What is GDPR?
What is a Breach?
Under GDPR:
Key GDPR Tasks
12
| Bed & Breakfast News | Summer 2017
What GDPR means for B & Bs, Guest houses and small hotels
You will almost certainly have been hearing about the imminent new‘ GDPR’ data protection rules. As many of the reports have been dire warnings about onerous new rules and horrendous-sounding penalties, you can be forgiven for being worried.
In this issue we try to take a measured and pragmatic view of what you need to know- and do. But there’ s no getting around GDPR- it’ s the law and it comes into force on May 25.
GDPR is a headache for small companies, as they ensure they are compliant in how they gather, store, process and delete all personal data. Unfortunately, research suggests that many are still not adequately prepared for the changes.
What is GDPR?
Passed in May 2016, the EU General Data Protection Regulation( GDPR) replaces the Data Protection Directive( in the UK, the Data Protection Act 1988). It requires organisations to ensure that they are compliant in how they store, process and delete data. The UK will be covered regardless of Brexit( GDPR will pass into UK law before we leave the EU).
GDPR will protect all information related to name, a picture, an email address, credit card information, banking details, timeline posts on social media websites, medical information, or a computer IP address.
What is a Breach?
A GDPR breach can be as simple as an email or letter containing personal data accidently sent to the wrong recipient, a lost or stolen laptop through to data redacted incorrectly or data shared incorrectly with 3rd parties without permission or employee knowledge.
Manage Date for your B & B or Guest House
Under GDPR:
Breaches may cost organisations up to 4 % of turnover in fines
Businesses have 72-hours to report a breach
Individuals have easier access to their own data and the‘ right to be forgotten’
Individuals have the right to know if their data has been hacked
Employers, in certain circumstances, must appoint a data protection officer
The processing of children’ s data requires consent
Key GDPR Tasks
To be compliant with GDPR, experts suggest that you:
Identify all the locations of enquirer, guest and employee data in your business