Home   |   Print Page   |   Contact Us   |   Sign In   |   Register
Trends & Hot Topics
Blog Home All Blogs
Search all posts for:   

 

Top tags: Trends 

Data Privacy & Protection for the Modern Day AMC

Posted By Jeanne Sheehy and Rob Gates, Thursday, August 3, 2017

Information privacy, or data privacy (or data protection), is the relationship between the collection and dissemination of data, technology, the public expectation of privacy, and the legal and political issues surrounding them.

As an AMC, our vendors and our clients can be sued by taking just one wrong step as we collect, store, transfer, or disclose data. As a company (and processor), we need to know all of our data sources for every client, what vendors are involved and know/have policies in place for privacy, breaches, and protection. You need to be able to answer the question confidently – how does your AMC protect client member privacy and data?

LEGISLATION
The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. This new data protection measure goes into effect on May 25, 2018 and it’s likely that the US will impose a similar regulation in the coming years.

GDPR applies to the processing of personal data by controllers and processors located in the EU, regardless of whether the processing takes place in the EU or not. AMCs are responsible for ensuring that its relevant vendors comply with GDPR. Articles 32-37 are of most interest and outline the need to identify Data Protection.

Canada Anti-Spam Act (CASL) went into effect on July 1, 2014 and applies to all electronic messages. Under this legislation, users must have an option to opt-out of all electronic communications. If your client sends emails to Canadian residents, you need to comply with CASL and its recent changes. As of July 1, 2017, fines of $1-10M per violation are being enforced and any individual is able to sue any entity they believe is sending spam messages.

EMAIL MESSAGING
Immediate measures you should take for Email Messaging/Marketing:

  • Immediately institute Opt-Out if you don’t have that.
  • Start moving toward opt-in methodologies. The more non-US constituents clients have, the faster your AMC needs to move on this.
  • Consider developing segmentation to more finely tune your opt- in/opt-out options so users aren’t left with “all or nothing” options.
  • Always ensure that you are respecting the selections of everyone in client email list(s) as to opt-in/out status.
  • Ensure that any outside list your clients utilize has been validated to meet the relevant opt-in/out requirements. 

DATA MAPPING

Data mapping is critical for transparency. Understand what data you have, where it’s stored and where it goes. The legality of sharing this data is also something to consider. Focus on Personally Identifiable Information (PII), i.e., birthday, email address, birthplace, etc. and Financial Account Information (i.e., credit card numbers, bank account numbers, etc.

PUT IT INTO PRACTICE

Best practices for privacy of PII:

  • Ensure that you are giving users an opportunity to have some or all of their information excluded from sharing, particularly if shared “publicly” (think private membership directory vs. public.)
  • Start moving toward an opt-in mentality for any data sharing situation. The more non-US constituents in clients’ data bases, the faster you should get there.
  • Make sure any vendors your AMC shares data with are agreeing to respect privacy requirements and secure our data appropriately.
  • Never share more information than is needed for the task/process at hand.
  • Treat all client member/constituent PII data the way you’d want your data protected.

Best practices for privacy of Financial Data:

  • Only work with PCI compliant vendors/partners. Never share customer financial account data externally.
  • Do not store credit card data in spreadsheets – process and move on, never “save.”
  • Paper forms should be designed so that credit card data can be redacted (blacked out with special pen), cut off or the form shredded after processing.
  • Any forms with credit card data should always be locked up except at the moment of processing.
  • Never encourage – and actively discourage – the sending of account information via email.

VENDOR PROCEDURES

Vendors who store or receive PII or Financial Data should provide your AMC with any privacy policies, data protection/security policies/procedures, and all breach policies and procedures - including communication and notification systems. For financial data, also ask for Payment Card Industry (PCI) Compliance verification and level. You should never utilize a vendor you share financial data with who does not have this verification.

CONCLUSION
In this digital age, organizations are critically aware of their vulnerability to information hacking. Data privacy and protection is an important reality for AMCs and our clients. It’s our job to navigate regulations and build on the procedures that keep practices current as new legislation is passed. Taking the proper measures now may save your AMC from potential disaster later.

Tags:  Trends 

Share |
PermalinkComments (0)
 

U.S. Travel Association Meets with Secretary of State Rex Tillerson

Posted By Administration, Wednesday, August 2, 2017
FROM THE DESK OF ROGER DOW

Dear Board Colleagues:

As mentioned at last week’s board of directors meeting, we continue to take steps to engage the Administration on key industry priorities. Earlier today, along with a handful of respected corporate CEOs representing millions of American workers, I had the opportunity to meet with Secretary of State Rex Tillerson regarding Open Skies.

The group directly expressed how the government’s Open Skies agreements—particularly those with Qatar and the UAE—benefit the U.S. economy, our nation’s trade balance and American jobs. It was a productive conversation and we appreciate Secretary Tillerson for seeking the full picture on this critical topic. I am encouraged by the Administration’s thoughtful and deliberative approach on the matter.

Today’s discussion at State is a positive development in our ongoing efforts to preserve Open Skies. Since 2015, U.S. Travel—with many of you—have sought to protect these pro-connectivity, pro-growth, pro-traveler agreements not only because tampering with the policy would further limit airline competition and restrict consumer choice, but also because such a move would be detrimental to our economy and result in lost American jobs and fewer connections to underserved markets.

I will keep you apprised of developments on this issue.

Sincerely,

Roger

Roger J. Dow
President and CEO

Tags:  Trends 

Share |
PermalinkComments (0)
 

U.S. Travel Association Outlook July 2017

Posted By Administration, Wednesday, August 2, 2017

The July 2017 U.S. Travel Association Outlook examines the labor market, consumer confidence, consumer spending, and the travel trends index among other areas. Interested in what is going on just over 1/2 way through 2017?

Click here to read the full report.

Tags:  Trends 

Share |
PermalinkComments (0)
 

AMCI Partners

Powered by YourMembership  ::  Legal