Comparing the benefits of pseudonymisation and anonymisation under the GDPR
Many organisations are trying to obtain more value from their data to improve their products and services, offer new ones and optimise their own internal operations. For example, more chief data officers, or similar roles, are being created to drive such data-enabled transitions. With the General Data Protection Regulation (GDPR) in place, these organisations need to determine the lawful basis for such activities. De-identification techniques, such as pseudonymisation and anonymisation, can play an important role in facilitating such secondary uses and disclosures of data. In regard to de-identification, the GDPR introduces nuances that have not previously been seen, recognising the existence of different levels of de-identification and explicitly adding references to pseudonymisation as an intermediate form of de-identification. This paper explores the nuances introduced by the GDPR, compares the benefits of the different levels of de-identification found in the regulation, and provides practical guidance for using de-identification as a tool for addressing different GDPR compliance obligations.
No Supplementary Data
No Article Media
Document Type: Research Article
Publication date: December 1, 2018
More about this publication?
- Journal of Data Protection & Privacy publishes in-depth, peer-reviewed articles, case studies and applied research on all aspects of data protection, information security and privacy issues across the European Union and other jurisdictions, in the wake of the new EU General Data Protection Regulation (GDPR) and the biggest change in data protection and privacy for two decades.
- Editorial Board
- Information for Authors
- Submit a Paper
- Subscribe to this Title
- Terms & Conditions
- Ingenta Connect is not responsible for the content or availability of external websites