Get free consultation
Use technology to build the business you deserve
Pseudonymisation is a process whereby personal data is stripped of its identifying components rendering the remainder anonymous. It is not truly anonymous because the identifying data continues to exist on the data processors’ systems, and if access was gained to those systems, the individuals could be identified.
To give an example: it is estimated that 87% of individuals in the United States can be identified using only three pieces of information, their Zip code, their gender and their date of birth. If you were intending to perform statistical analysis you could collect only zip codes and nothing else. This would be anonymous data as no one could be identified from that data.
If on the other hand, you had collected names, zip codes, gender and date of birth information for the express purposes of providing a mailing list, under the GDPR you would be required to seek further consent (or a different lawful basis) for the sort of statistical analysis above.
An alternative would be to pseudonymise the data by extracting only the zip code data and analysing (processing) that. This would be legal under the GDPR as the data being processed for this purpose would be incapable of identifying an individual, and no additional consent would be required.
For the data processor, pseudonymisation allows additional processing without the effort of gaining further consent. For the individual, the data subject, their details remain safe and as far as the GDPR is concerned there is no unreasonable risk of their identity being revealed by this additional processing.
No, it isn’t, and it is important to realise this and understand why. Anonymous data contains nothing that would allow an individual to be identified. Importantly the data processor holds no additional data that would allow the identification of an individual.
Pseudonymised data does not itself contain anything that would allow an individual to be identified, but the data processor does hold additional data, which if added to the pseudonymised data, would allow individuals to be identified.
The difference then is really whether or not the data processor holds additional, identifying data. It is very important that organisations understand the difference between the two and collect data and consent appropriately.
The ability to pseudonymise data has a number of advantages:
Separating personal data into pseudonymous components reduces risk should a data breach occur, dependent on the nature and extent of the breach.
It is conceivable that a company could find that their use of pseudonymised data it is the difference between a notifiable breach and one that doesn’t require notification. If only pseudonymised data was improperly accessed there would be no demonstrable risk to individual data subjects and the breach may not have to be notified to the Information Commissioner’s Office (ICO).
Similarly, if you are passing data to a third party for processing and only provide them with access to pseudonymised data, the risk involved to individuals is markedly reduced.
The removal of the requirement that pseudonymised data be portable, erasable or subject to correction may significantly reduce operational and system overheads where you are processing large amounts of data, as there would be no requirement to build the necessary facilities to perform these functions into your systems.
Any or all of these reasons could be significant to organisations looking to glean more value from the data they have collected, or simply as a technique to increase data security and improve public confidence in their practices.
In a word, no. In fact, it’s far from it. It is unlikely that any company that anticipated substantial data processing would decide on a whim to start pseudonymising data.
It is far more likely and sensible that organisations would factor pseudonymisation into their data processing plans from the start. The decision to employ pseudonymisation as part of their data processing procedures may well have a direct impact upon the lawful bases for processing and on the nature of consent sought from their customers.
If a company knows that they will want to perform statistical analysis of customer data they can either seek explicit consent for that processing at the point of collection or they can establish whether pseudonymising the data they collect will allow them to perform sufficient analysis with existing consent.
Such a decision may well have a significant impact upon the very nature of the processing operation, upon the steps required by the organisation to comply with the provisions of the GDPR and directly inform decisions made regarding overall data security and system design within the organisation.
Onestop is ready to assist and guide you to ensure both compliance and maximum efficiency from your IT systems. Pseudonymisation is a powerful tool and its use has the potential to have a significant impact on an organisations plans and operating methodology. It is vital that any organisation considering its use is quite clear about the advantages and disadvantages involved.
It is common for businesses to view IT as an unnecessary cost, which is why the IT department is often given an incredibly low IT budget. However, in today's digital world, technology couldn't be more important for the development and growth of a business.
A regulatory requirement is a law or rule that businesses must adhere to in order to operate legally. There are many different regulatory requirements, and it is important for businesses to be aware of them all.
