Home » Solutions » Field Protection » De Re-Identification
Field-Level De/Re-Identification 
» Solutions
Business Intelligence
Data Governance
Data Transformation
ETL/DB Acceleration
Field Protection
Encryption/Decryption
Filtering/Redaction
Anonymization
Data Masking
De/Re-Identification
Pseudonymization
File Interchange
Sort Migration
Test Data/Files
» Resources
case studies Case Studies
white papers White Papers
make text smaller make text larger print this pageemail this page
Encode Sensitive Data (Recoverable Protection)

Challenges:
Do you need to change the individualizing characteristics of data so that a personal, or other, data item stored in the original field cannot be identified, but nonetheless remain individualized? This way, database table and flat-file data could flow safely de-identified through different departments, and where necessary, be re-identified.

Sensitive data must also be replaced with altered (but reversible) output, and maintain the characteristics of the original field (like the length, data type, or even a real-looking but different value). Very often, feld-level encryption does not accomplish this goal because the ciphertext result is usually longer than the original field and will not be recognizable. However, format-preserving encryption can be a desireable option in the de- and re-identification requirements context.

Solutions:
Both the FieldShield package and the CoSort product's SortCL tool provide several ways to de-identify personal health information (PHI) and other sensitive field data (like a social security or credit card number) in your databases and files. At the same time, the de-identified field can look more realistic and still be recovered.

You can de-identify private fields in these ways:

  1. Apply a built-in or custom format-preserving encryption function to the sensitive fields and the matchting decryption function and key to reveal them

  2. Use the built-in ASCII de-identification function to encode fields with random ASCII characters

  3. Specify lookup (set) files to substitute sensitive field values with a pseudonym

  4. Transform the field with one or more data manipulations, or mask all or part of it with custom characters (though that would not allow for data recovery)

  5. De-identify or encode the data with your own field-level (complex) transformation function

Example of the ASCII field de- and re-identification dialog in the IRI Workbench supporting FieldShield, built on Eclipse.

These field-level de-identification methods in FieldShield or CoSort can help you comply with certain privacy regulations, leave your non-sensitive data and files available for further processing, and produce an XML audit trail to help you verify compliance.

If you are interested in de-identifying real data through the generation of test data instead, please look into the metadata-compatible RowGen tool for test database, file, and report targets.

See also:
FAQ > Data Privacy
Solutions > Field Protection
Solutions > Field Protection > Encryption
Solutions > Field Protection > Protect/Transform/Report
Solutions > Data Governance > Verifying Compliance
Products > FieldShield
Products > FieldShield GUI
Products > CoSort > SortCL
Solutions > Test Data/Files
Products > RowGen

Request More Info:

* IRI WILL NOT share this info