More than a quarter of managers will be taking on a Travel Management Company to protect business travellers’ personal data after the General Data Protection Regulation (GDPR) comes into force.

New research by Abta released to coincide with the Business Travel Show in London looks at the steps companies will take to protect staff data when travelling for work once the new regulations apply from May 25.

The study found 28% saying that they will employ the services of a TMC and ensure all travel is booked only with agreed suppliers within the travel policy.

With almost a third (32%) stating that they do not know what steps they will be taking to protect their travelling staff’s data – there is an opportunity for TMCs to demonstrate that they can help to provide this protection, according to the travel association.

When asked what criteria they used when selecting a TMC, 90% of managers said it was very important or important that they were confident a TMC had the correct processes and systems in place to manage data.

GDPR is a European regulation that will require companies to have clearer and more robust processes in place when handling personal data relating to their customers, their staff or other persons who come into contact with their business.

Abta has been conducting regional road shows for members explaining their obligations under GDPR for the last two years as well as producing detailed guidance notes.

This means that Abta member TMCs should be particularly well prepared to ensure they can handle their clients’ data safely.

The consequences of non-compliance with the new GDPR could mean fines of up to €20 million or 4% of annual turnover, as well as having other major business impacts. Breaches of the GDPR could affect an organisation’s brand through negative publicity and it could also lead to criminal proceedings.

Abta senior solicitor Susan Deer said: “With just over three months to go until GDPR becomes law, it is incredibly important that all companies have adjusted their working practices to take account of their new obligations.

“Properly prepared TMCs have an incredibly important role to play with businesses looking to them to help protect their data – and it also creates a great business opportunity too.

“We have one a lot of work with our business travel members to help them get ready for 25 May. Using their services should help ensure your company is compliant with the requirements of GDPR.”