Why data anonymisation makes sense for businesses
Data anonymisation is the process of deleting or encrypting identifiers that link an individual to stored data in order to secure private or sensitive information. For instance, you can run Personally Identifiable Information (PII) such as names, social security numbers, and addresses through a data anonymisation process that preserves the data while concealing the source.
Data anonymisation techniques change data across systems in such a way that it can’t be linked back to a single person while maintaining the data’s format and referential integrity. Companies can employ one of several strategies to comply with strict data privacy rules that demand the security of Personally Identifiable Information (PII), such as contact information, health records, and financial information.
Data anonymisation makes sense for businesses since it can help them keep PII private by hiding sensitive attributes, even as they get commercial value for customer service, analytic insights, test data, supplier outsourcing purposes, and more.
How a DPO can help organizations
A Data Protection Officer (DPO) oversees data protection responsibilities and ensures that organizations comply with the Personal Data Protection Act (PDPA). Every Organization’s DPO should be able to curb any instances of cyber threats and instances of data breaches as it is the officer responsible for maintaining the positive posture of an organization’s cybersecurity.
For instance, at Privacy Ninja, we randomly conduct simulated email phishing to clients to see if there are any vulnerabilities present that a bad actor can exploit and patch them to ensure that the client’s data will never leak.
DPOs complement the efforts of Organizations in preventing data breaches as DPOs ensure that when there is an instance of it, a protocol for dealing with it has been established and can be employed to protect the personal data of clients. DPOs play a crucial role when an organization is hit with breaches as they ensure safeguards are put in place to combat it when it happens.
As a consumer who provides my very own sensitive information to each Organization I encounter or have a transaction with, I would feel safe if an organization would take the extra mile to protect my data.
Also Read: What you need to know about appointing a Data Protection Officer in Singapore
Key benefits of data anonymisation
Data anonymisation demonstrates that the business understands and upholds its responsibility to protect sensitive, personal, and confidential data in the context of increasingly complicated data privacy laws.
Customers who entrust businesses with sensitive data will view a breach of that data as a betrayal of their confidence as well and will transfer their business elsewhere. Indeed, one industry poll discovered that 85% of consumers would avoid doing business with a firm if they worry about its security policies. Only 25% believe most organizations treat their personal information properly.
Apart from defending businesses against the potential loss of confidence and market share, data anonymisation protects against the risks of data breach and insider exploitation, both of which can result in regulatory non-compliance.
A GDPR infringement, for example, can result in a punishment of between €10 million and €20 million, or 2-4 percent of global annual revenue, whichever is greater. Even a single complaint can cause a time-consuming and costly audit.
However, data anonymisation does more than mitigate risk; it also improves data governance and quality. With clean, trusted data, Organizations can optimize applications and resources, safeguard big data privacy and analytics, and expedite cloud workloads, all of which contribute to digital transformation by making secure data available for new business value creation.
What data should be anonymised?
The GDPR’s stringent criteria serve as a valuable guide for the categories of data to protect, regardless of whether a business maintains or processes PII about EU individuals. Personal information is defined in the GDPR as “any information relating to an identified or identifiable data subject.” This definition includes the following:
- Basic identifying information such as a person’s name, address, and identification number
- Web data, such as location, IP address, cookie data, and RFID tags;
- Health and genetic data;
- Biometric data;
- Racial or ethnic data;
- Political opinions
- Sexual orientation
Alternatives to data anonymisation
Persistent data masking in the interest of anonymity
Data masking can be used to achieve anonymity or pseudonymity. It substitutes similar-looking proxy data for data pieces, generally using characters that preserve an application’s format requirements, allowing it to work with the masked output. While persistent data masking is commonly used for anonymisation, dynamic data masking is reversible and can dynamically change data based on user role and context to secure real-time transactional systems for more flexible data privacy, compliance implementation, and maintenance.
Persistent data masking removes all references to the original data and is irreversible, potentially minimizing the risk of inappropriate data exposure. This is most frequently used for test data containing extremely sensitive information or for conducting research and development on highly sensitive projects. Data that has been persistently masked cannot be unmasked.
Dynamic data masking for pseudonymization
Additionally, data pseudonymization can be used to substitute other proxy values for personally identifying data fields in a record. Pseudonymization does not eliminate all potential identifiers from the data and is reversible, which means that there is a possibility of re-identification if you have extra information that might connect or restore the pseudonym to the original data.
For instance, if the Organization has a data set containing employee names, email addresses, phone numbers, and salaries, the original values may still be identified using an inference attack that searches for revealing patterns across these fields. Alternatively, simple access to the encryption keys employed or comparable data transformation mechanisms capable of completely restoring the proxy values to their original unmasked state could be used to “unmask” pseudonymized data.
Due to the possibility of data being re-identified indirectly or directly, data pseudonymisation should not be used in situations where complete disassociation between an individual’s identity and their data is required—only data anonymisation completely obscures the data of any potentially identifying information. On the plus side, pseudonymisation can present a tolerable risk when data can be restored to its original values afterward. Pseudonymisation is defined in Article 4 of the GDPR (5).
Data encryption is another type of data security that employs methods to jumble cleartext data into an unreadable format, rendering it worthless in its new state. Data encryption is advantageous for data at rest and in transit, such as storage or network connections, where data use is not a priority.
In contrast to anonymisation, data encryption is reversible; encrypted data can be restored by a person who possesses the encryption key for the associated decryption method. This highlights the critical nature of using a complicated encryption technique that cannot be easily cracked and safeguarding access to the data’s associated keys.
While encryption is routinely used to safeguard files in transit or at rest, it also provides flexibility when those files must be utilized to re-identify them later, such as linking successful clinical trial results to specific patients for additional follow-up.
Also Read: The Singapore financial services and markets bill: Everything you need to know