Hotels hold an enormous amount of personal data and, quite often, personal data which is of a sensitive nature (for example, information about guests’ medical conditions or meal choices which may indicate a religious preference), not to mention credit card and billing information. As a result of this, the data that hotels hold is particularly valuable and presents a prize target for thieves and fraudsters wishing to exploit vulnerabilities in a hotel’s IT network. Hotels need to ensure that they know exactly what data they hold, how long they are holding it for, where they are holding it and what security measures they have in place to safeguard that data (as well as whether that security is currently sufficient – something which requires constant evaluation). It is imperative that hoteliers have a plan in place for handling data incidents that is agreed upon and rehearsed in advance. Hoteliers also need to be prepared to explain to an investigating regulatory authority how its systems are set up and why it believes them to be sufficient to protect the data which the hotel holds. Get the full story at GuestRevu