The Office of the DPO has published a new guide on best practices for pseudonymization

The Office of the Data Protection Officer has created aGuide on techniques and best practices for pseudonymization, published in the resources and documentation section of the Health DPO website aimed at  Stakeholders and Citizens.

This guide to best practice explores the basics of pseudonymization by explaining the available technical solutions and implementations that can be applied, following the recommendations set out in the GDPR and the publications of the ENISA in this area.

As well as the different pseudonymization techniques and policies used today, it also describes the parameters that can help us determine which technique and policy to use in each case. The document presents a fictitious scenario in which these pseudonymization techniques applied to a set of medical records. This allows us to see the advantages and disadvantages of using different techniques in this type of scenario.

It also contains real cases of pseudonymization in health and research: comparison of clinical histories, use of data for research purposes and shared storage of clinical histories.

Finally, it offers conclusions and recommendations for all stakeholders in terms of the practical adoption and implementation of data pseudonymization.

The annexes in the guide list possible pseudonymization scenarios, analyse the most common attack techniques used against pseudonymization, and describe the tools available on the market that can be used to both pseudonymize and anonymize data sets.

• Guia sobre les tècniques i bones pràctiques de la pseudonimització

  • 0 Kb

    
  •