Pseudonymization

This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Pseudonymization" – news · newspapers · books · scholar · JSTOR (January 2024) (Learn how and when to remove this message)

Pseudonymization is a data management and de-identification procedure by which personally identifiable information fields within a data record are replaced by one or more artificial identifiers, or pseudonyms.^[1] A single pseudonym for each replaced field or collection of replaced fields makes the data record less identifiable while remaining suitable for data analysis and data processing.

Pseudonymization (or pseudonymisation, the spelling under European guidelines) is one way to comply with the European Union's new General Data Protection Regulation (GDPR) demands for secure data storage of personal information.^[2] Pseudonymized data can be restored to its original state with the addition of information which allows individuals to be re-identified. In contrast, anonymization is intended to prevent re-identification of individuals within the dataset. Clause 18, Module Four, footnote 2 of the Adoption by the European Commission of the Implementing Decisions (EU) 2021/914 “requires rendering the data anonymous in such a way that the individual is no longer identifiable by anyone ... and that this process is irreversible.”^[3]