Data Protection

General Information

In its day to day work, IOM processes the personal data of millions of beneficiaries in order to fulfill its mandate. Processing personal data is often an integral and essential part of IOM operations: from less sensitive personal data, to highly sensitive ones. The protection of all such data contributes to an effective implementation of IOM projects while ensuring the privacy and safety of beneficiaries.

IOM attaches significant importance to data protection in respecting the privacy of all individuals it assists through its projects and activities. The protection of personal data is therefore paramount to IOM in order to:

  • Respect the right to privacy, human dignity and well-being of migrants.
  • Ensure their safety and non-discrimination.
  • Facilitate migration movements and understand migration challenges.

IOM was one of the first international organizations to develop its own internal data protection policy: the IOM Data Protection Principles adopted in 2009 and the IOM Data Protection Manual in 2010.

Those principles prevent unnecessary and disproportionate interference into privacy.

The Office of Legal Affairs of IOM is the focal point for data protection issues and provides advice to ensure that personal data are processed in accordance with the IOM Data Protection Principles.

6th Workshop on Data Protection within International Organizations

The 6th Workshop on Data Protection within International Organizations took place in Geneva at the IOM headquarters.

The workshop, co-hosted by the European Data Protection Supervisor (EDPS) and IOM, took place in Geneva at the IOM headquarters, on 11 and 12 May 2017.

The workshop was opened with the welcoming speech of IOM Deputy Director General Laura Thompson and European Data Protection Supervisor Giovanni Buttarelli.

Thirty-five entities, most of them international organizations, were represented at the event and 77 individual participants, including several newcomers, attended the one-and-a-half-day workshop.

The main topics of discussion were the state of play of data protection policies and their implementation within international organizations, data protection issues in cloud computing, current practices and challenges of processing health data, the developments in the privacy/data protection regulatory and policy environment, mainly the EU General Data Protection Regulation (GDPR), including the issue of transfer of personal data to international organizations. The sessions and discussions contributed greatly to the successful outcome of the workshop and provided the requisite background for the further edition that will take place next year.