misconception is that only large organizations need to worry about protecting against data breaches. In Verizon’s 2012 Report, two-thirds of the 855 investigated incidents occurred at businesses with 11 to 100 employees, a common size for many hospitality enterprises. However, no hospitality company is immune. Smaller, independent enterprises are vulnerable because they are small and may have systems that are easily breached. On the other hand, franchise operations often share a regional, national, or international data system that, once breached, can affect all or most of the individual franchisees.

Most businesses today have data privacy and security exposures, which may include 1) a presence on the Internet, 2) data on servers connected to the Internet, 3) file maintenance that contains personal and/or financial information, and 4) transmission, storage, or processing of data such as credit card payments. Businesses in the hospitality industry need to be particularly cognizant of these exposures. It is important to develop programs to reduce the possibility of a breach and take steps to mitigate the impact of a breach before one occurs.

Costs of a Data Breach

A company that experiences a breach can incur a range of costs that quickly add up to a substantial loss. When private data is compromised, your expenses could include notification and claims processing, credit monitoring services for affected individuals (to lessen the potential for civil suits), and employment of a public relations team (to assist with damage control and preservation of your reputation). There may be additional costs associated with finding and fixing the root cause of the breach, and recovery of lost data. Finally, you may have liability claims for failure to have reasonable safeguards in place to protect personal and financial data.

In the event of a breach, you are responsible for notifying the affected individuals. In fact, 46 states have enacted broad privacy laws pertaining to notification whenever personal or financial information might have been compromised, lost, or stolen. Furthermore, if private data of individuals from other states is affected, you must comply with each applicable state’s laws. For those in the hospitality industry, compliance can be costly and time consuming because it entails research into the privacy laws of the state of residency for every potential affected customer. Since many hotels and restaurants depend upon customers from all over the United States (as well as other countries), notification requirements and the related costs are of particular importance. The possibility of regulatory violations and fines can be drastically reduced if you have an adequate plan in place ahead of time.

Estimates of the average incurred cost for a breach vary between the studies, but one thing is evident: it’s expensive. According to the Ponemon Institute’s 2011 report

, the average cost of a data breach in 2009 was $6.75 million per incident and $204 per individual record. The immediate financial cost of a data breach is only part of the story. It can cause a loss of customer trust and a tarnished reputation, which can be extremely difficult and expensive to rehabilitate. This is especially true for hotels and restaurants, which usually have high public profiles.

Data Security and Risk Management Basics

There is no doubt that the risks associated with data retention and transfer are real and significant. For a hospitality organization, it is of paramount importance to identify areas of exposure and develop adequate risk management programs that address data privacy and security. To help you get started, here is a list of questions (from Cyber insurance specialist Swett & Crawford) with my added commentary:

Is the corporation aware of all applicable state and federal privacy laws and notification requirements pertaining to customer data?

  • Due to the wide geographic dispersion of your clients, it is best to do this research upfront. If a breach occurs, you may not have adequate time to research and comply with state laws, which may be time sensitive. Missed deadlines could lead to costly regulatory fines and penalties.
  • Make sure that your organization is compliant with The Payment Card Industry Data Security Standards (PCI DSS) and any other standards that apply to your organization. Helpful information on PCI DSS can be found here.

Is any personal identifiable information (PII) or client confidential information stored on computers or in paper files on premises? If so, where specifically is the data stored, how is it secured, who has access and how many PII data files are there?

  • PII is often defined as unique information that can be used to identify, contact or locate a single person. In Washington state, PII is defined as an individual’s first name (or initial) and last name combined with one of the following: social security number, bank account number, credit or debit card number (including security code access code or password), driver’s license number, or a Washington identification card number.
  • Track personal data throughout your entire information infrastructure and identify all parties that have access to this data. Conduct an audit that gauges employee access to and use of personal data.
  • Make information security a written workplace policy.

Are all of the companies laptops encrypted? Are portable media devices like thumb drives prohibited or at lease encrypted?

  • Devices such as laptops, smart phones, external hard drives and flash drives all present possible data security threats if lost, stolen, or hacked. While most people assume that system hackers are the greatest threat, recent studies show that lost or stolen portable devices are the most common cause of data breaches.

Has the company implemented strong internal password controls and training to all employees?

  • Make sure passwords are strong. It is also a good practice to reset passwords periodically—90 days is a good timeline—and never duplicate passwords. It’s also a good idea to reset default passwords.

Are the company’s firewalls current and all security patches regularly updated?

