Partner Eileen Ridley was quoted in a Cybersecurity Law Report article, “How the Hospitality Industry Confronts Cybersecurity Threats that Never Take Vacations,” on August 12, 2015. In the Q&A, Ridley discussed the hospitality industry’s specific data privacy and cybersecurity challenges, and offered best practices in the collection, storage and protection of the increasing amount of personal data these companies are holding.
Ridley shared insights on collecting and protecting data and said, “Companies should have data privacy policies and procedures. If not, the first thing to do is to create one that deals with all aspects of data: how it is stored, where it is stored, who has access and how it is used… The policies should address not only informing the guests who are providing the information as to how that information is going to be used by the company, but also understanding how any vendors may use the information they obtain from the company, including ensuring that the client/consumer knows that the vendor is going to get that information and has permitted that use.”
Let’s Talk Compliance | Provider Relief Fund: Reporting Requirements and Compliance Concerns