Anonymisation
-
Due to the Data (Use and Access) Act coming into law on 19 June 2025, this guidance is under review and may be subject to change. The Plans for new and updated guidance page will tell you about which guidance will be updated and when this will happen.
Contents
-
Introduction to anonymisation
- What is personal data?
- What is anonymous information?
- What is anonymisation?
- Is anonymisation always necessary?
- Is anonymisation always possible?
- What are the benefits of anonymisation?
- If we anonymise personal data, does this count as processing?
- What is the difference between anonymisation and pseudonymisation?
- What about ‘de-identified’ personal data?
-
How do we ensure anonymisation is effective?
- What should our anonymisation process achieve?
- What is identifiability?
- What are the key indicators of identifiability?
- What is the “spectrum of identifiability”?
- What does data protection law say about assessing identifiability risk?
- How should we approach this assessment?
- What factors should we include?
- Do we need to consider who else may be able to identify people from the data?
- Can we anonymise within our organisation?
- What is the “motivated intruder” test?
- How do we apply the motivated intruder test?
- When should we review our identifiability risk assessments?
- How do we decide when and how to release data?
- What approaches can we take to anonymisation?
-
Pseudonymisation
- What is pseudonymisation?
- Is pseudonymised data still personal data?
- What are the benefits of pseudonymisation?
- How can pseudonymisation help us to reduce risk?
- Can pseudonymisation help us process data for other purposes?
- Are there any offences relating to pseudonymisation?
- How should we approach pseudonymisation?
- What pseudonymisation techniques should we use?
- How should we assess the risk of attackers reversing pseudonymisation?
- What organisational measures should we consider for pseudonymisation?
-
What accountability and governance measures do we need?
- What governance approach should we take?
- Who should be responsible for our anonymisation process?
- Why do we want to anonymise personal data?
- How should we work with other organisations?
- What type of disclosure is it?
- How should we identify potentially difficult cases?
- How should we ensure transparency?
- How should we ensure appropriate staff training?
- How should we mitigate identification risk due to a security incident?
- What other legal considerations apply?
-
Case studies