Planners routinely gather credit card information when attendees register for meetings on Web sites. Many planners maintain databases that contain addresses, telephone contact information, and e-mail addresses, which, if obtained by identity thieves, could lead to the discovery of even more sensitive information. Such information is often referred to as “personally identifiable information.

Sharing attendee data with exhibitors and other third parties, such as registration vendors and hotels, presents another opportunity for theft of personally identifiable information. In most organizations, the meeting planning function is separate from the data management function, so planners should consult with webmasters and database maintenance operators to be sure that appropriate practices have been instituted. Such practices can include limitations on access to data and encryption of stored data.

Planners and their organizations should also consider adopting a privacy policy, which should be made clear to attendees and others who use the Internet to register for meetings. Such a policy should indicate, at minimum, what the organization plans to do with the data that it collects. For example, does it share the information, or parts of it, with third parties, such as meeting exhibitors? Many such policies provide the individual attendee with the ability to “opt out” of such data sharing.

One state, California, has gone so far as to adopt an Online Privacy Protection Act, which requires organizations collecting data from California residents via the Internet to conspicuously post their privacy policies. The California law is applicable only to information collected for nonbusiness reasons.

Planners should be sure that any data that is to be stored is saved only in an encrypted form, in order to deter computer hackers who might break into a database. Think about whether it is necessary to maintain particularly sensitive information, such as credit card numbers, longer than is absolutely necessary. For instance, there may be no need to maintain credit card data after the individual’s bank has transferred funds. If such information has to be transferred to laptop computers—for use on-site at a meeting, for example—take care to safeguard the laptop, as well as to protect the stored data through encryption and password protection. Planners should carefully consider whether it is necessary to store the data on a laptop in the first place.

Personally identifiable information about meeting attendees sometimes has to be shared with hotels in order to perform a room audit, to be sure that the group gets credit for all rooms used by its attendees, including those booked outside of the contracted room block. Any time such data is provided to a hotel, it should be done pursuant to a confidentiality agreement (which can be stated in the underlying meeting agreement), or steps should be taken to ensure that the data is returned to the planner after the room reconciliation is performed.

Many planners use outside vendors to process meeting registrations. Contracts with those vendors and any others who either collect or receive attendee data should include confidentiality provisions, the requirement that the planner be informed of any data security breach, and indemnification of the planner in the event that attendee data is misused.

Interest in unauthorized use of individual data prompted at least two major national hotel chains to include a providion in their "standard" contract templates in which the planner pledges that he or she has the appropriate authorization to transfer personally identifiable information to the hotel, and further giving the hotel the right to use such information for virtually any purpose.

James M. Goldberg is a principal in the Washington, D.C., law firm of Goldberg & Associates PLLC. His practice focuses on representing associations, corporations, and independent meeting planners. He is the author of The Meeting Planner's Legal Handbook.