Hotel chain solidifies GDPR compliance with new data protection processes

Village Hotel Club chooses Shred-it to securely destroy sensitive guest and business information, effecting a staff data protection culture change

Village Hotel Club, a hotel brand developed for the modern customer, has chosen Shred-it to help reinvigorate its information security processes. Village Hotel Clubs’ relationship with Shred-it, one of the UK’s leading information security companies and a Stericycle solution, will help the company improve its data protection methods and therefore provide support in its journey towards compliance with the EU’s General Data Protection Regulation (GDPR).

Research has indicated that the hospitality sector accounts for 12% of all global breaches, 28% of which are caused by employee error or negligence. Hotels by their very nature process and store a vast amount of sensitive data, from credit card information to email addresses, making them a major target for malicious threat actors.

A hotel-wide audit two years ago found that each of the group’s 30 properties was using a different system for data storage and disposal, ranging from ad hoc services to using standard shredding devices. Village Hotel Club investigated various options before concluding Shred-it’s secure information disposal services were the most reliable, flexible and cost-effective solution on the market. Each hotel now has monthly and fortnightly console collections in addition to making use of the ad hoc shredding service for extensive data and paper clear outs.

Shred-it’s services have also proven their worth for members of Village Hotel Club’s new VWorks co-working concept. The business club provides external spaces for meetings and remote workers and, with its 500-strong membership holding many critical business conversations and meetings, there was a concern that confidential documents could be left behind.

Kate Banks, Compliance Officer for Village Hotel Club, believes effective methods for the disposal of sensitive information within the hotel industry are crucial. “Not only do we have our guests’ personal information to consider but, with over 4,600 staff on our books, we also need to be mindful of keeping the information held on their records safe.

“Furthermore, if data is not disposed of securely within our new business club concept, it could open firms up to the possibility of a data breach. Shred-it consoles have now been added to some of the spaces to replace general waste bins as a means of disposal, leaving club members reassured that their documents will be securely disposed of. We’re not just trying to ensure the protection of our sensitive business information, but that of our customers and clients too.”

Ian Osborne, Vice President UK & Ireland for Shred-it, states, “The introduction of the GDPR has given many in the hospitality sector the perfect opportunity to review and improve their information disposal and destruction procedures. An important step in this process has been to train staff to recognise what constitutes sensitive information and how to store and dispose of it securely. For many, this has resulted in a culture shift and now, new information security processes are becoming second nature.”

Kate Banks concludes, “Our customers are certainly more aware of what we’re doing with their confidential information and it is heartening for them to know we have proper systems in place for secure disposal and destruction of confidential information. Not only do our new procedures help us on our journey towards GDPR compliance, but we are also able to build a loyal customer base which trusts that we will do our utmost to protect their sensitive and private information.”

To learn more about Shred-it’s partnership with Village Hotel Club, visit:

https://www.shredit.co.uk/en-gb/village-hotels-use-shredit-for-data-protection