Methods for De-Identification
De-identification reduces the risk of linking information in the data set to specific individuals by removing personal identifiers from data.
Replaces personal identifiers with pseudonymous identifiers to avoid re-identification of individuals within the data set.
– Can be re-identified using additional information kept separately
– Combinations and indirect identifiers must also be removed or masked
– Patient 123
Permanently and completely removes personal identifiers so that the data subject can no longer be identified directly or indirectly.
– Data can be de-anonymized by cross-referencing with other data sources
– Segmented data used to create psychological profiles for marketing purposes
Removes all identifiable data, with a scientific guarantee that the individuals cannot be re-identified and the data remain practically useful
– Cannot anonymize highly dimensional data sets
– Can skew results in order to suppress identifiable data
– Used by password keepers and Have I Been Pwned?
Certain data cannot be anonymized due to the highly unique patterns of individual biology or activity. These data are an exception to de-identification.
– Certain data cannot be anonymized due to the highly unique patterns of individual biology or activity.
– Biometric data
– Location history
– Contents of chat logs
– VR scans
Do you have a question about how to de-identify data to reduce the risk of linking specific individuals to data? Do you need guidance or training on your general data security practices? Contact us for a free consultation to see if Gazelle Consulting’s customized compliance services are right for you.