On October 2, Hospitality Technology quoted Emily Knight on a lawsuit filed against Loews Chicago Hotel Inc. The suit alleges that the company “violated the Illinois Biometric Information Privacy Act when it failed to ask for an employee’s consent while using his fingerprints as part of a timekeeping system.”

“Companies are increasingly turning to biometric data because of its increased reliability and efficiency,” Emily said. “But unlike knowledge-based, personal information, biometric data poses significant risks because it cannot be replaced once compromised. Therefore, companies seeking to use this technology must do so carefully. …Hotels will constantly need to assess potential external as well as internal threats and develop appropriate safeguards in response. The BIPA requires companies protect biometric data in at least the same manner they protect other sensitive and personal information. At the very least, this means encryption, limited access, and retention and disposal policies. But as more companies incorporate this technology into its day-to-day systems, it is likely other states will begin enacting statutes that mirror the BIPA. Therefore, prudent employers should begin aligning their policies with the BIPA now to avoid liability later.”

Read the article here.