  • A firewall can be the best defense when trying to isolate and contain breaches. Despite the expense, it is beneficial to invest in a robust set of firewalls that require user authentication.

Does the company outsource any services to third party vendors that may involve a client’s information? If so, do these vendors provide hold harmless and indemnification agreements with regards to any data breach involving personal identifiable information?

  • It’s a common misconception that outsourcing automatically transfers liability for data breaches to the vendor. It is vital that you have favorable hold harmless agreements and indemnification provisions in place with vendors, but even with these agreements in place, data owners can still be held responsible for compromised information.

Does the company have in force a detailed plan in case of a data breach?

  • In addition to developing and implementing a risk management program for data breach, risk transfer via insurance can be a cost effective risk management mechanism.

Data Breach Insurance Coverage Basics

Over 30 insurance carriers provide coverage that is tailored to specifically address exposures related to data breach. Naming conventions vary by insurance carrier, but some of the more common ones are Data Security, Data and Privacy, Cyber Liability, and Data Breach insurance. Coverage may be written on a standalone basis or combined with your Professional Liability or Media policy.

A properly structured policy will provide both first and third party coverage. First party coverage pays for direct losses incurred as a result of a breach including (but not necessarily limited to) notification costs, recovery of lost and destroyed data, forensic investigation expenses, credit monitoring and call center services for affected customers, business interruption losses, extortion demands, and public relations expenses. Third-party coverage protects companies from liability suits filed by individual customers, credit card companies, regulators, and various other third parties. Coverage should extend to defense costs as well as damages. Depending upon the carrier and insurability from a legal standpoint, it may also cover regulatory defense, fines, and penalties.

As a hospitality business, your financial stability and continuing success depend upon a proactive approach to data security risk management. Lax security practices or a security gap could result in a breach that encompasses massive amounts of stolen data, creating financial loss for your customers, vendors, and employees, as well as your business. It’s important to do all that you can to protect yourself from a breach. It’s equally important to devise a solid risk management plan, including insurance coverage, to mitigate the severity of loss when one occurs. If you have not yet done so, consult with your insurance professional about your data exposure and risk management solutions.

Dear Hospitality Professional:

HELLO!  The Mid-Atlantic ADA Center at TransCen, Inc., and researchers at the University of Maryland at College Park, are conducting a survey of your experiences with providing reasonable accommodations to employees with disabilities in the hotel and lodging industry. We hope our study’s findings will guide development of training and technical assistance activities for aiding personnel in the hotel and lodging industry to more effectively handle requests for reasonable accommodations from employees with disabilities.

We welcome your participation in this 12 to 15-minute electronic survey. As a token of appreciation for completing the survey, we are offering a voluntary opportunity to enter a lottery to win a $10.00 VISA gift card. You have a 1 in 5 chance of winning a card. 

If you are interested, please click on the link below. If you have other colleagues who might be interested, please feel free to distribute this invitation email to them.

We appreciate your time! 

LINK TO Reasonable Accommodations Survey on SurveyGizmo:


Danger in the Grass

Authored by Joe Samnik

At today's business meetings, conventions, and trade shows, the destination venue plays a key role in attracting attendees—sometimes as much as the agenda. The first thing at a prime hotel or meeting venue to grab your attention is the landscape: beautiful flowers that you only wish were in your home or office, gorgeous palm trees whose trunks look like they were hand-cut into the shape of diamonds, green rolling hedges, flowering trees, variegated shrubs, and a carefully-manicured carpet of green grass. What a sight! You feel compelled to walk upon it, smell it, and touch it, connecting with your instinctual imperative to bond with nature. However, be warned: There are hidden dangers lurking in such a pristine landscape. The following real-life cases serve as cautionary tales for those who would dismiss or ignore these hazards. 

Thirty-One Flavors


After finally making up his young mind on which flavor of ice cream he desires, a little boy and his father must now decide where they will sit to enjoy their culinary delight. Wait, there's the perfect spot! As the boy and his dad bond over their ice cream, nestled in the shade of a multi-stemmed palm tree, an invisible lack of structural strength is eroding the ability of the palm trunk to support itself. Without warning, the tree falls and lands on the little boy. During the investigation that followed this tragedy, the trunk remnant reveals a very specific variety of mushroom: a basidiocarp, the fruiting flower of the disease that caused the tree to fall, and a very obvious sign of trouble in a palm tree for the knowing eye.

Action Plan: In addition to periodic inspections by qualified professionals, make certain that all staff members are charged with the responsibility of noting and reporting any abnormalities or unusual, if not obvious, tree problems.

