Anonymisation is a valuable tool that allows data to be shared, whilst preserving privacy. The process of anonymising data requires that identifiers are changed in some way such as being removed, substituted, distorted, generalised or aggregated.
A person's identity can be disclosed from:
You decide which information to keep for data to be useful and which to change. Removing key variables, applying pseudonyms, generalising and removing contextual information from textual files, and blurring image or video data could result in important details being missed or incorrect inferences being made. See example 1 and example 2 for balancing anonymisation with keeping data useful for qualitative and quantitative data.
Anonymising research data is best planned early in the research to help reduce anonymisation costs, and should be considered alongside obtaining informed consent for data sharing or imposing access restrictions. Personal data should never be disclosed from research information, unless a participant has given consent to do so, ideally in writing.
Follow these steps to anonymise a data file:
Find and highlight direct identifiers
Assess indirect identifiers
Assess the wider picture
Remove (or psuedonymise) direct identifiers
Aggregate or blur (in)direct indentifiers
Redact indirect identifiers
Re-assess any remaining disclosure risk
Due to industrial action, there may be a delay in responding to enquiries from Monday 25 November to Wednesday 4 December.