Data is personal if, without disproportional large effort, this leads to the identity of a person. Identifiers can be direct (e.g. name, address) or indirect (e.g. a rare occupation combined with a person’s age).
When dealing with personal data, you can take the following (security) measures:
- Anonymisation, to the point that the person is no longer identifiable, is one way to avoid having to take strict security measures.
- Replacing the unique identifier of a person with a pseudonym instead can provide the means to still be able to link records between sets with information from the same person.
- If it is not feasible to de-identify the data, encrypting data is also a way to prevent information on person level to be disclosed. Check Encryption for Researchers for more information.
- Separating identifiable information from the other information and storing these and their key separate, is another possible security measure you can take.
Only if the access can be unambiguously be restricted to authorised persons, can data be stored without such measures.
Should you want an elaborate visualisation of what is considered identifiable data, check out the information sheet at the Future Privacy Forum.
Download the visual guide to practical data de-identification