 To Build a Fire


Few can deny the joy of camping in the woods. There are some basic decisions to be made, like where to place the camping chairs so that the smoke from the camp fire does not disrupt the enjoyment. In this case, the loud and sharp cracking noise of the decayed trunk buckling under its own weight was not understood soon enough as the 70 foot monster-sized tree crashed upon a chair’s occupant. A cavity was found in the trunk measuring four feet in length and at least eight inches in depth. 

Action Plan: Have all staff on constant lookout for cavities, dead branches, or other open and obvious problems. In addition, hire qualified professionals to inspect any abnormalities found by the

 When It Rains, It Pours


A woman in the midst of a brilliant career decided to make a run for it during a mosoon instead of staying in the gift shop and waiting it out. After a newly-installed palm tree fell and crushed the woman (who survived but was seriously injured), a number of experts testified that the problem was the number of temporary stakes propping up the palm tree. One expert opined that three stakes is enough to provide structural support. Another expert stated categorically that four stakes provided no more strength than three stakes. Yet another noted it did not make a difference because one of the nails, whose job was to be affixed to the support stakes, completely missed the target for which it was intended. Under the ground and out of sight, yet another phenomenon was occurring. Due to the heavy rains and perhaps a failed irrigation line or two, the sandy soils failed to hold onto the root system and simply let go of the tree. No external support system could have held the palm tree in an upright position. 

Action Plan: Have your registered landscape architect or landscape designer specify at which date the braces may be removed in their sealed landscape plans. As an added precaution, have your landscape architect inspect the barricades prior to brace removal, accompanied by a written report authorizing the removal.

poison plant

How do you occupy yourself while waiting in the lobby for check-in? Read, people-watch, check your email, or go to the bar? One woman from Michigan decided to spend this time investigating some attractive lobby plants. She cut off a piece of one plant she particularly liked, only to find her hand covered in smelly white sap afterwards. She immediately tried to wipe the sap onto a nearby couch cushion. When that didn’t work, she opted to smell the substance on her hand, and when this yielded no answers, she tried tasting the sap and promptly fell into the initial stages of anaphylactic shock. She then tore through the lobby, grasping wildly at her throat, jumping up and down, and manhandling anyone or anything that crossed her path. Emergency services were quickly summoned, but paramedics initially met with little success as they tried CPR and the Heimlich maneuver. Then they noticed the plant cutting and immediately administered an anaphylactic remedy. Later, the dangerously curious guest checked into her room after a brief stint in the ER.

Action Plan: Have your Interiorscape designer or landscape architect cross-reference their plant selections with several lists of poisonous plants.


Of course some folks cannot go on vacation without their best friend. In the guise of a service animal, but not fooling anyone in management of the Presidential room she reserved, this prized Afghan hound looked the part of the blue ribbon winner at the Westminster Dog Show, with her long and lovely pure white coat. This regal K9 eventually had to do her business, and nothing short of the finest display of turf grass would suffice for this necessity of life. No attention is paid to the sign posted on the lawn: Pesticide Treatment-Stay Off. This is a very unique animal, and the chelated iron, still dripping from the blades of grass to which it was applied for instant green-up results, stained the impeccably coifed long white coat. I’m guessing here that the owner went for one of those new short hair cuts that are such the rage among the coterie of elite dog owners.

Action Plan: Have your certified pest control operator apply chemicals at zero or low traffic times of day.



Have you noticed the lengths to which corporate America will go to demonstrate that it is green? Not to be outdone, one resort mass-planted a ground cover of Japanese xeriscape foliage known as Euphorbia milli, or ‘crown-of-thorns’--with an emphasis on the word “thorns.” To be sure, this is a beautiful plant, with small green leaves and beautiful pink blooms. It does not grow much higher than eight or ten inches and will survive on rainfall alone. It has few, if any, insect problems and doesn’t tend to host diseases. But there are those pesky thorns, lots of them, long and very sharp. And, as a lady from Michigan discovered, its sap can truly do a number on you, especially when the sap gets into your eyes. Along the pathway leading to the children’s pool, a child attempted to pick a flower for his mom. After impaling his finger on the thorns, he instinctively reacted by jerking his hand away from the plant. Out came the sap. Then, in the midst of screaming and crying, the child wiped his eyes with the finger covered with sap and at least two protruding thorns. The child unfortunately will now wear a patch over one eye for the rest of his life.

