What is data de-identification?
Data de-identification is a process enterprises use to interact with and derive value from data that has had sensitive and personally identifiable information (PII) removed. Data de-identification tools identify PII and break its link from individuals while keeping the remainder of the data intact. Doing so preserves the privacy of the data subjects within the data set. Enterprises that regularly work with susceptible data often choose to de-identify it to remain compliant with government regulations, including GDPR, CCPA, and HIPAA.
Data de-identification products operate similarly to data masking software, but the former has a lower chance of data being re-identified. By anonymizing data and separating value-add information from PII, such as a person’s age, ZIP code, and name, organizations can share regulated information across their enterprise and with third parties in a way that greatly reduces regulatory non-compliance.
Types of data de-identification
There are several different methods to de-identify data, including:
- Tokenization: This method of de-identification of data replaces specified PII with another phrase, such as a random string of information. This method ensures that even if the data is breached, malicious actors will only uncover meaningless information that cannot identify individuals.
- Replacement: This method is similar to tokenization in removing sensitive information. It differs in that instead of real data being replaced by a random string of information, it is replaced by fabricated data that looks real.
- Privacy vault: A newer form of data de-identification, this method involves passing PII data through a vault. The vault acts as a filter, identifying, separating, and replacing sensitive data and PII through various de-identification methods. The separated information is stored in the vault and protected using data encryption.
Benefits of using data de-identification
There are several benefits to de-identifying data, which include:
- Compliance: Government regulations, including GDPR and CCPA standards, have strict language regarding data that organizations share with third parties. To remain compliant with these standards, they stipulate that data containing PII or other sensitive information must be unable to be reasonably linked to the individual the data concerns.
- Lower maintenance: Once the link between data subjects and sensitive data has been severed through de-identification, the data set becomes a lower-risk and lower-maintenance asset. For example, organizations are often required to report data leaks and breaches involving sensitive data and PII. However, there are often no legal requirements to report leaks and breaches that involve data that cannot identify individuals.
- Valuable insights: Data that has been de-identified is often used in aggregated data sets to spot trends or shared features across groups of people. In such cases, no sensitive information removed adds value to the data set's data anyway, meaning enterprises can still utilize the valuable aspects of the remaining data without compromising any individual’s privacy.
- Data sharing: A primary benefit of de-identifying data is the ability it gives organizations to share large data sets with third parties. Since the data cannot be linked to individuals yet contains valuable information, third parties can help organizations derive particular points of value from the data without knowing anyone’s identity.
Basic elements of data de-identification
Data de-identification includes the following essential elements:
- Removing identifiable data: To properly de-identify data, sensitive information must be removed. This sensitive information includes names, addresses, phone numbers, credit card information, biometric data, and more information that can identify individuals. Abstract information such as age, weight, height, or other data that cannot reasonably identify an individual within the data set may remain for parties to extract necessary value without compromising data subjects’ privacy.
- Breaking links from data subjects: By removing information that would otherwise identify individuals, the link between the data from which value can be derived and the person from whom the remaining data was derived is broken. In the event of a data leak or data breach, this severance makes it difficult for malicious actors to identify data subjects from anonymized data sets.
Data de-identification vs. data masking
Data de-identification and data masking are closely related concepts, but they differ slightly.
- Data de-identification: When data is de-identified, sensitive information, including PII, is separated or removed from the data set. This makes it very difficult to identify data subjects internally or in the case of a data breach or leak. Data de-identification methods often involve replacing PII with fabricated information or meaningless strings of text.
- Data masking: Masking data means just that—concealing information points still present within the data set. Standard methods of data masking include encryption and redaction. Reidentifying individuals in masked data is possible if the mask is removed.
Brandon Summers-Miller
Brandon is a Senior Research Analyst at G2 specializing in security and data privacy. Before joining G2, Brandon worked as a freelance journalist and copywriter focused on food and beverage, LGBTQIA+ culture, and the tech industry. As an analyst, Brandon is committed to helping buyers identify products that protect and secure their data in an increasingly complex digital world. When he isn’t researching, Brandon enjoys hiking, gardening, reading, and writing about food.
