Themes

Anonymisation and pseudonymisation

What is this about?

An individual can be identified directly (e.g. by name, address, telephone number, photograph) or indirectly (e.g. by place of work, particular condition). Anonymisation and pseudonymisation remove or minimize the risk of re-identification of individuals by masking the data. When data is anonymised the individuals are no longer identifiable, while in pseudonymised data there is a residual risk of re-identification.

Why is this important?

Data protection is defined as a fundamental human right and using personal data raises significant ethics issues ^[1]. Pseudonymisation and anonymisation are methods used to protect one's privacy and minimize the risk in the event of unauthorized access. Pseudonymised data are considered personal data and therefore are in the scope of GDPR, unlike irreversibly anonymised data which are no longer defined as personal data and are outside of the scope of GDPR ^[2]

↑ 1. Article 8, Charter of Fundamental Rights of the European Union
↑ 1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance), [2016] OJ L 119/1.

For whom is this important?

PhD StudentsJunior researchersClinical researchers

Natalie Evans, Blaž Barun contributed to this theme. Latest contribution was Aug 20, 2021

Other information

[1] 1. Article 8, Charter of Fundamental Rights of the European Union

[2] 1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance), [2016] OJ L 119/1.

[1]

[2]