Action Plan: Specify to your landscape architect that armed/poisonous plants should be kept away from traffic areas. Please learn from these tragedies! Hire the right professionals who can assess what is planted and where it is planted. Have your staff be on the lookout for abnormalities and unusual problems with trees.



Rimkus Consulting Group and Joe Samnik have worked together for a decade. Joe is a consulting arborist entering his 46th year of consulting on the complex issues of trees and landscapes. Joe is the recipient of the Lifetime Achievement Award for excellence in arboriculture, and has been the guest speaker at over eighty international, national, and state conferences. He has been named as an expert witness in more than 500 cases.


Infographic that talks about the top 5 trends in the hospitality industry for 2014 by Kendall College in Chicago.

Top 5 Trends in Hospitality for 2014

In 1904, Upton Sinclair spent two months in Chicago’s “Packingtown” uncovering horrific details about the meat-packing industry, which he portrayed in the classic book The Jungle. Public outrage over The Jungleprompted two new laws—the Food and Drug Act1  and the Meat Inspection Act2—that became early drivers of supply chain transparency in the United States.

More than a century later, companies continue to face scrutiny of their supply chain practices, including workers’ rights, product safety and integrity, and environmental responsibility. Evidence of this scrutiny in recent years is visible through a number of high-profile global events. Brands have been exposed. Coalitions have formed. And more stringent laws have been passed.3

Yet many companies struggle to achieve supply chain transparency. A recent study conducted at Stanford’s Graduate School of Business revealed that while most respondent companies have social and environmental systems in place for internal operations, less than a third have similar structures to monitor the practices of their immediate and extended supplier network.4

The dispersed nature of today’s supply chains creates increasing levels of risk for multinational businesses, making transparency both critical and complex. Without effective visibility into their supply chains, executives potentially have a significant blind spot in their enterprise risk management structure, from which substantial legal, financial, and reputational exposure could emerge.

Supply chain transparency isn’t easily achieved; it requires a solid foundation and continuous improvement over time. This article presents a practical four-step approach that companies can take to begin the process of building a transparent supply chain in the current global environment.

Why Transparency is an Imperative

In the past, considerable physical and temporal distance separated a supply chain’s upstream activities from the manufacturer and its downstream stakeholders. Now, the proliferation of technology, especially mobile devices, and the pervasive use of social media have brought upstream risks much closer to the eyes, ears, and voices of downstream stakeholders, including consumers, business customers, news media, regulatory agencies, and nongovernmental organizations.

At the same time, supply chain risks grow significantly as supply chains span more legal jurisdictions, different types of business practices, and widely varying cultural norms. In this context, transparency becomes the vital process of managing risks by accessing, learning from, and acting on supply chain information. By itself, transparency is an increasingly important capability for companies. But as part of a company’s broader attempts to build supply chain resilience—the ability to recover from and reduce the impact of key risk events5—transparency’s role is pivotal.

A Four-Step Process for Building Transparency

Even supply chain executives who understand the importance of transparency may struggle to prioritize activities and build a transparency process. For companies with traditional or non-traditional supply chains (see sidebar, “Risk and transparency in a non-traditional supply chain”), creating a high-level road map may help. A company can begin by identifying, prioritizing, and visualizing potential supply chain risks; then, it can use “transparency levers” to bridge information gaps; finally, it can move on to managing the insights gained from the process and monitoring the supply chain for additional insights going forward.

Download the Full PDF.

Co-authored by Lara Shortz.

It’s time to watch America’s waistline: menu labeling rules are coming at a fast and furious pace. Final rules regarding the Food and Drug Administration’s (FDA’s) proposed menu labeling are expected to be released later this year. Once enacted, the new measure will ostensibly create a national standard for menu labeling, requiring restaurants with 20 or more locations to display caloric and nutritional information (such as fat and sodium content) for standard menu items, as well as for food served in buffets and salad bars. By creating this national standard, consumers throughout the country will be exposed to nutritional information in at least 200,000 restaurants, including hotel chains.

Creating Public Consciousness Regarding Calories and Nutrition

The movement toward a national nutritional standard gained momentum as the public and various state and local governments grew increasingly concerned with the country’s obesity epidemic. While Americans consume about one-third of their calories (and half of their food budgets) at restaurants and fast-food outlets, few have an accurate understanding of the nutritional content of the foods served at these establishments. For instance, coffee drinks can range from 5 to 800 calories while hamburgers may contain as few as 250 calories or as many as 1275. A 2009 study by California’s Field Research Corporation revealed that only 10 percent of Californians could pick the healthiest item from a short list of common fast foods. That same poll indicated that 84 percent of Californians supported the concept of posting nutritional information in chain restaurants.

