วันพุธที่ 14 พฤษภาคม พ.ศ. 2568

Data anonymization

  • คือการนำข้อมูลส่วนบุคคลไปประมวลผลให้เกิดคุณค่าทางธุรกิจต่อไปได้โดยไม่เปิดเผยการระบุตัวตน
  • Pseudonymization vs Anonymization

Pseudonymization

    • Definition: Personal data is replaced with pseudonyms (e.g., codes, numbers) but can still be re-identified using additional information (e.g., a key).

    • Reversibility: Reversible – the original data can be restored if the pseudonym and key are combined.

    • Purpose: Reduces risks during data processing, storage, or sharing, while still allowing for re-identification when necessary (e.g., in medical research).

    • Example: Replacing patient names with IDs in a health database, while keeping a separate file that links IDs to names.

    • GDPR Status: Still considered personal data, but offers some compliance benefits if implemented correctly.

    Anonymization

    • Definition: Personal data is irreversibly altered so that the individual can no longer be identified, directly or indirectly.

    • Reversibility: Irreversible – the data cannot be traced back to a person.

    • Purpose: Used when there's no need to identify individuals, such as for open data publication or aggregate analysis.

    • Example: Aggregating survey results so that individual responses cannot be linked to specific participants.

    • GDPR Status: Not considered personal data – once data is truly anonymized, GDPR no longer applies.