Data anonymization is a type of information sanitization whose intent is privacy protection. It is the process of either encrypting or removing personally identifiable information from data sets, so that the people whom the data describe remain anonymous.
Data anonymization has been defined as "technology that converts clear text data into a nonhuman readable and irreversible form, including preimage resistant hashes (e.g., one-way hashes) and encryption techniques in which the decryption key has been discarded." Data anonymization enables the transfer of information across a boundary, such as between two departments within an agency or between two agencies, while reducing the risk of unintended disclosure, and in certain environments in a manner that enables evaluation and analytics post-anonymization.
In the context of medical data, anonymized data refers to data from which the patient cannot be identified by the recipient of the information. The name, address, and full post code must be removed, together with any other information which, in conjunction with other data held by or disclosed to the recipient, could identify the patient.
De-anonymization is the reverse process in which anonymous data is cross-referenced with other data sources to re-identify the anonymous data source. Generalization and perturbation are the two popular anonymization approaches for relational data.
Data anonymization tools
- Oracle Advanced Security, Oracle
- IBM Security Guardium, IBM
- Dynamic Data Masking, Informatica
- Micro Focus Data Express™, Micro Focus
- IMASK, Mentis
- CA Data Manager, CA Technologies
- IRI Field Shield, IRI
- Data Base Protector, Protegrity
- Thales eSecurity, Thales
- Soflab GALL, Soflab Technology
- Differential privacy
- Fillet (redaction)
- Masking and unmasking by intelligence agencies
- Statistical disclosure control
- Data science under GDPR with pseudonymization in the data pipeline Published by Dativa, 17 April, 2018
- Privacy Technology Focus Group Report (PDF). United States Department of Justice. 2006. p. 52.
- "Data anonymization". The Free Medical Dictionary. Retrieved 17 January 2014.
- "De-anonymization". Whatis.com. Retrieved 17 January 2014.
- Bin Zhou; Jian Pei; WoShun Luk (December 2008). "A brief survey on anonymization techniques for privacy preserving publishing of social network data" (PDF). Newsletter ACM SIGKDD Explorations Newsletter. 10 (2): 12–22.
- "IBM Knowledge Center". www.ibm.com. Retrieved 2018-11-22.
- "Data Masking: Data Obfuscation & Encryption | Informatica US". www.informatica.com. Retrieved 2018-11-22.
- "Data Express | Micro Focus". www.microfocus.com. Retrieved 2018-11-22.
- "index". www.mentisoftware.com. Retrieved 2018-11-22.
- "CA Test Data Manager | CA Communities". ca-tech.jiveon.com. Retrieved 2018-11-22.
- "Test Data Privacy - Compuware". Compuware. Retrieved 2018-11-22.
- "IRI FieldShield Data Masking | IRI, The CoSort Company". www.iri.com. Retrieved 2018-11-22.
- "Database Protector | Protegrity". Protegrity. Retrieved 2018-11-22.
- "Vormetric Vaultless Tokenization with Dynamic Data Masking | Vaultless Data Tokenization | Thales eSecurity". www.thalesesecurity.com. Retrieved 2018-11-22.
- "Soflab". gall.soflab.pl. Retrieved 2018-11-22.
- Raghunathan, Balaji (June 2013). The Complete Book of Data Anonymization: From Planning to Implementation. CRC Press. ISBN 9781482218565.
- Khaled El Emam, Luk Arbuckle (December 2013). Anonymizing Health Data Case Studies and Methods to Get You Started. O'Reilly Media. ISBN 978-1-4493-6307-9.
- Rolf H. Weber, Ulrike I. Heinrich (2012). Anonymization: SpringerBriefs in Cybersecurity. Springer. ISBN 9781447140665.
- Aris Gkoulalas-Divanis, Grigorios Loukides (2012). Anonymization of Electronic Medical Records to Support Clinical Analysis (SpringerBriefs in Electrical and Computer Engineering). Springer. ISBN 9781461456674.
- Pete Warden. "Why you can't really anonymize your data". O'Reilly Media, Inc. Retrieved 17 January 2014.