This article covers the following topics:
- What is Anonymization?
- How does it work?
- What data can it Anonymize?
- Which clients will it Anonymize?
- Who can Anonymize data?
- How do I Anonymize data?
- How long will this process take?
- I made a mistake while anonymizing, what should I do?
What is Anonymization?
The anonymization tool is designed to protect the privacy and confidentiality of personal data by removing all Personal Identifiable Information (PII) of your clients. It helps prevent the identification of individuals while retaining the usefulness of the data for research analysis or sharing purposes. This tool employs data deletion to anonymize sensitive data, ensuring compliance with data protection regulations and mitigating privacy risks. By anonymizing data you can retain information about clients without violating their privacy.
How does it work?
The feature is designed to delete the Personal Identifiable Information (PII) of your clients. It runs in the background and based on your selection, it can anonymize data when clients do not visit a food bank after a certain duration of time. This task runs in the background and sequentially anonymizes the data of all your clients when they match the criteria of the selection.
What data can it Anonymize?
Currently you can only anonymize the fields listed below in the table (Fig 1.1), some fields can also be reduced further to retain parts of the data and can be reduced by selecting "Reduce Data". ( For Example, the address can be reduced to retain only the first three digits of the postal code in Canada). You can individually select which fields should be anonymized and which fields can be reduced or not anonymized.
|Field||Levels of Anonymization||Reduction|
|First and Last Name||Anonymize Completely, Do not Anonymize||No Reduction of data|
|Date of Birth||Anonymize Completely, Do not Anonymize, Reduce Data||Can be reduced to keep the year of birth of the client|
|E-Mail Address||Anonymize Completely, Do not Anonymize||No Reduction of data|
|Phone Number||Anonymize Completely, Do not Anonymize||No Reduction of data|
|ID Type||Anonymize Completely, Do not Anonymize||No Reduction of data|
|ID Confirmation||Anonymize Completely, Do not Anonymize||No Reduction of data|
|Address||Anonymize Completely, Do not Anonymize, Reduce Data||Can be reduced to retain the first three digits of the postal code in Canada|
Fig 1.1 (Fields and levels of anonymization)
Which clients will it Anonymize?
Client data can only be anonymized based on their inactivity duration. Inactivity duration refers to the time (in days) that a person has not visited a food bank. This selection can be made for adults as well as minors
1. Inactivity duration
- Data will be anonymized for all clients.
- For example - If you select an inactivity duration of 7 years, the tool will anonymize all clients that have not visited a food bank in the network for 7 years (or greater).
2. Inactivity duration for minors
- Data will only be anonymized for clients that have recently turned 18.
- For example - If you select an inactivity duration of 1 year for minors, the tool will anonymize all clients who have been inactive for 1 year after they have turned 18.
Who can Anonymize data?
How do I Anonymize data?
Step 1: Locating the Anonymization Settings
The anonymization settings are saved in the administration settings of the product and labeled as Anonymize Data. This setting is turned off by default so please remember to turn these settings on.
Fig 1.2 (Turning on the settings)
Step 2: Making the field selections
Use the levels of anonymization to select what data you want to anonymize or reduce based on the field selection table in Fig 1.1
Fig 1.3 (Making the field selections)
Step 3: Inputting the field selections
Select the inactivity duration window for all cases as well as that for minors. You can refer to Fig 1.5 for converting years to days. Based on our research with some leading food banks we found that most people do not return to food banks after 7 years and most minors don't return to food banks 3 years after they turn 18. However this data will vary based on geography, but we can assist you in making the right selection based on your data set.
|Years||Number of Days|
Fig 1.5 (Table to convert years to days)
Step 4: Confirming Settings and starting the process
After making all the selections, click on the blue Anonymize Selection button. You will receive one final warning before enabling the anonymization process. Please note that anonymizing data is a destructive act and the data cannot be recovered, so please ensure you have made the right selection or reach out to your account manager to verify your criteria for anonymization before you make that selection.
Fig 1.6 (Enable anonymization)
How long will this process take?
The anonymization process runs in the background and the total time depends on a number of factors such as:
1. Number of clients in your database
2. Level of anonymization that you have selected
3. The inactivity duration timers