UK ICO Publishes Guidelines for Anonymization and Pseudonimization
The U.K. Information Commissioner's Office Friday published guidance on anonymization and pseudonimization techniques and announced a May 22 webinar to help private and public sector organizations understand it.
Sign up for a free preview to unlock the rest of this article
"Anonymisation is a privacy-friendly way to harness the potential of data," the ICO said: It's possible to anonymize personal data in many circumstances, but whether a company can do so effectively depends on the techniques it uses. "Organisations should reduce the risks of identifying people to a sufficiently remote level that the information is effectively anonymised."
Pseudonimization refers to techniques that replace, remove or transform information that identifies people and that keep the data separate, the guidance said. It can help organizations lower the risks of data processing by implementing privacy by design, ensuring appropriate security and making better use of personal information for such things as research.
The ICO cautioned that pseudonomization isn't the same as anonymization. It's a way to reduce risk and boost security, but it doesn't transform personal data to the extent that the Data Protection Act doesn't apply, the office added.