As public health advocates lobbied government officials to address staggering obesity statistics with remedial action, California led the charge, passing the nation’s first menu labeling bill in 2009. Under SB 1420, any restaurant with 20 or more locations in the state is currently required to provide brochures containing nutritional information at the point of sale from both the walk-up counter and drive-thru window. Beginning on January 1, 2011, restaurants were required to post calorie information on menus and indoor menu boards.

With the success of the California menu labeling law, other states and localities followed suit and passed similar measures. Soon thereafter, the federal government enacted the first federally mandated menu-labeling legislation. Section 4205 of the Patient Protection and Affordable Care Act was signed into law on March 23, 2010, requiring nutrition labeling of "standard" menu items for chain restaurants with 20 or more locations. The labeling would also be required for “retail food establishments” whose primary business is the sale of food to consumers—if the establishment presents (or has presented) itself publicly as a restaurant and more than 50 percent of its total floor area is used for the sale of food.

Members of the hospitality industry, initially skeptical of a uniform nutritional standard, have lauded the passage of this legislation. Fearing that conflicting local and state laws could lead to significant litigation, the federal bill was endorsed by all major hospitality organizations. By providing regulatory certainty to covered restaurants, this national solution will not only protect chain restaurants, but also give consumers the ability to make informed decisions when dining out.

Contents of the Bill

Specifically, the new regulations will require restaurants with 20 or more locations to post caloric and other information: (1) in a clear and concise manner, (2) adjacent to the name of the standard menu item, (3) clearly associated with the standard menu item, and (4) of the number of calories contained in the standard menu items as usually prepared and offered for sale. It also requires these restaurants to make additional nutrition data available to guests upon request.

The bill even addresses what constitutes an updated “serving size” to reflect “how people eat and drink today, which has changed since serving sizes were first established 20 years ago.”

The FDA may add further requirements regarding the posting of information on certain nutrients if it deems they are necessary for maintaining a healthy consumer diet. Items not listed on the menu, such as condiments, daily specials that are on the menu for less than 60 days per calendar year, custom orders, and food that is part of a customary marketing test for a period of less than 90 days, are exempt from the nutritional disclosure requirement. Alcoholic beverages, which are exclusively regulated by the Alcohol and Tobacco Tax and Trade Bureau, will also not be covered by the law.

How You Can Prepare for the New FDA Rules

Certain hotel chains, such as Marriott International Inc.’s Courtyard by Marriott, were proactive in rolling out caloric information. Courtyard by Marriott, which operates a chain of bistros that offer prepared foods and made-to-order items, tested its own calorie initiative at several of its Seattle locations in 2009. Printing calorie counts on the large display menus between the name of the item and its price, Courtyard discovered that its sales were not impacted and guest feedback was positive.

The FDA commissioner anticipates that restaurants and hotel chains will have one year to comply once final regulations are released. Restaurants will be best prepared if they ensure that all recipes match the labels on their menus and should seek expert analysis in order to obtain accurate nutritional information. Updating nutritional information as recipes (and menu labels) change is imperative.

Training is a necessary element to implementing the new regulations, and failure to adequately train one’s employees can lead to increased customer complaints, compliance issues, and potentially even civil liability for misrepresentation and/or unfair business practices. This means focusing back-of-house employees on paying close attention to recipes and portion sizes, to ensure that the prepared food is actually as described in the menu. In instances where menus change regularly, it is necessary to repeat training efforts often and monitor the back-of-house employees’ preparation of new offerings. This new requirement also makes it critical that those front-of-house employees are able to answer guests’ questions with respect to the nutritional information of all menu items. Front-of-house employees must know where to obtain the nutritional information upon request and ensure that guests are fully informed. Perhaps the greatest responsibility falls on ownership and management, who must be sure that systematic menu analysis is completed and regularly updated. This includes making certain that pre-packaged goods and beverages obtained from third-party vendors and/or other outside sources also identify the appropriate nutritional information. Of course, if additional time is needed for such training, as will necessarily be the case, employees must be compensated for such time.

By spending a little time on preparation, restaurants can ensure they meet the demands of the new FDA labeling rules and satisfy customers’ hunger for nutritional knowledge.


