The UK Chamber of Shipping, in conjunction with shipping lawyers Hill Dickinson LLP, has released guidance to shipping companies on implementing the general data protection regulation (GDPR).
The arrival of GDPR is part of a raft of cyber related initiatives heading shipping’s way.
The publication summarises the key requirements of the GDPR, which entered into force in May 2018, and the actions companies should take to implement data protection policies.
It focuses specifically on the maritime sector and covers key areas such as crewing issues and seafarer payments, defines GDPR terminology and lists the types and sources of personal data and how these should be processed.
It also describes the role and responsibilities of the data controller and the company data protection officer.
Guidance is also provided on the strict provisions relating to transferring personal data outside of the EU. This is particularly relevant to the offshore industry, where crew are transferred from one site to another and to and from a multitude of jurisdictions where their personal data will follow.
UK Chamber of Shipping chief executive Bob Sanguinetti commented “It is our mission to deliver for our members trusted specialist expertise at all times and The GDPR Guidance to Shipping Companies offers just that. The publication not only details the best practices but also sets out an ‘Action Plan for Companies’, describing suggested stages for a company to implement GDPR and verify compliance.”
|
