The hotel industry accounted for the second largest share of data protection breaches in 2016. The nature of their data handling processes puts hotel organisations at a high risk of breaching the General Data Protection Regulation (GDPR), which came into force on 25th May 2018.

Hotels collect information through many different sources which makes it difficult to monitor and control, and the type of information held makes the industry particularly susceptible to cyber attacks. The GDPR serves as a mechanism to increase protection for customers but it makes the hotel industry’s duties increasingly complicated

However, many are viewing the challenges presented by GDPR as an opportunity for the creation of better software to centralise data in one place and modernise and better safeguard the systems used. In turn this will provide a competitive edge to those who do comply – for example by utilising centralised data to understand customers and personalise marketing and customer services. This prospect may be welcome news to those feeling the pressures of the GDPR.