Hotels are faced with a delicate balancing act when it comes to maintaining guest privacy.  Hotel staff must comply with police investigations when noncompliance would constitute obstruction of justice.  At the same time, hotel employees must recognize their guests’ Fourth Amendment right to be protected from unreasonable searches and seizures.  If hotel employees comply with an unreasonable search or seizure that results in harm to the guest, the hotel could find itself exposed to civil liability.

Courts have recognized that the Fourth Amendment protection from unreasonable searches and seizures applies to searches and seizures in hotel and motel rooms.  Certain exceptions allow for warrantless searches and seizures, including consent.  In broad terms, the consent exception means that a party’s agreement, actual or implied to a search and/or seizure renders a warrant unnecessary.

In general, during a guest’s stay at the hotel, only the guest may consent to a search of his or her room.  While hotel staff members may access the room for cleaning and maintenance during the guest’s stay, they are not authorized to allow police to enter the room.  Thus, during a guest’s tenancy at the hotel, employees should not allow police to enter the guest’s room without a search warrant.

Fourth Amendment protections do not apply after a guest’s tenancy expires, at which point those employees with proper authorization from the hotel may aid the police and consent to a search of the room.  While this seems like a straightforward principle, it is not always clear when a tenancy actually expires for the purposes of the Fourth Amendment.  When faced with this lack of clarity, hotels can take certain actions to ensure careful compliance with the Fourth Amendment by issuing and consistently following policies regarding (a) guest checkout and (b) eviction of guests.

I. Checkout Policy and Procedure

A guest’s Fourth Amendment rights expire once the checkout time has passed. However, this may be modified by the hotel’s practices and guest communications.  Consequently, hotel policies and practices may extend Fourth Amendment protections past the guest’s pre-arranged checkout time. For example, if a hotel gives a guest permission to stay until a later checkout time or has a practice of acquiescing when a guest stays past the posted checkout time, Fourth Amendment protections last until that later check-out time.  Courts have found that after a hotel provided specific guests with such an allowance, those guests “reasonably believed that the hotels would allow them to do so again, permitting them to retain a privacy interest in their rooms.”  Courts realize that most hotels have a pattern or practice of allowing guests some leeway regarding the checkout time.

Each Fourth Amendment inquiry concerning guests checking out of hotels hinges on the specific facts of the case.  A hotel that has a clear checkout policy and consistent procedures will provide both staff and guests with certainty as to when a guest’s Fourth Amendment protections have expired.

Fourth Amendment protections depend on the guest’s reasonable expectation of privacy in his or her room, meaning that hotels must state their checkout policies in a manner that would not confuse a reasonable person.  An effective communication policy and procedure could involve a notification about the checkout time to the guest upon check-in, the issuance of a reminder to the guest several hours before checkout, and the posting of the checkout time in each room.  Further measures may include contacting the guest in the event that checkout time has passed.  In these ways, a hotel can unequivocally state that a guest’s tenancy and accompanying Fourth Amendment protections expire at a certain time.

A hotel should do its best to be consistent in communicating and enforcing its checkout policy.  In the absence of consistency, guests might be considered reasonable in expecting their Fourth Amendment rights to extend beyond checkout time.  If a hotel wants to retain the option to make exceptions to its general checkout time, it should provide a system for staff members to record these extensions so that they know whether or not each guest is protected by the Fourth Amendment.

II. Eviction Policy and Procedure

A justifiable ejection will also extinguish a guest’s Fourth Amendment protections.  A guest’s tenancy expires after the hotel has identified grounds for eviction and taken affirmative steps to repossess the room.

Examples of what courts have found to be valid grounds for eviction include:

  • Raucous behavior.
  • Illegal activity, including storing illegal drugs.
  • Failure to pay for the hotel room.
  • Intoxication, disorderly conduct, and carrying a gun in the hotel.
  • Odors of marijuana and complaints of loud noise.

The hotel must then act to take back possession of the room, which ends the guest’s expectation of privacy.  The Fourth Amendment continues to protect a guest until the hotel staff takes action to commence eviction.  The following actions have been identified as sufficient to constitute the commencement of eviction, and thus the extinguishment of Fourth Amendment protections:

  • Locking the guest out of his room, as long as it is for the purpose of eviction.
  • Contacting the police for their assistance in physically evicting the defendant.
  • Removal of the guest’s belongings from the room, a note left on the door informing the guest that he/ she had been evicted, the hotel staff telling the guest that he/she was evicted, or some combination of the above.

