Data thieves are increasingly targeting hotels, thanks to the sheer volume of personal information collected from guests. When a reservation is made, a hotel will take information including names, phone numbers, addresses, card details and even IP address information when a guest books online. Once a guest checks in, additional data may be collected, such as CCTV footage and personal information including medical conditions. And yet, despite having so much sensitive information at their fingertips, the majority of hoteliers aren’t dealing with it correctly. Hospitality Technology’s 2017 Lodging Technology Study revealed that 74% of hotels don’t have proper data protection measures in place. The recent GDPR changes mean that hotels in the EU have to be even more careful with information they handle. Data breaches can cost hotels not only financially, with huge fines levied, but also reputation-wise, which can take years to redress. Thankfully, there are a number of practical steps that hotels can take to protect themselves and their guests. Alex Hollis, GRC Practice Director at SureCloud, is a security expert who has worked with a number of top global hotel chains on data privacy and risk. He advises hoteliers to first list the information they are collecting about their guests, in order to better understand that information and where it is stored. Get the full story at Booking.com