Tech Talk

Recent posts

A groundbreaking new report by the Urban Land Institute in Washington, D.C. explores sustainability in the hospitality industry and examines ways in which hotels are incorporating eco-friendly best practices into both operations and construction. The study includes insights from leading hotel owners, developers and investors.

Every hotel owner wants to know how he can increase the traffic to the website, and at the same time, boost direct bookings. The key to accomplish both the objectives is to design a site that is accessible even to disabled people. It will not only improve the usability for all types of visitors, but it will also improve your market penetration. Designing ADA website is also very imperative to prevent legitimate complications. In addition to this, an ADA feature will aid in improving the website performance in search engines.

The underappreciated city of Minneapolis served as host for the 2019 edition of HITEC (produced by HFTP) which wrapped up its most recent four-day run on June 20, 2019. In the days and weeks leading up to the event, meeting solicitations and party invites filled my inbox at a growth rate any VC or entrepreneur would envy. As a first-timer to this international hospitality technology behemoth, it became apparent that HITEC actually begins a few weeks prior to when that first request or invitation lands in your over-stuffed inbox.

Time is limited. Once it’s gone, you can’t gain it back. Similarly, once a room goes unsold for a night, it will go unsold forever. There’s no way to recover that loss, because there’s no way to go back in time.
 
Many hotels fight this limitation by trying to sell as many rooms as possible. If all the rooms are completely booked, time no longer becomes a factor. But most don’t have the luxury of being at-capacity every single night. That’s why last-minute booking apps are growing in popularity in the industry, where hotels can make the most of each day. These apps specifically target guests who don’t plan far in advance, seeking accommodations from one week to one minute later.
 
There are several different ways your hotel can benefit from using last-minute booking apps in your business strategy.

IoT is Coming, Jon Snow…
Posted: 05/21/2019

Hospitality is prime for the coming advent of the various devices that make up the Internet of Things. Estimates show the industry now represents 17.5 million rooms worldwide and savvy guests are demanding more personalization and an overall improved guest experience along their connected travel journey and belief is that IoT can bring this to reality. 



want to read more articles like this?

want to read more articles like this?

Sign up to receive our twice-a-month Watercooler and Siegel Sez Newsletters and never miss another article or news story.

x
 

The Top 5 GDPR List for Hoteliers



Hotels have Finally Jumped into the GDPR Game

May 25 is quickly approaching, and the streets are abuzz with GDPR. Hoteliers are struggling for guidance and everyone has a thought or opinion as to what getting to GDPR compliance means. The worst part is we are seeing so many hotels receiving incomplete or faulty information and they will be in for a rude awakening soon.

Complying with the GDPR directives requires a hotel to implement a combination of administrative and technical controls focused on protecting the personal information of EU residents. We know that hoteliers are focused on privacy statements and policies, but we also know that most hoteliers are ignoring or overlooking these critical areas.

1. Explicit consent – How will a hotelier collect, save and reference explicit consent?

2. Right to be forgotten – How will a hotelier purge customer records from commercial off-the-shelf applications when those providers don’t have a process yet?

3. Notification of third parties to purge customer data – What is the communication method and verification process to ensure that whoever a hotel shares guest data with (for example third party email marketing partners) will also purge guest data?

4. Vendor risk assessment process – How will a hotelier ensure that third-party partners are prepared and able to comply with GDPR. Hoteliers must also think about their cloud providers, back up providers, email partners, revenue partners, rewards programs and more.

5. Complying with the technical controls – This will be the most difficult and troubling set of controls for hoteliers. First, settling on a framework that will guide the hotel’s data protection strategy is important. The reality is if a hotel can’t achieve PCI compliance it is unlikely they will achieve GDPR compliance.

6. Process to ensure timely notification – Failure to notify the appropriate data protection authorities in a timely manner will result in significant fines and penalties. 

Checklist to assist in GDPR preparation

These are the top five items that a hotelier can focus on to move the ball closer to compliance by the required dates.
 

1. Know with whom you share data!
This includes business as well as technical sources.  Make sure data flows are documented and include who and why data is shared.

2. Hire a Data Protection Officer (DPO) to handle all claims from EU consumers and data protection authorities. While not necessary in all cases, it is recommended. A virtual DPO is affordable and will ensure communications are responded to correctly and in a timely manner.

3. Create a manual paper process to capture the guests explicit consent for email marketing (opt-in) and the sharing of data with third parties. Until PMS developers have a process in place to programmatically capture consent having a paper process will mitigate the risks.

4. Clearly define your organizations record retention policy and requirements. The right to be forgotten has some exceptions and can be guided or modified to remain consistent with normal business processes.

5. Ensure all third parties have undergone a Vendor Risk Assessment and that you understand the risks associated with their engagement.

6. Ask all third parties to provide a statement of compliance and detail explanation of what processes exist for the protection of your guests’ data. This includes OTAs, PMS providers, marketing companies, cloud providers and other technology providers.

No one really knows how European Data Privacy Authorities police will enforce the GDPR directives.  In the hospitality vertical it is easier to blacklist properties that develop a reputation for not protecting the data of EU nationals.

With all of that said, when we look at properties struggling with PCI compliance we know they will not be able to attain GDPR compliance. The security framework is somewhat more stringent and will be burdensome on U.S. properties.

About The Author
David Durko
CEO
Security Validation, LLC


David Durko is the CEO and chief compliance officer for Security Validation’ Data Security Advisory Practice. Security Validation provides PCI and GDPR Assessment Services along with Virtual Data Privacy Officer services from its offices in the U.S. and U.K.

 
Comments
Blog post currently doesn't have any comments.
Leave comment



 Security code