In order to create and follow an eviction policy that promotes compliance with the Fourth Amendment, a hotel should identify behaviors that justify eviction.  This requires consultation of the law, including any statutes that govern hotel policies.  The hotel should then train its staff to recognize and respond to behavior that triggers eviction.  A hotel should also provide guests with its eviction policy or communicate in some way the types of behavior that could trigger an eviction.  Finally, in the event of an eviction, the hotel must take steps to communicate to the guest that he or she is being evicted.  If the hotel has created any doubt or confusion as to whether the behavior under consideration triggers eviction, or does not clearly communicate that the guest is being evicted, Fourth Amendment protections may continue to apply. Therefore, as with the suggestions for checkout procedures discussed above, consistency and clarity will help to ensure a situation in which hotel employees and guests know when the Fourth Amendment no longer applies to protect guests.

In general, hotel staff should not allow police to enter a guest’s room without a warrant.  However, if the guest’s tenancy has expired because the checkout time has passed or the guest has been evicted, hotel staff may provide consent for a police search.  Hotels should implement polices and procedures that allow guests and staff to know, with certainty, the circumstances under which a guest’s tenancy expires.


In June of 2002, 7-year old Virginia Graeme Baker drowned when she became stuck to the suction drain outlet of a hot tub.  Baker, who had been swimming without assistance since age 3, was trapped underwater against the drain by the suction force of the water flowing into the drain.  She was unable to free herself.  It took two men to pull her free, and the drain cover broke from the force of removing her.

Most permanent swimming pools and spas are equipped with suction outlets (drains) which, in conjunction with pumps, permit the filtration, heating, chemical treatment, and/or draining of water.  Incidents like Virginia Graeme Baker’s illustrate that, without certain design features or equipment, suction drain outlets can entrap a swimmer beneath the water.

On December 19, 2007, President George W. Bush signed into law the Virginia Graeme Baker Swimming Pool and Spa Safety Act (VGB Act).  The act specified that a new swimming pool and spa drain cover standard was to be treated as a consumer product safety rule.  Effective one (1) year following the enactment of the law, “…each swimming pool or spa drain cover manufactured, distributed, or entered into commerce in the United States shall conform to the entrapment protection standards of the ASME/ANSI A112.19.8 performance standard, or any successor standard regulating such swimming pool or drain cover.”  The law further required that, effective 1 year following enactment, every pre-existing and new public swimming pool was to be equipped with anti-entrapment systems that complied with the ASME/ANSI A112.19.8 standard.  The law defined public pools to include those pools open to the patrons of a hotel.

Therefore, starting on December 19, 2008, every pre-existing and all new hotel swimming pools in the United States were required to be equipped with compliant anti-entrapment devices and systems

On May 26, 2011, the Consumer Product Safety Commission (CPSC) issued a recall of several presumably VGB Act compliant drain covers that were found to be incorrectly rated to handle the flow of water through the cover.  The recall affected 8 manufactures and an estimated 1 million drain covers throughout the United States.

In July, 2011, the Consumer Product Safety Commission voted unanimously to approve ANSI/APSP-16 2011 (APSP is the Association of Pool and Spa Professionals) as the successor standard to the ASME/ANSI A112.19.8.

Existing Pools

All submerged suction outlets at existing hotel pools should have been fully compliant with the VGB Act by December 19, 2008.  Several manufactures produce drain cover outlets that are intended for use at existing pools.  However, for out-of-the box use of the covers, specific manufacturer requirements regarding flow rates, wall or floor location, sump dimensions, etc. must be strictly observed in order for the drain to be compliant.  Often, in order to meet the manufacturer’s requirements, the drain sumps and outlets at existing pools were demolished and reconstructed.  The ASME/ANSI standard and the subsequent ANSI/APSP-16 also allow for field-fabricated outlets to be designed, and tested in place, by a registered design professional (an engineer or, in some instances, an architect).  The design of field-fabricated outlets is required to address cover/grate loadings, durability, hair/finger/limb entrapment issues, cover/grate secondary layer of protection, related sump design, and features particular to the site.

The VGB Act requires that any swimming pool with a single main drain outlet should be provided with an “unblockable” drain, or one of 6 other secondary systems for entrapment protection, including: a safety vacuum release system (SVRS), a suction-limiting vent system, a gravity drainage system with a collector tank, an automatic pump-shutoff system, drain disablement, or any other system determined by the Commission to be equally effective.  Please note that many manufacturers and many jurisdictions require that SVRS devices be tested on a regular basis.  For example, the Florida Department of Health requires that the SVRS device be tested at a minimum of once a month.

