The FTC announced earlier today that Wyndham Hotels and Resorts has agreed to settle charges that the
company’s security practices unfairly exposed the payment card
information of hundreds of thousands of consumers to hackers in three
separate data breaches. The settlement requires Wyndham to establish a comprehensive information security program
designed to protect cardholder data and to conduct annual information security audits and maintain safeguards in
connections to its franchisees’ servers.
This settlement demonstrates that the FTC will go after companies that it believe do not have the proper data privacy and security protocols in place. Companies must be careful when determining what type of data they collect from their customers, how they will safeguard the information, and how long they utilize the information. In conjunction with a data collection and usage program it is imperative to have robust privacy and security audits.
The bottom line is that companies should bake privacy and security into their customer data collection and usage programs or they risk millions of dollars in potential legal liability.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
