The GDPR and the Hospitality Industry: Global Data Protection Just Got Real

The European Union General Data Protection Regulation (EU GDPR) went into effect on May 25, 2018 and requires that any company (European or international) doing business in Europe or handling personal data of EU residents comply with the new rules. The GDPR broadens the rights of individuals with respect to their personal data, mandates new approaches for industries collecting personal data and involves large penalties for violations, up to €20 million.

The GDPR focuses specifically on the criticality of protecting and appropriately managing personal data. For the hospitality industry, this means that businesses must focus more broadly on creating information security management policies and systems to prevent data loss or exfiltration, and ensure that their information security incidents can be identified, logged and reported. This requires a comprehensive understanding of how to handle and protect personal data in a secure, trustworthy manner.

This program, presented by Julie Negovan, Esq, Of Counsel at Griesing Law LLC, will distill 200+ pages of GDPR text into five (5) implementation phases, which every hospitality entity with a website needs to know. The course makes the long, complex guidelines of the GDPR relatable to hospitality attorneys of all kinds, and presents an easy-to-follow plan for non-experts in privacy or technology.

Learning Objectives:

1. Examine the policies behind the GDPR and how they relate to the everyday business of the hospitality industry in the U.S.
2. Discuss the common challenges faced by U.S. hospitality companies in complying with EU GDPR requirements
3. Recognize and respond to GDPR issues in the context of the U.S. hospitality industry
4. Identify a strategy to effectively and efficiently bring U.S. hospitality firms into compliance with GDPR requirements
5. Explore how to avoid serious violations of GDPR and the fines that can be levied