Every hotel swimming pool facility should have on file the certificates regarding the drain outlets, including the date the drain cover was placed in service.  These certificates are required by the ASME/ANSI and the ANSI/APSP standard and should have been provided by either the manufacturer or the registered design professional responsible for the outlets.  Each facility should also maintain records of testing of secondary protection devices.

All compliant drain covers have been evaluated and marked with the service life of the cover.  Most manufactures certify their covers for a useful life of either 5 or 7 years, after which, the durability of the drain cover is no longer guaranteed.  Covers installed in 2008 when the VGB Act was first enacted, have exceeded, or are close to exceeding, their expected life and should be replaced.

It is important for facilities to maintain awareness of the entire swimming pool system. Changes to any part of the system, including pumps, filters, heaters, etc. can affect the flow rates of the system, thereby changing the suction characteristics of the drain outlets.  These changes can create non-compliance with the certificates previously issued for the drain outlets. 

If there is any doubt about whether a facility is in compliance with the VGB Act, a registered design professional should be retained to investigate the facility and determine its compliance.  Direct testing can be performed at operating swimming pools using scuba equipment, body simulating devices, and force meters to determine the exact suction forces at drain outlets to assess whether or not they comply with the VGB Act.  Oftentimes, there are systems or retrofits that can be applied, even to fully VGB compliant pools, which will further reduce the risk of suction entrapment.

New Construction

In conjunction with 2012 releases of the International Codes, the first edition of the International Swimming Pool and Spa Code (IPSC) was released. The goal of the code committee was to create a code that coordinated and enhanced the provisions previously found in the International Codes and APSP standards to upgrade pool and spa safety and to meet the requirements of the VGB Act.  The IPSC is fully compatible with the International Codes and provides a reference standard to assist with swimming pool design and construction that complies with the applicable electrical, mechanical, and plumbing codes.  Many jurisdictions have already adopted the IPSC, and its adoption is anticipated to be widespread, coinciding with adoption of the International Codes.  As part of the 2012 IPSC, the ANSI/APSP-7 2006 American National Standard for Suction Entrapment Avoidance in Swimming Pools, Wading Pools. Spas, Hot Tubs, and Catch Basins (APSP-7) is codified. 

Not all jurisdictions require submerged drain outlets at swimming pools.  Careful consideration should be given during pool design to utilizing circulation methods that do not incorporate any submerged outlets, thereby completely eliminating any suction entrapment risk.  Gravity flow outlets with a collection or “surge” tank can also be incorporated to eliminate direct connection of the swimming pool drains to the pumps (this type of system is required in Florida). This method dramatically reduces entrapment risk.  Where main drain outlets are utilized, they should be unblockable, or installed with no fewer than two interconnected outlets spaced no closer than 3 feet.  The drain outlet system should be designed to handle 100 percent of the maximum system flow, assuming one drain outlet is completely blocked, without exceeding the suction forces allowed by the VGB Act.

The significant code changes and current pace of adoption of new codes by regulatory agencies have created circumstances where pool builders should not be utilizing the stock plans they have used in the past to construct new swimming pools at hotels.  Every facility will have some unique features that should be addressed by registered design professionals.  Construction documents should be prepared for each individual swimming pool that specifically account for the features unique to the facility.  The documents should contain all the information and certificates required for full compliance with the VGB Act and the applicable locally adopted codes.  New hotel facility owners should carefully review the proposed construction plans for the swimming pool, ensuring that a registered design professional has addressed the uniqueness of the facility and provided an engineering seal on the documents. 

Careful consideration during the design process easily incorporates compliance with the VGB Act into the initial construction of the pool.  Suction entrapment risk can be significantly reduced, and in some cases, completely eliminated, through proper design by qualified, registered design professionals.


  1. Virginia Graeme Baker Swimming Pool and Spa Safety Act of 2007, 14 U.S.C. Sections 1401-1409.
  2. ASME/ANSI A112.19.8 – 2007 Suction Fittings for Use in Swimming Pools, Wading Pools, Spas, and Hot Tubs.
  3. ANSI/APSP-16 2011 American national Standard for Suction Fittings for Use in Swimming Pools, Wading Pools, Spas, and Hot Tubs.
  4. ANSI/APSP-7 2006 American National Standard for Suction Entrapment Avoidance in Swimming Pools, Wading Pools, Spas, Hot Tubs, and Catch Basins.
  5. International Code Council, 2012 International Swimming Pool and Spa Code.
  6. Public Swimming Pools and Bathing Places, Florida Administrative Code 64E-9, Sections 9.001-9.018
Page 3 of 10
Go to top