Getting Ready for GDPR in the Hotel and Tourism Industry

Workshop Overview

Privacy and data protection is a serious issue as illustrated by the recent number of high profile breaches that have resulted in significant fines and reputational damage. GDPR (General Data Protection Regulation) is a regulation introduced to strengthen the protection of personal data of individuals. The regulation applies to organisations anywhere in the world that capture and control the personal data of EU residents.

With regards to hotels and other tourism related businesses located within the Caribbean, any business that markets services to EU residents is subject to the regulation. EU residents that make their hotel booking from a location within the EU are covered under GDPR, however the regulation does not cover the interactions of EU residents which are made when they are outside of the EU. Consequently, GDPR compliance is required by every Caribbean hotel that takes bookings from EU residents that made their bookings in their native countries.

The enforcement deadline for GDPR is May 25th 2018, and all businesses that process applicable data must comply with the regulations or risk large financial penalties and the possibility of limitations on the right to process the credit card data of EU residents.

Given the volume of personal and credit card data processed every day, the hotel and tourism industry has been recognized as one of the most vulnerable sectors and accounts for the second largest share of data breaches. It is essential that hotels and other tourism-related businesses build awareness of GDPR across their management teams and all members of staff who are likely to process or store personal information. Hospitality staff must understand what is required within their own departments, and the consequences of non-compliance.

Springboard Caribbean’s half-day workshop raises the awareness of GDPR for hotel and tourism staff, and highlights the types of actions that must be taken within their departments to maintain compliance and understand the consequences of non-compliance. This workshop helps participants develop a step-by-step plan to achieving compliance for their respective organization.

Key Topics

  • What is GDPR and how does it impact upon my organisation?
  • What information is considered “personal data”
  • How do we build our Data Register?
  • How should we acquire personal data within GDPR rules and handle data requests?
  • What are the consequences of non-compliance?
  • How do we protect, access and erase personal data?
  • How do we report a data breach?
  • How does this impact other activities such as marketing?
  • What are the key steps in becoming compliant?

Delivery and Cost Information

This is a customised programme that has been approved and endorsed by the Institute of Hospitality. On completion, each participant will be assessed and if successful awarded a certificate by Springboard Caribbean, endorsed by the Institute of Hospitality.

As a strategic educational partner of the Caribbean Hotel & Tourism Association, Springboard Caribbean will deliver this course at any CHTA member’s property or at the properties of associated NHTA members. This course is delivered to a minimum of 20 participants.

This unit is completed during a single 3 hour session.

Subject to the provision of a suitable venue and refreshments by the client or relevant NHTA, the price for this workshop is $49 USD ($133 ECD) per participant. This includes tuition, course materials and certification.

For more information please visit our GDPR FAQ page, or to register your interest please contact Springboard Caribbean today.