What is GDPR ?
What is a Breach ?
Under GDPR :
Key GDPR Tasks
12
| Bed & Breakfast News | Summer 2017
What GDPR means for B & Bs , Guest houses and small hotels
You will almost certainly have been hearing about the imminent new ‘ GDPR ’ data protection rules . As many of the reports have been dire warnings about onerous new rules and horrendous-sounding penalties , you can be forgiven for being worried .
In this issue we try to take a measured and pragmatic view of what you need to know - and do . But there ’ s no getting around GDPR - it ’ s the law and it comes into force on May 25 .
GDPR is a headache for small companies , as they ensure they are compliant in how they gather , store , process and delete all personal data . Unfortunately , research suggests that many are still not adequately prepared for the changes .
What is GDPR ?
Passed in May 2016 , the EU General Data Protection Regulation ( GDPR ) replaces the Data Protection Directive ( in the UK , the Data Protection Act 1988 ). It requires organisations to ensure that they are compliant in how they store , process and delete data . The UK will be covered regardless of Brexit ( GDPR will pass into UK law before we leave the EU ).
GDPR will protect all information related to name , a picture , an email address , credit card information , banking details , timeline posts on social media websites , medical information , or a computer IP address .
What is a Breach ?
A GDPR breach can be as simple as an email or letter containing personal data accidently sent to the wrong recipient , a lost or stolen laptop through to data redacted incorrectly or data shared incorrectly with 3rd parties without permission or employee knowledge .
Manage Date for your B & B or Guest House
Under GDPR :
Breaches may cost organisations up to 4 % of turnover in fines
Businesses have 72-hours to report a breach
Individuals have easier access to their own data and the ‘ right to be forgotten ’
Individuals have the right to know if their data has been hacked
Employers , in certain circumstances , must appoint a data protection officer
The processing of children ’ s data requires consent
Key GDPR Tasks
To be compliant with GDPR , experts suggest that you :
Identify all the locations of enquirer , guest and employee data in your business