Already GDPR compliant, the Beekeeper digital workplace app protects employees and hotel guests against data threats
SAN FRANCISCO, CA February 1, 2018 – In just a few months, the European General Data Protection Regulation (GDPR) will require every hotel in the world to have guidelines in place that protect European Union (EU) residents’ personally identifiable information against security breaches. Any hotel that does not comply after May 25, 2018, is risking heavy fines. Beekeeper, developer of a digital workplace app where operational systems and communication channels live within one secure and intuitive platform, announces that it is already GDPR compliant and its communication platform will protect company data.
“Our customers' right to privacy and ensuring that their personal data is secure, is Beekeeper’s top priority,” said Corey McCarthy, Beekeeper head of global marketing. “In April, we appointed Dr. Amir Ameri to the new position of Data Protection Officer, and he assembled a team to make sure every box got checked. A full year before deadline, we began assessing the impact of GDPR on Beekeeper. Today, we are proud to say that we are fully compliant. This was a labor-intensive undertaking, but our scramble is over. Companies still needing assistance can visit Beekeeper’s GDPR Hub and follow our journey to compliance here.”
What Hoteliers Need to Know
Here are nine important facts that hoteliers need to know about GDPR:
- The GDPR is applicable to all hotels processing EU citizen's personal data, regardless of where it is located.
- Fines up to 20 million euros or 4% of annual global turnover (whichever is greater) may be levied in case of repeat and non-compliance to the regulation.
- EU citizens will have a right to approach the data protection authority of their choice when stating their complaint.
- Personal Data is defined with a wider scope, including social, mental, genetic, cultural, and economic data.
- The Right to be Forgotten will have an impact on hotel processes dealing with data collection, such as the purpose for obtaining the data. It will require advanced tools in dealing with search requirements.
- Privacy Impact Assessments will become mandatory and influence use of Privacy by Design principles to enhance both commercial and in-house developed tools, processes, and products dealing with Personal Data.
- Concept of Consent is reworked and made more stringent in its utilization.
- The Data Protection Officer (appointed internally or externally) becomes a mandatory role for any hotel or hotel company, or fines up to 10 million euros or 2% of global turnover may be levied.
- Incident Management and Notification for a data breach is standardized by the GDPR. A maximum of 72 hours is permissible before reporting becomes obligatory.
Voice of Reason
“GDPR is a far-reaching regulation and it has no limits to protecting personal data,” Ameri said. “As a SaaS offering and recognized data processor, Beekeeper spent the last nine months implementing technical and organizational measures to ensure that our products and services will reduce risk for hoteliers significantly in the digital workplace.”
Ameri is an accomplished professional with more than 20 years of technical and leadership experience in operational risk management. He specializes in cybersecurity, data protection, and privacy fields in Swiss and international financial and banking sectors. After completing his Ph.D. dissertation in developing a framework for managing technology risks, Ameri completed his Master of Law to better position his understanding of the interaction between technology and legal and regulatory requirements.
“With the GDPR deadline on the horizon, hoteliers face a sprint of thorough internal evaluations to revamp policies around the collection, storage, or usage of EU resident personal data,” Ameri said. “The financial implications of breaching GDPR are astronomical. We recommend mapping all data assets and appointing dedicated Data Protection personnel on a full-time or contract basis to properly oversee the adoption of high-caliber data protection processes and technologies.”
One of the best ways hoteliers can start their journey to GDPR readiness is by using a secure communications platform that is already compliant. Hoteliers with questions about implementing GDPR best practices should visit Beekeeper’s GDPR Hub.