Medfarm’s guideline on the distinction between personal data and anonymised data
Karl Michaëlsson is Professor of Medical Epidemiology and Adviser to the Vice-Chancellor on Research Infrastructures. He is the author of the guideline. Photo: Mikael Wallerstedt.
The Disciplinary Domain of Medicine and Pharmacy strives to make research data available through open science, and now there are guidelines on the distinction between personal data and anonymised data, adopted by the Disciplinary Domain Board (ON) on 17 April.
Hello there, Karl Michaëlsson, who worked on developing the new guidelines.
Why is it important to have guidelines on when personal data can be considered anonymised?
“The line between personal data, including sensitive personal data, and anonymised data, is not clearly defined. The guidelines are needed so that we can more easily understand what anonymised data means in – above all in our clinical research studies. With the Disciplinary Domain Board decision, the Disciplinary Domain recommends how data should be defined to be considered anonymised. Everyone who conducts research with personal data as a basis is affected by the guidance that the guideline provides. It is designed as a bullet list, which should be easy to follow.”
What does anonymised data mean?
“Anonymised data means information where it is no longer possible to identify an individual person. It should not be possible to identify an individual by combining different variables in the data, or by combining this data with other data sources. Once individual data has been anonymised, it is no longer to be regarded as personal data and this means that this data can be published openly.”
What is needed for data to be considered anonymised?
“As soon as you, as a researcher, approach a person, you need personal data and you need to know how to relate to this. It should not be possible to trace the person to the study. If I, as a researcher, have anonymised the data, I should not have to worry about revealing a person’s identity.”
What do you need to fulfil for data to retain its anonymity?
“We handle personal data if we handle data about people. As simple as that. Pseudonymisation does not help. GDPR does not help. Working with anonymised data involves a lot of administration, but it has to be done. You can’t escape it! You have to have everything in place before handling personal data, and these guidelines make the work smoother.”
How will the guidelines in this document help?
“This guidance, as our guideline provides, does not guarantee complete anonymity, and there may still be a risk of personal data ending up in the wrong place if the information is combined with other available data. It is important to document considerations about these types of risks and how to manage them on a case-by-case basis. If there is the slightest uncertainty about anonymity, then additional safeguards are needed. How this can be done is described in the guidelines.”
What do you risk if you don’t have guidelines to stick to?
“If you do not have guidelines to adhere to, the entire research project can be made impossible, but it can also mean that the University and the researcher do not stay within the legally permitted limits.”
Ebba Burman
Pseudonymisation
Pseudonymisation is a technique used to protect personal data by replacing identifying data with artificial identifiers or pseudonyms. That means the data can no longer be directly linked to specific individuals without additional information. However, unlike anonymisation, where data is permanently unlinkable to individuals, the original data can be recreated if this information is available.