Pseudonymization and anonymization are two options available to companies aiming to implement an important principle of the European General Data Protection Regulation (GDPR): data minimization. Which approach is appropriate for which purpose?
When personal or sensitive data is pseudonymized or anonymized, the risk of unauthorized access or viewing is reduced. In both cases, the use of encryption methods is preferred. However, the methods themselves differ significantly. For pseudonymization, the original data is replaced by a different value and the assignment is saved so that the original can be called later and reconstructed. By contrast, anonymization does not keep this information, meaning that the original data cannot be reconstructed later.
Access to original data is required
Anonymization is particularly recommended at companies that want to protect data provided for testing or data transferred to secondary systems, such as data warehouses and reporting solutions. If, however, access to original data is required throughout a business process, pseudonymization is the right choice. Settling an inbound sales order is one example of this. During order management, the plain text name of the customer is necessary for the credit check, while only a pseudonym is necessary for subsequent process steps.
Business requirements put to the test
When choosing an appropriate approach, companies should test their business and IT requirements. Statutory requirements must be met when selecting the data while still allowing flexible evaluation options such as data analytics. From a user perspective, usability when dealing with pseudonymized items is paramount. Likewise, it is important not to hinder process efficiency when introducing data protection measures. Furthermore, technical solutions must be highly scalable.