HTNG Workgroup to Address Personally Identifiable Information (PII)
Hotel Technology Next Generation (HTNG), a global not-for-profit trade association run by and for the benefit of hotel IT executives, have announced the charter of a new Workgroup which will specifically focus on the protection of Personally Identifiable Information (PII) within the hospitality environment.
The formation of this workgroup emerged in tandem with the hospitality industry’s growing realization that the PCI (Payment Card Industry) protection protocols via PCI DSS 3.2 focus primarily on the protection of a payment card identifiers. Until recently, the primary focus related to security or protection has been to reduce the liability for fraudulent charges that either a merchant or card issuing bank assumes in the case of stolen or misused payment card data.
“The increasing regularity of deep data breaches across all nonregulated industries as well as the growing theft of loyalty program points in travel is one of the key drivers behind HTNG’s decision to take a thought leadership position.” says Michael Blake, CEO of HTNG. “Our industry stores, shares and mines reams of data in addition to the card number and CVV, such as all PII used for compensation and healthcare plans of employees. We are committed to helping both hoteliers and the technologies that support the ecosystem become aware and understand the extreme vulnerability of the data we collect about our guests and staff.”
The workgroup will be addressing the industry’s need for increased awareness and adaption of the technology available to ensure both the security and privacy of PII, while exploring ways to secure and protect employee PII (all info on full time and contract or outside temp staff) along with all information retained in any guest data profile.
A key deliverable will be an industrywide acceptable definition of PII and the workgroup has already begun with an intentionally succinct version defined as “any representation of information that permits the identification of an individual, either alone or when combined with other elements.” A full glossary will be available as well as white papers and standards.
Co-chaired by two of the industry’s leading data privacy and protection advocates, Marion Roger of HeR Consulting and John Bell of Ajontech, LLC., dozens of hoteliers and technology companies have joined this new workgroup with one mission: protecting owners and brands as well as guests and staff from becoming victims of increasing crimes resulting from stolen PII.
Workgroups have been described as the "heart and soul" of HTNG and are the most important aspect. They are where HTNG members gather to collaborate and solve industry challenges globally. Each workgroup addresses a very specific business problem, such as lack of key capabilities in a device, the need to support multiple complex software interfaces among coordinated systems, or identifying the best approach for deploying a new and risky technology.
The formation of this workgroup emerged in tandem with the hospitality industry’s growing realization that the PCI (Payment Card Industry) protection protocols via PCI DSS 3.2 focus primarily on the protection of a payment card identifiers. Until recently, the primary focus related to security or protection has been to reduce the liability for fraudulent charges that either a merchant or card issuing bank assumes in the case of stolen or misused payment card data.
“The increasing regularity of deep data breaches across all nonregulated industries as well as the growing theft of loyalty program points in travel is one of the key drivers behind HTNG’s decision to take a thought leadership position.” says Michael Blake, CEO of HTNG. “Our industry stores, shares and mines reams of data in addition to the card number and CVV, such as all PII used for compensation and healthcare plans of employees. We are committed to helping both hoteliers and the technologies that support the ecosystem become aware and understand the extreme vulnerability of the data we collect about our guests and staff.”
The workgroup will be addressing the industry’s need for increased awareness and adaption of the technology available to ensure both the security and privacy of PII, while exploring ways to secure and protect employee PII (all info on full time and contract or outside temp staff) along with all information retained in any guest data profile.
A key deliverable will be an industrywide acceptable definition of PII and the workgroup has already begun with an intentionally succinct version defined as “any representation of information that permits the identification of an individual, either alone or when combined with other elements.” A full glossary will be available as well as white papers and standards.
Co-chaired by two of the industry’s leading data privacy and protection advocates, Marion Roger of HeR Consulting and John Bell of Ajontech, LLC., dozens of hoteliers and technology companies have joined this new workgroup with one mission: protecting owners and brands as well as guests and staff from becoming victims of increasing crimes resulting from stolen PII.
Workgroups have been described as the "heart and soul" of HTNG and are the most important aspect. They are where HTNG members gather to collaborate and solve industry challenges globally. Each workgroup addresses a very specific business problem, such as lack of key capabilities in a device, the need to support multiple complex software interfaces among coordinated systems, or identifying the best approach for deploying a new and risky technology.