Our Edinburgh IT Solution services are just one part of the many vital areas your business can work with us to improve productivity, increase security, and reduce overall costs. A forward-thinking, highly motivated company like Onestop IT will take your business to the next level.
With businesses relying on technology to empower their services, having reliable Managed IT Support in Edinburgh, Glasgow, Aberdeen and Central Scotland has never been more important.
With work from home and e-learning still very popular, having reliable Home Office IT Support in Scotland has never been more important...
Outsourcing IT Support Services in Aberdeen is a wise move for SMEs. There are numerous IT Support providers covering Aberdeen, Edinburgh, Glasgow and central Scotland areas and they all package their services in different ways. At Onestop IT we provide a wealth of products and support to meet the needs of our SME IT customers. Broadly speaking our IT Services divide into IT Support and Managed IT Services. We work with each customer to create an individual package of services that meets their needs, often pulling in elements of both IT Support and Managed Services.
Outsourcing IT Support Services in Scotland is a wise move for SMEs. There are numerous IT Support providers covering Edinburgh, Aberdeen, Glasgow and central Scotland areas and they all package their services in different ways. At Onestop we provide a wealth of products and support to meet the needs of our SME IT customers. Broadly speaking our IT Services divide into IT Support and Managed IT Services. We work with each customer to create an individual package of services that meets their needs, often pulling in elements of both IT Support and Managed Services.
Running a business is no easy task. You have to keep up with the latest IT trends and updates, be aware of any security vulnerabilities, and decide which software to use. This can sometimes feel like too much for one person or team, so it's understandable when businesses are sceptical about outsourcing IT support. But if you choose wisely, there are many benefits! This blog post will go over 5 reasons why IT support should be outsourced in favour of company growth and success.
Why is preparing an IT budget within SMEs (small medium enterprises) essential? And, how can having a strategic budget propel your organisation towards success in the modern, competitive marketplace. Here, we delve into the main steps involved in creating an IT budget.
In this post, we examine how small and medium enterprises (SMEs) can develop and implement an IT asset database. We also discuss the reasons for having a computerised asset management system, what it should include and some of the issues that could arise without such business information to hand.
In the past few weeks, this blog has focused on the shortcomings of the built-in recovery measures of the G Suite and Office 365, highlighting the need for a third-party backup solution. There are a number of myths about cybersecurity and data backup surrounding these two cloud-based suites. People often use these misconceptions to convince themselves they don’t need an external backup solution for their data.
Living in the digital era, we’re all accustomed to instant communication. Whether it’s an update on the news, a WhatsApp message or a notification from Facebook, we settle for nothing less than hyper-efficient messaging – and your business deserves nothing less. Organisations of all sizes are now recognising the importance of leveraging Voice over Internet Protocol (VoIP) to achieve seamless connectivity that will help them unlock their full potential. Although the traditional phone system fulfils its objective effectively – connecting person A to person B – digital technology has made businesses vastly more interconnected with superior ease. The VoIP phone system dates back to 1973, but it’s only recently that it has become a near-mandatory asset for all savvy business owners looking to communicate more effectively and ultimately gain an advantage over their competition. In this article, we’ll break down what VoIP is, how it compares with the traditional phone system and how adopting VoIP technology can benefit your business.
This video is an introduction to our IT Support page. Throughout the page you can find information about what an IT Support is, why you need it and how it benefits your business.
Many people have a question about IT support. "How much does it cost?" IT support isn't just one price, but there are factors that will affect the cost of your service. Here's what you need to know!
Are you looking for an IT company to help with your business? If so, you should know that outsourcing can be a great option! 1) You can focus on what you do best: running your company instead of worrying about technology. 2) It will free up time and resources because there are more people working on the same project. 3) Your tech solutions will always stay up-to-date and secure without any hassle or expense to yourself.
In-house IT support sounds like a good idea, but it can come with some hidden costs. In this video I'll share the pros and cons of in-house vs outsourced IT support so you can decide which is best for your business.
2 Straiton Business Parc,
2 West Regent Street, Glasgow,