Data anonymization

Data anonymization is a type of information sanitization whose intent is privacy protection. It is the process of either encrypting or removing personally identifiable information from data sets, so that the people whom the data describe remain anonymous.

The European Union's new General Data Protection Regulation demands that stored data on people in the EU undergo either an anonymization or a pseudonymization process.[1]

Overview

Data anonymization has been defined as "technology that converts clear text data into a nonhuman readable and irreversible form, including preimage resistant hashes (e.g., one-way hashes) and encryption techniques in which the decryption key has been discarded."[2] Data anonymization enables the transfer of information across a boundary, such as between two departments within an agency or between two agencies, while reducing the risk of unintended disclosure, and in certain environments in a manner that enables evaluation and analytics post-anonymization.

In the context of medical data, anonymized data refers to data from which the patient cannot be identified by the recipient of the information. The name, address, and full post code must be removed, together with any other information which, in conjunction with other data held by or disclosed to the recipient, could identify the patient.[3]

De-anonymization is the reverse process in which anonymous data is cross-referenced with other data sources to re-identify the anonymous data source.[4] Generalization and perturbation are the two popular anonymization approaches for relational data.[5]

See also

References

  1. Data science under GDPR with pseudonymization in the data pipeline Published by Dativa, 17 April, 2018
  2. Privacy Technology Focus Group Report (PDF). United States Department of Justice. 2006. p. 52.
  3. "Data anonymization". The Free Medical Dictionary. Retrieved 17 January 2014.
  4. "De-anonymization". Whatis.com. Retrieved 17 January 2014.
  5. Bin Zhou; Jian Pei; WoShun Luk (December 2008). "A brief survey on anonymization techniques for privacy preserving publishing of social network data" (PDF). Newsletter ACM SIGKDD Explorations Newsletter. 10 (2): 12–22.

Further reading

  • Raghunathan, Balaji (June 2013). The Complete Book of Data Anonymization: From Planning to Implementation. CRC Press. ISBN 9781482218565.
  • Khaled El Emam, Luk Arbuckle (December 2013). Anonymizing Health Data Case Studies and Methods to Get You Started. O'Reilly Media. ISBN 978-1-4493-6307-9.
  • Rolf H. Weber, Ulrike I. Heinrich (2012). Anonymization: SpringerBriefs in Cybersecurity. Springer. ISBN 9781447140665.
  • Aris Gkoulalas-Divanis, Grigorios Loukides (2012). Anonymization of Electronic Medical Records to Support Clinical Analysis (SpringerBriefs in Electrical and Computer Engineering). Springer. ISBN 9781461456674.
  • Pete Warden. "Why you can't really anonymize your data". O'Reilly Media, Inc. Retrieved 17 January 2014.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.