Personal data enjoys specific legal protection because by definition it identifies an individual. Pseudonymisation of personal data entails processing personal data so that the personal data can no longer be attributed to a specific person without the use of additional information.
This process is therefore seen by businesses and regulators as an important tool to reduce the risks around handling personal data as it ensures that personal data is not directly identifiable without such additional information.
What is an example of pseudonymisation? |
|---|
In a database of information about individuals, instead of using a person’s name as the way of linking the individual to the relevant data, a code may be used as the identifier instead. This means that additional information is needed to reveal the identity of the code holder. |
How can pseudonymisation be achieved? |
|---|
To ensure personal data is pseudonymised, the additional information must be kept separately and securely to ensure that it cannot readily be used to link personal data to an identified or identifiable natural person. Although the objective of pseudonymisation is that the links to an individual can be restored when necessary, it is important that appropriate measures are taken to ensure that such a link can only be made in an authorised way – by the use of security and processes sufficient for this purpose. |
| Benefits |
|---|
The application of pseudonymisation can reduce the risks to data subjects concerned and help controllers and processors meet their data protection obligations. This is because the personal data is not immediately accessible and additional technical steps would be required to identify an individual if for example, there was a data breach. Controllers and processors have obligations under data protection laws to ensure that appropriate technical and organisational measures are in place to protect the security and confidentiality of personal data processed and pseudonymisation could be one such measure, underpinned by policies and procedures and explained in notices. |
Distinguished from anonymisation |
|---|
Pseudonymised personal data remains personal data for the purposes of UK GDPR, and it is therefore subject to all the usual controls. Where personal data is truly anonymised, it is no longer possible to (re)identify the individual, meaning that it is no longer personal data and therefore is no longer subject to data protection laws - although other duties of confidence may well still apply. If personal data is to be anonymised, this should be set out in the relevant privacy notice as even the process of anonymising personal data is technically a form of processing. |
For more information or advice on data protection compliance, please contact Beverley Flynn or any member of the commercial and technology team.
The information contained in this guide is intended to be a general introductory summary of the subject matters covered only. It does not purport to be exhaustive, or to provide legal advice, and should not be used as a substitute for such advice.
Beverley Flynn
Guy Cartwright