Linking community and technology to enable FAIR data
Pseudonymisation means replacing any identifying characteristics of data with a pseudonym, i.e., a value which does not allow the person to be directly identified. You need to de-identify study subjects by anonymising or pseudonymising the data. In addition, you may aggregate data to reduce the probability of identification. For example, you could replace birth date with age or age bin. Pseudonymisation is preferred over anonymisation if you wish to:
- retain the possibility to inform patients of incidental findings;
- be able to collect extra data for the same patient;
- be able to verify your research data with the source data.
Pseudonymisation only provides limited protection for the identity of data subjects as it still allows identification using indirect means. However, it does allow you to report accidental findings back to the patient. In general, you can protect the privacy of your study subjects by:
- keeping identifiable data separated from unidentifiable research data;
- using random unique research codes and separating the code list from the research data;
- encrypting vital identifying information;
- change encryption methods every few years;
- independent key management.
Always contact a data steward or privacy officer to verify if you are working in line with the MUMC+ data management regulations.