Personal Data Deindetification: Anonymization
If you manage private data of any kind, you need to be familiar with the process of anonymization and how it can be used to keep the information you store safe from data breaches.
What Is It?
Anonymization translates into the irreversible removal of information that could lead to a person being identified in combination with other information or on the basis of the removed information itself.
Anonymized data, in order to be truly anonymized, must be stripped of all identifiable information. This makes it impossible to derive insights into a specific individual, even by your own company who handles the anonymization.
Considerations
If a person sends a file to a company, there may be information within that file that can be traced back to them. However, if the file is anonymized, all the associated personal data will not be traceable back to the sender--or so goes the theory.
With data anonymization, the original field layout of the data (position, size, data type) will not be taken away, which means the data will still look realistic within a data environment.
However, through the process of de-anonymizing, the process can be reversed. Most of the anonymization techniques in use today can be bypassed. A person can reveal the personally-identifying information that was stripped away, like by cross referencing the stripped file with sets of records that are still visible.
In fact, it was in 2000 that a research breakthrough was made to show that the power of anonymization isn’t as powerful as many people are initally led to believe. This study revealed that about 87% of Americans can be uniquely identified with just three pieces of information that aren’t usually considered “personal”--especially not when taken out of the context of a personal file.
These three pieces of information are: sex, birthday, and ZIP code. Information that often isn’t anonymized during this process. And, even if it is, computer scienties in recent years have shown that just about any piece of data can be considered “personal” when combined with other relevant data pieces.
Ensuring Its Effectiveness
Anonymization is just one of many personal de-identification techniques that can be utilized for your business. When approached correctly, anonymization might be the right choice for a given data set. That decision, however, will rely on the information you are trying to secure and its sensitivity.
If you take all considerations into account, anonymization might be the right way forward, but there are some additional tips to help make it more effective. Doing so really requires your business to consider all of the information you are storing, determining what you really need to keep, and then delving into the surprisingly difficult question of: what really makes for personally identifiable data?
As multiple research studies have proven in recent years, the category of personal identifiable information (PII) is expanding as companies begin easily collecting more and more data points. With all that data online, it becomes that much easier to use the cross-referencing techniques and match a few data points up with the profile of an entire individual.
Picking a Method
In reality, your business cannot assume that anoymization processes can completely secure your consumers’ personal information. While it may be a method you employ, you are likely going to utilize it alongside many other methods for your business’ data base.
These other methods will be covered in this series, allowing you to learn more about each technique and decide which one is best fitted to your business’ specific needs. Additionally, if you happen to have questions or concerns, you shouldn’t hesitate to reach out to a professional.
References
- https://arstechnica.com/tech-policy/2009/09/your-secrets-live-online-in-databases-of-ruin/
Most Recent Articles
- A beginner-friendly intro to the Correlator for effective cybersecurity detection
- Inotify in ASAB Library
- From State Machine to Stateless Microservice
- Entangled ways of product development in the area of cybersecurity #3 - LogMan.io
- Entangled ways of product development in the area of cybersecurity #2 - BitSwan
You Might Be Interested in Reading These Articles

Personal Data Deindetification: Homomorphic encryption
Homomorphic encryption is a special type of encryption invented by IBM. Encryption is a critical part of GDPR compliance although there are no explicit GDPR encryption requirements. The regulation vaguely states that businesses must enforce safeguards and security measures to protect all consumer data that they handle. The GDPR refers to pseudonymization and encryption as “appropriate technical and organizational measures.
Published on June 14, 2018

TeskaLabs has become a leader of Mobile Healthcare applications in the Health (in) Future Platform
Cellphone instead of a filing cabinet. Until quite recently, doctors at the IKEM hospital in Prague needed to perform photo documentation by first taking pictures with a digital camera, and then downloading and/or uploading them via a computer network to patient cards. A solution to this tedious and time-consuming practice was made possible through the use of mobile scanning technology.
Published on December 10, 2019

TeskaLabs and University hospital in Pilsen launches a pilot of zScanner - open source mobile app for medical photo documentation
zScanner is a mobile application for clinical and medical photo documentation. zScanner enables doctors and nurses to take photos of patient medical records, and of injuries of the patients, and upload them to a hospital information system. zScanner is an application created by the Institute of Clinical and Experimental Medicine in Prague (IKEM), a major Czech hospital, and the largest center of clinical and experimental medicine in the Czech Republic. During the pilot in the University hospital in Pilsen, zScanner is used at a Clinic of Oncology and Radiotherapy, and at the Clinic of anesthesiology, resuscitation and intensive medicine.
Published on September 17, 2020