Selective Data Anonymization helps GDPR compliance

Selective Data Anonymization helps GDPR compliance


Today's digital transformation mottos encourage workers to share information. Everybody is aware that restriction on information slows the processes hence the company. Information sharing is more important than ever before.

But here the difficulty begins; Information share may frequenlty contradict data protection regulations like GDPR, HIPAA or the organization's own sensitive data rules. Any organization must keep the balance between data protection regulations and business processes.

Selective Data Anonymization can play an important role in solving this dilemma. Selective Data Anonymization may enable one to share the same content with different stakeholders by masking only the protected information for that stakeholder.

Let's start with PII anonymization. A good solution should have a solid data discovery. Discovery of PII means finding names, SSN(or your citizen number), e-mail, address, blood type.  If you want to use your corporate HR database for any analysis which information will you hide? Masking all may be a good solution but also a limiting factor for the analysis. The solution may hide names, dates or noth depending on the case.

Personal Information is only a part of the sensitive data. For example, we may assume that the contracting party and money phrases are considered sensitive. The legal department can do many investigations without seeing the contracting party or money values. And another department may need to see money information but not the contracting parties. So selective method easies information share and protects risky and inevitable errors.

Selection saves you binary information flow rules that a document shared or not. Now you may allow sharing a document w/o contracting party or money information or both. This is much positive and accelerates business processes.

Selective anonymization and other content-driven methods leave much less work for the stakeholders. A user need not have to say that “this is is a contract”. That means one less thing to do and one less error source. Content-Driven means methods that look to the content and decide accordingly. The content-Driven method strengthens data protection in every aspect and also accelerates the business processes.

Content-Driven is much more powerful with technologies like Natural Language Processing(NLP) and Artificial Intelligence(AI). NLP help read documents like us and process them directly for furher processing. Without NLP it would be much harder to have a solid data discovery and hence anonymization.

AI is another part of the process. The question “Is this document is a contract?” may be hard to answer when you do not have a standart for the contracts but easy with AI techniques. AI saves us from rules that are not flexible and fails when a small deviation occurs.

GEODI offers working and viable high-performance solutions based on Natural Language Processing and Artificial Intelligence.


Topics May Be Of Interest