A recent high-profile enforcement action by the Federal Trade Commission (FTC) provides meaningful context and occasion for examining data security risks in the hospitality industry.
In late June, the FTC filed suit against global hospitality company Wyndham Worldwide Corp. and three of its subsidiaries for alleged data security failures that led to three data breaches at 45 Wyndham properties in less than two years. The action followed an expansive and expensive civil investigation by the Commission and is part of its ongoing efforts to ensure companies are working to secure and protect consumer data and privacy.
The case presents an excellent opportunity for companies handling financial or other sensitive data to evaluate risks and trends in the data security area, including:
- Data breach risks specific to the hospitality industry
- Enforcement and litigation risks and developments
- Breach response steps Incident response planning
- Trends and developments, including global notification obligations, foreign sovereign espionage, and SEC reporting.