GDPR Principles: Data Minimisation as an Increased Measure of Hotel Data Security
Impala provides an easy to implement and cost-effective solution for GDPR compliance and data minimisation.
Since GDPR, or General Data Protection Rights, came into force in May 2018, regulatory bodies are starting to crack down on data security infringements. The recent British Airways fine of £183m for their data breach, and the proposal for a £99m fine to Marriott International for its data breach means that GDPR regulatory bodies are now willing to enforce the maximum penalties of up to 4% annual turnover for these infringements.
In addition, hospitality businesses must manage their reputations in an instant-news world. Just this week, a well-documented security lapse made headlines.
This means hospitality businesses must be stringent on the companies they work with, and know from the moment of engagement that these companies fulfil all GDPR compliance requirements.
At Impala, we have been GDPR compliant since day one, and take actions to implement these measures in our products by engaging in security by design practices. One GDPR principle we apply throughout all of our product and engineering work, is data minimisation.
What is data minimisation?
Data minimisation is one of the seven GDPR principles. In order to comply with the data minimisation principle, the UK’s Information Commissioner’s Office (ICO) states that personal data being processed by companies must be:
- Adequate — sufficient to fulfil the intended purpose;
- Relevant — with a logical link to the purpose; and
- Limited to what is necessary — no more data than what is needed for that purpose is held.
In short, a data processor or controller should never have access to more data than they need, but always enough for it to be adequate and relevant for the purpose of collection.
To help companies understand if they meet the GDPR compliance requirements, the ICO has created a checklist for companies to easily follow for each principle.
This is a handy tool for any business to make sure they are always maintaining GDPR compliance requirements in a quick and easy way. The ICO also provides a number of self-assessment checklists for both controllers and processors of data to make sure they comply with GDPR principles.
How we implement data minimisation at Impala
With the hardware or software provider you wish to connect to, Impala first collaboratively sets the scope of the data to be transmitted from your hotel. We gather as much detail as possible from these technology providers in order to keep your hotel data secure, and comply with the data minimisation principle to its fullest.
We also speak with these technology providers to understand which data points will satisfy their current needs, and which ones are relevant for their future products and features. Then, we work together to implement Impala so it only transmits the adequate and relevant data to them for their current needs, revisiting this as the company develops more products and features in the future.
By identifying the scope of data needed, and participating in a product tour with a dedicated product expert at Impala, we are able to sufficiently understand which data points are truly adequate and relevant to the product.
Hotels will always know exactly why data is being shared, and will have fine-grained control over what data is being shared at all times. Hotel data which is not required by the technology provider will not be transmitted by Impala to them, unless it becomes relevant to do so.
For example, if a company is selling televisions to a hotel that greet the guest by name after check-in, they’ll only need the name of the guest, and the dates of that guest’s stay for their product to function.
At Impala, we believe that technology partners of hotels should not be exposed to any other personal guest details, such as phone numbers or email addresses. Legacy PMS interfaces often only allow wholesale access to all, or none, of a guest’s data.
All data that is transmitted through the Impala API is hosted in the EU and encrypted in transit and at rest to make sure the data is as secure as possible at all times.
Impala does not store PII / GDPR-relevant details in logs for longer than necessary. This is a GDPR compliance requirement.
This is different from the other systems you are using
With legacy PMS interfaces, technology companies who only require a limited set of data, for example only the last name of a guest, will often get wholesale access to the entire resource. This could include all guest information including highly sensitive details such as emails, phone numbers and birthdates.
Impala limits access to only the data points these companies truly require, field by field. This reduces the data footprint of everyone involved — the hotel, the technology company, and Impala. It’s worth repeating that hotels always know why data is being shared, and have fine-grained control over the data that is transmitted when using Impala.
These are just a few ways Impala aims to follow the GDPR principles, and lead the hospitality industry by example. We truly believe that data minimisation, and GDPR more broadly, will lead to a more data secure future, leading to fewer successful data leaks, and happier travellers.
To learn more about how Impala is committed to the other GDPR principles, read our help centre article.