4 Tips for Hotels to Build Data Privacy Trust

Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the January 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Data Privacy Day is observed annually on January 28th.

On January 27, 2014, the 113th U.S. Congress adopted S. Res. 337, a non-binding resolution expressing support for the designation of January 28 as "National Data Privacy Day." The National Cyber Security Alliance (NCSA) officially leads the Data Privacy Day campaign.

With the recent Choice Hotels data breach in headlines lately (and with Data Privacy Day) approaching next month, here are four tips that hoteliers can reference, in order to help build data privacy trust for consumers:  

1. Create a culture of privacy in your organization. Educate employees on the importance and impact of protecting consumer and employee information as well as the role they play in keeping it safe.
2. If you collect it, protect it. Follow reasonable security measures to keep individuals' personal information safe from inappropriate and unauthorized access.
3. Be open and honest about how you collect, use and share consumers' personal information. Think about how the consumer may expect their data to be used, and design settings to protect their information by default.
4. Build trust by doing what you say you will do. Communicate clearly and concisely to the public what privacy means to your organization and the steps you take to achieve and maintain privacy.

Hospitality Industry Growing Target for Cyber Attacks

According to zdnet.com, hotels, restaurant chains, and related tourism services have been subject to a range of techniques when it comes to cybercrime; due to the compromise of Point-of-Sale (PoS) terminals to harvest guest data, phishing emails sent to staff which are designed to give attackers access to internal systems, and Man-in-The-Middle (MiTM) attacks through hotel public W-Fi hotspots being only some of the potential attack vectors.

“The data that the hospitality industry accepts, processes, and holds is valuable,” according to the article. “Guest Personally Identifiable Information (PII) and financial information can be used in spear-phishing schemes, sold on in bulk, or potentially used to create clone cards when strong encryption is not in place to protect payment data.”

As such, by implementing the aforementioned best practices, hoteliers can better protect their guests to maintain trust and keep them returning to their hotels. Overall, it’s better for consumers, employees and the business to create a strong data privacy culture.