Introduction
This PAHO Data Protection Policy (the “Policy”) establishes the rules and principles relating to the Processing by and within PAHO of Personal Data of individuals.
The collection, analysis, publication and dissemination of health-related data is a core part of PAHO’s mandate. This may also include the need to store and/or share (transferring or receiving) Personal Data including sensitive medical data and data of vulnerable or marginalized individuals and groups of individuals, including children, which require careful handling and particular attention.
This Policy considers the regulatory evolution in the field of data protection, as well as the Personal Data Protection and Privacy Principles of the United Nations (“UN”) Privacy Policy Group (“PPG”) adopted in September 2018 and endorsed by the High-Level Committee of Management (“HLCM”) in October 2018.
This Policy should be read in conjunction with other existing internal policies of PAHO, and may be complemented by Standard Operating Procedures (SOPs) or other policies that will provide guidance on its implementation, supervision and accountability.
This Policy will also be evaluated and may revised over time.
Capitalized terms used in this Policy have the meanings ascribed to them in the “Definitions” section below or in the Policy.
Complete version of the policy is available in PDF format here.