All hotels need to ensure they are fully prepared for major changes to regulations on holding ‘personal data’ when the EU’s GDPR comes into force in May.
To help all our hotel clients achieve compliance well ahead of this date, we are introducing some new features to our property management system (PMS) Hotel Executive.
A data cleanse tool for personal detail
This can automatically remove personal data from Hotel Executive after a certain time. A hotel may wish to remove personal records of guests who haven’t stayed for at least two years, for example.
Businesses need to keep financial records for at least seven years but once this time has elapsed, the system can be set up to automatically remove all the personal details from the invoices while preserving the figures needed for financial records, statistics and reporting.
Data subject rights
This enables people to ask what data an organisation holds about them, why, what measures are in place to protect it and demand that it is wiped. Hotels must ensure they are able to do this quickly and efficiently.
Hotel Executive will now enable hotels to delete all the personal records from historical bookings, without the bookings themselves being deleted and skewing the hotel’s records.
The rules of consent are changing so that companies must receive clear and active permission before they collect and process someone’s data. Thus any guest who has not given permission for their information to be used for marketing purposes will not appear in any mailing list generated through Hotel Executive.
Data protection and security
Personal data must be adequately protected against unauthorised access and any security breaches could lead to tough penalty fines so hotels must ensure they have robust security measures in place.
All Avon Data clients which use the hosted version of Hotel Executive will have peace of mind in knowing Fasthosts, our hosted server suppliers, are fully compliant with current data protection laws including ISO 27001 and are working to ensure they are GDPR compliant well ahead of May.
Hotels who have Hotel Executive installed on their own on-site servers will need to make sure adequate measures are taken to protect and secure their network.
GDPR affects all personal data
While we are doing everything possible to ensure Hotel Executive supports GDPR compliance, we urge hotels to remember that the guest data in their PMS is just one element to consider. Hotel owner managers must remember that the rule changes apply to all aspects of the hotel business, from emails and the website to how staff details are stored.
Our advice is, start preparing early and by the time May comes, no-one need worry.
If you wish to find out more about the measures we are putting in place ahead of GDPR, please get in touch.