Project #1 - Privacy Policies And Compliance Issues

Project #1: Privacy Policies And Compliance Issues

Privacy Policies and Compliance Issues

You are a professional working in the Office of the Corporate Counsel & Chief Privacy Officer for a major hotel chain. There have been several complaints about potential privacy violations at the hotel. 

You have been asked to draft a simple privacy policy for the hotel which can be used to train employees how to handle guest information.   

Read through all four (4) steps before starting the project.

STEP 1

Investigate what may be causing privacy violation issues. You discover the following Access Control Issues:

· Special requests from guests are entered into the reservation database by multiple personnel. There should be a separate system for special requests. These requests should not be entered into a reservation system. 

· The reservation database can be accessed by:   Front desk personnel, concierge, housekeeping, and maintenance personnel.  The only personnel that should get access to the system are the front desk personnel.

· There are no limitations on what personnel can access in the reservation database. This may give people access to data that they should not be authorized to view (e.g. credit card). 

STEP 2

The following are privacy violations that have been observed: 

· Anonymous staffers have posted outrageous guest requests in a derogatory manner on the employee bulletin boards in the Resort Operations staff locker rooms.

· Derogatory postings have included guest names and room numbers along with names and ages of children. 

· Maintenance personnel accidentally gained access to guest credit card information while trying to navigate through the system.

STEP 3

Read one of the articles below about hotel guest privacy policies that should be followed by company to prevent privacy breach.

1. Wyndham Hotels Group Privacy Policy 

https://www.wyndhamhotels.com/wyndham/about-us/privacy-notice

2. The Leading Hotels of the World Privacy Policy  

https://www.lhw.com/Privacy-Policy

3. The Indian Hotels Company Limited (“IHCL”) – Global Privacy Policy 

https://www.ihcltata.com/privacy-policy/

4. Four Seasons Privacy Notice

https://www.fourseasons.com/privacy/

 STEP 4

Using one or more of the privacy policies in the links above, draft a simple 1-2 page APA format privacy policy for the hotel to be distributed to employees.  Include the following in the policy:

· Introductory Statement 

· What Data is Collected

· How We Use Data 

· How We Share Data

Table of Contents Table of Figures 2 Introduction 3 Analysis 3 First Sub-section 3 Second Sub-section 4 Summary and Conclusions 4 References 5

Table of Figures

Figure 1. References Tab in MS Word (Microsoft, 2021). 3