Life Science News - "Data Anonymization and Pseudonymization Under the GDPR"
"Companies that handle data are currently faced with constraints placed on them by data protection laws. The EU General Data Protection Regulation (GDPR) will come into effect on May of 2018 and will introduce firmer regulations, and imposing heavier penalties for failing to comply with these laws. Data protection regulations are necessary to protect the data security and privacy of individuals. To satisfy these regulations and keep user data safe, companies may need to engage in data anonymization. This is the best way to simplify the process of complying with privacy regulations. Unlike pseudonymization, data anonymization allows companies to work with their data, stay compliant with regulations, and protect the privacy of individuals. Companies can use tools, such as Aircloak’s solution, to accomplish this.
What is data anonymization and pseudonymization?
Data protection laws exist to protect the personal identity of people whom the data describes. If the data subject is not identifiable in any way, data protection law does not apply. That is, when it becomes impossible to connect individuals to the data, people controlling and processing the sensitive data are not restricted in data use or sharing. On the other hand, an identifiable data subject can result in legal consequences including damage claims, loss of reputation, and fines or penalties.
The purpose of data anonymization is privacy protection. It involves the modification of data sets so that no personally identifiable information remains. As a result, data can be used and transferred without individuals’ identities being disclosed unintentionally. This is necessary before analytics can be performed on the anonymized data."