The Radisson Hotel Group has suffered a data breach that impacts members of the organization’s loyalty and rewards program. The breach was discovered on October 1, and Radisson Rewards members were informed on October 30 and 31. Another security incident affecting members had occurred in September.
- Countries of residence
- Email addresses
- Company names
- Telephone numbers
- Frequent flyer numbers
- Radisson Rewards member numbers
In recent years, the number of significant data breaches has risen exponentially. From universities to tech giants, no organization is immune. The EU’s GDPR (General Data Protection Regulation) applies to any organization processing and storing EU residents’ personal data, irrespective of the organization’s location or where the data is processed. Canadian and U.S. organizations with any connection to the EU – whether through subsidiaries, customers, or suppliers – are likely affected. Organizations should, therefore, take steps to determine whether the GDPR is applicable and consider revising their information handling processes to ensure compliance.
In some cases, the GDPR compliance steps will supplement existing measures that many North American organizations adopt as a matter of good practice or to comply with sector or state privacy laws, e.g. HIPAA (Health Insurance Portability and Accountability Act).
Certified EU GDPR Foundation Training Course
Benefit: Get a comprehensive introduction to the Regulation and a practical understanding of the implications and legal requirements for U.S. organizations with this one-day course.
Certified EU GDPR Practitioner Training Course
Benefit: Learn from the experts how to meet the requirements of the Regulation. Gain a practical understanding of the tools and methods for implementing and managing an effective compliance framework, and how to fulfill the data protection officer role.