Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

Protection of person-related data by means of anonymization

The legal provisions for data protection stipulate that personal data

  • may only be used and processed for the purpose for which it was collected

  • must be retained in as small a scope as possible

  • may not be stored for longer than is necessary for normal processing

In the case of deviations from these requirements, personal data must be anonymized so that it cannot be traced back to the natural person to which the data originally belonged.

Quote: §3 (6) Data Protection Act of the Federal Republic of Germany:“Anonymization is the changing of person-related data in such a manner that the individual details concerning personal or material conditions can no longer be assigned to a particular or ascertainable natural person or only with a disproportionately large investment of time, costs and labor.”

It is common practice to generate test databases from productive databases. With regard to data protection, however, person-related data must be protected when this is done.

With the utility function ALTER DATA FOR TABLE, SESAM/SQL provides a function which supports the anonymization of data and prevents any conclusions about the original context from being drawn. From the viewpoint of data protection, continued use may then also be made of this anonymized test data.

The anonymization of the data is not logged. No function is available to undo data anonymization. The algorithm used cannot be ascertained by comparing the data before and after it has been anonymized.

The data itself is not changed in this process; only the assignment of the column values to the individual rows in the table is changed. The value range and also the frequency distribution of the various column values are retained.

The assignment of the column values to the various rows in the tables is implemented differently for each column and each time the function is called. Columns which are connected logically can also be interchanged together.

Example

The column values of the personal table are shuffled. The logical connection of the columns Salutation, First Name and Gender, and of the columns City and ZIP Code are retained.


ALTER DATA FOR TABLE personal
SHUFFLE VALUES FOR COLUMN (Salutation, First Name, Gender),Last Name,
                          (ZIP Code, City), Street, House Number,
                           Telephone, Date of Birth, Place of Birth
Powered by Atlassian Confluence and Scroll Viewport.