Leading the Industry in GDPR Compliance Preparation
Dear Friends and Colleagues,
Recent headlines – from Facebook to Equifax – have increased concern about how companies acquire, use and retain personally identifiable information. European officials have been taking a tough stance on the issue. On May 25th, the EU’s General Data Protection Regulation (GDPR) becomes enforceable and the magnitude of its implications for the meetings industry is indeed huge.
But at Hosts Global, we don’t shy away from tough challenges. We lead the way through them. As part of our H-Forward initiative to continuously improve the client experience, we’ve invested in and launched the first-to-market GDPR Resource Program.
Simply put, we’re innovating ahead of the ask, preparing our global DMC community for this deadline. We’re taking a holistic approach to protecting each individual’s data and will work to universally apply new standard operating procedures (SOPs) to every attendee – not just Europeans – going forward.
The Stakes Are High
So many aspects of our people-focused business include collecting – and sharing – personal data about clients and event attendees. Names, addresses, phone numbers, birthdates, emails, preferences and more are needed for airport manifests, tour registrations, restaurant reservations, recreation safety waivers, etc. We re-use data from prior events to prepare for the next. We keep in touch via email marketing. All of this and more will be impacted by GDPR’s requirements to obtain specific consent from individuals regarding how their data will be collected, managed and stored or deleted.
Half-measures and cursory attempts at data control won’t cut it. GDPR demands serious attention backed up by serious fines for compliance failures. Fines can be as high as 4% of global annual corporate revenue or 20 million Euros – whichever is greater. Who wants to risk that?
Hosts Global is committed to getting GDPR compliance right, right from the start. We researched to find like-minded industry professionals to assist and guide us. With their privacy-by-design methodology and trusted reputation in data management, software specialist Lenos proved to be the right partner to support our efforts.
Comprehensive Training Efforts Underway
By May 10th, our Hosts Global DMCs will have been trained on our GDPR Resource Program, including:
- Checklists for creating SOPs
- Best practice guidelines for identifying and closing data control gaps
- Expert guidance for increasing communication about data issues across every party involved in a given event – from the client planner to attendees to third-party supplier partners
New Roles & Responsibilities Require New Client Conversations
As we drive industry preparations, we want Host Global clients to rest assured that their people’s data will be handled securely and in compliance with GDPR. But we need everyone’s cooperation to get there – including our clients.
Under GDPR, the client/DMC relationship now encompasses the roles of Data Controller (client) and Data Processor (DMC). As such, we have new responsibilities to each other, requiring new conversations to ensure we stay on top of our respective data chains and provide exemplary experiences for our guests.
Among the questions we’re already asking clients, ahead of the GDPR deadline:
- Have you requested consent from your attendees to send us their personal information?
- How will you be sending the data? Is your method secure?
- Are you sending us more data than you have asked consent to send?
- Does that consent include providing the information to our subcontractors?
Continuous, open communication and prudent processes will undoubtedly pave the way to a smoother GDPR transition.
Expect Hiccups & Hurdles
That being said, we should not expect initial GDPR compliance to be easy or simple. We all store so much data that we never think about. Having to confront legacy data systems, clean them up and manage them in new ways is a monumental undertaking.
I know this all too well.
Right now our own Hosts Global website is undergoing revisions to ensure it is GDPR compliant ahead of the deadline. We have work ahead of us. Every time we get one thing done, something else pops up. But we persevere. Temporary hassles spurred by GDPR are far outweighed by the long-term benefits of better data protocols. After all, providing our clients and their attendees with the utmost in care, protection and service is just how we do business at Hosts.
Trust As The New Currency
As businesspeople, we each make choices about where to invest our energies and resources. At Hosts, we choose to invest in the client experience and in the people who deliver it.
You can count on us to deliver on GDPR compliance. To lead the industry to where we need to go, just as we did with our Emergency Preparedness protocols. And to do the homework and the legwork necessary to seamlessly look after every guest in all Hosts Global destinations.
Though GDPR is a product of the digital age, its success – indeed all of our successes – depends on the enduring, timeless value of effective communication and trusted relationships. We’re honored to share such bonds with you and look forward to strengthening them throughout the transition ahead.
No better time than the present to get started: Will you consent to “opt in” to optimism about operating in the post-GDPR world?
All my best,
Marty MacKay, DMCP
President, Global Alliance