PASSENGER MEDICAL RECORDS PRIVACY NOTICE
VIKAND is committed to protecting passengers’ medical records in accordance with privacy laws and ensures the data is used only for the purpose for which it was intended, review of passenger medical records. VIKAND provides a passenger medical record review service to its cruise line clients. VIKAND is committed to providing its clients with a medical record review method that is safe, secure and trustworthy. For a current list of cruise line clients, see www.vikand.com.
As a client who has contracted with VIKAND to review its passengers’ medical records prior to boarding its vessel, the client assures VIKAND that proper consent has been obtained from its passengers. The client further authorizes VIKAND to administer and store this data for the purpose outlined above.
PERSONAL DATA RECEIVED
VIKAND provides a service whereby it conducts a medical review of passengers sailing with on its clients’ vessels. When contracted to do so, VIKAND receives passenger medical records for review from the cruise line. VIKAND receives the personal data necessary to provide our clients with a clear medical profile of passengers.
USE OF DATA RECEIVED
The data received from our clients are used for the sole objective of reviewing passengers’ medical records prior to boarding one of the cruise line’s vessels. Any external communication regarding these medical records is limited to the cruise line with whom the passenger will embark. We do not share this information with any other outside parties. We inform our clients that personal data received from VIKAND can only be used for purposes for which it was intended as outlined above.
STORAGE OF PERSONAL DATA
Passenger medical records are stored in accordance with HIPAA and EU data protection laws. This data is retained in accordance to flag state requirements and after this time period, personal data will be deleted.
CHANGE OR REMOVE DATA
At any time, the cruise line or any passenger whose medical information has been reviewed by VIKAND upon request from one of its clients is entitled to contact VIKAND to access their personal data, to make changes, or to request that some or all of the personal data be removed from our system. This can be done by writing to firstname.lastname@example.org. Requests received in writing will receive a response within 30 days of receipt of request.
DATA PROTECTION POLICIES
In regards to its personal data policy, VIKAND is subjected to the laws of the United States Federal Trade Commission and when requested by legal authorities of the United States may be obligated to provide access to any personal data received if requested for legal or security reasons.
Additionally VIKAND is fully committed to achieving full compliance with the General Data Protection Regulations (GDPR) and will conform to all principles associated with data protection policies from and all European countries.