Advances in information exchanges, technology, and globalization are turning data into one of the most important assets for hoteliers but regulators across the world have never been more alert to this reality.
The hospitality industry and hotel chains around the world face a triple threat of greater scrutiny from the public and regulators, stringent data protection regulation and increasing threats like data breaches. It has never been more important to ensure that hotels are prepared, protected and compliant.
One of the most recent data breaches in the hotel industry was Choice Hotels after 700,000 customer records were compromised in August 2019. Choice Hotels said the breach was a result of a third-party vendor who copied the impacted data from Choice Hotels environment without authorization and moved it to its server.
There is no doubt that the European Union's General Data Protection Regulation (GDPR) sets the highest standard in data protection in the world today. Not only by way of its substantive requirements but also because of its extraterritorial outreach which requires any hotel chain with European customers to comply with its demanding provisions.
But, lawmakers on every continent are rapidly catching up and comprehensive data protection regimes are cropping up across the Americas (California, Brazil) and Asia (Singapore, Thailand). This fast pace of regulation penetration worldwide, which most often includes a duty to notify data breaches, adds...