The Value of Trust Through Privacy - ' Core Privacy Values '
(
Page 4 of 5 )
An early heads-up on privacy issues gave Tim Harvey some momentum as he planned Hilton's system-wide computer network, known as OnQ, which went live last year.
With some 230 Hilton-brand hotels located outside the U.S., the company picked up on the growing importance of customer privacy from its Hilton International Co. affiliate, which faced regulatory changes decreed by the European Union in 1998.
"We started discussing the issues, asking ourselves not just what could happen here in terms of regulations, but also what do we want to stand for, what are our core values around privacy," says Harvey.
"The changes in the marketplace helped get us started."
In 2002, Harvey took the lead in creating a new chief privacy officer post at the company.
"The business value of our continuing relationships with our guests and reasonable information policies was not only acknowledged but embraced, even before we had a dedicated privacy role, or articulated privacy values," Harvey says.
But formalizing the job was a recognition of its increasing importance.
The CIO, who reports to Hilton Chief Executive Stephen Bollenbach and sits on the company's executive committee, consulted with top managers from the legal team and other functional areas including brand development, hotel operations and human resources. "We started at the top," he says. Hilton also worked with Accenture to plan its privacy strategy, and looked at the policies of companies like rival Marriott International Inc. and trust-dependent courier FedEx Corp.
Chief Privacy Officer Louise Nelson reports to the legal department; a peer position, Chief Security Officer Tom Daly, reports to Harvey. A steering group called the Privacy and Security Operating Committee, made up of executives from across the business, meets quarterly to make sure privacy and security issues are visible at the top of the company.
"The committee depends on the views these top executives have of the business," says Harvey.
"Privacy has not been viewed as a hindrance to what we do, and people are very proactive about outlining the issues."
Such top-level visibility is important because it helps enforce consistent policies across the organization. "Inconsistency is an enemy of privacy," says Ponemon.
"If one part of the organization does it right, but another part does it wrong, the customer only knows that something is wrong. The CIO has to know where the data is, who uses it, who shares it. He can't spend his time fighting fires at the detail level, it has to be integrated at the top."
Next Page: Details matter.
test
