Fax Compliance for Hotel Reservations
Britannia Hotels Group is using a ProcessFlows fax server and document management solution to protect and secure their reservations business process so it fully meets PCI Regulatory Compliance.
41 hotels, 8000 rooms
Manchester based Britannia Hotels Group operates 41 hotels throughout the UK. The company specialises in combining tradition with realistic tariffs and a high level of customer service, in order to deliver a positive and consistent customer experience to all clients.
Britannia have a centralised reservations operation which receives around 10,000 bookings a month by fax from travel agents, online hotel reservation sites (like ebooking.com) and directly from clients.
Driven by the need to speed things up and make the booking process more efficient, Britannia realised that they needed to stop processing reservations manually.
They implemented a solution which automatically receives and routes scanned paper documents and incoming faxes as emails, so that agents could process all reservations from within their email environment (Microsoft Exchange and Outlook).
This dramatically cut handling and response time – no more trips to the fax machine or searching for misplaced documents etc. Having everything in email also makes it much easier to communicate booking information to individual hotels.
Help with Compliance
When Britannia contacted ProcessFlows, everything was working well ‘efficiency wise’.
They had been able to consolidate their staff resource, remove the error risk associated with manual processing (so data accuracy was better) and make all their energy-sapping, paper and toner-dependant fax machines redundant.
Britannia have a responsibility to ensure that clients’ credit card information can’t be viewed, compromised or hacked as the reservations are emailed and then stored. They also need to make sure that there is no risk to them for violation of PCI DSS and any subsequent fines.
A high volume of email traffic across the network makes it difficult to maintain data security. They were well-organized, but they could not guarantee the secure handling of data as determined by PCI compliance regulations.
An urgent ‘upgrade’ was required
Tony Smith, Director of IT, Britannia Hotels said; “We did not want to rip and replace the existing system. It worked very well and delivered tangible efficiencies. The most cost effective way to ensure compliance was to integrate independent, PCI compliant process technology to take care of the security issues.”
ProcessFlows’ evaluated the incumbent process and came up with a bespoke PCI solution which would integrate with Britannia’s existing fax-to-email system to ‘fix’ the non-compliant email communication issue and provide compliant document storage for all faxes.
ProcessFlows’ PCI fax compliance solution for Britannia uses RightFax and Alchemy
RightFax and Alchemy both meet PCI DSS regulatory compliance for the secure handling processing and archiving of credit card transaction information.
RightFax retains a complete audit trail of all fax traffic, including deleted faxes, which is a key aspect of records based compliance. Alchemy automatically encrypts all data for archiving. It can be set up to provide restricted access to certain information if required.
A complete fax archiving and publishing solution
Compliant business processing
RightFax now receives all Britannia’s in-bound reservation faxes and then automatically sends/archives them into an Alchemy document management repository; providing high-security, electronic storage and access for all faxes.
The Alchemy system is configured to routinely send an email notification of new bookings to specified email addresses. This email contains a direct link to the fax image of the reservation held within the Alchemy repository.
The Alchemy Web publishing application enables authorised staff to simply click the link and view the image of the fax reservation.
Britannia now has total peace of mind that at every stage of the booking process, the security of credit card data entrusted to them is never compromised.
“ProcessFlows’ seamless integration ensured that it was business-as-usual for our reservation staff. We had no need for additional training or to change the booking process. Staff access all faxes in Alchemy from their familiar email environment, then deal with them in the usual way.”
Tony Smith, Director of IT, Britannia Hotels.