10 STEPS TO A MORE SECURE HOTEL

booking scenarios

1. Data Processing Registry Mapped and Inventorised

Have you identified and described business processes involving personal data?

QSA Template

2. Assessments Completed and Documented

Have you completed and documented compliance assessments?

3. Roles Assignments Defined

Have you defined and assigned data processing roles? (Data Controller(s), Data Processor(s); DPO; Data Steward; etc.)

Hotel ICT/Data Landscape4. Legacy Data Risk Assessed and Cessation of Unlawful Processes Documented

Have you identified legacy data of which you should not/may not process any longer?

Signs5. Policies Assessed and Published

Have you defined and published data-related policies? (i.e. Privacy, Code of Conduct, Acceptable Use)

Security Allocated6. Security Allocated to the Professionals

Have you deployed a layered approach to security, utilizing multiple lines of defense to repel potential attacks?

SARs Breach and Purge7. SARs, Breach and Purge Procedures Formulated

Have you formulated hygiene and response procedures?

DPA8. Agreements (DPA, etc.) Assessed

Have you obtained relevant data processing agreements?

Rules of Email

9. Rules of Email Use Formulated and Documented

Have you established a digital communications procedures and rules of use?

Training 10. Training & Awareness Program Conducted and Documented

Have you informed employee and conducted a data protection awareness training program?

You must be logged in to post a comment.