e
q
u
e
s
t
a
d
e
m
o < back
De-identification vs. Data Masking
{TOC}
SecurityTHE SOURCE OF CONFUSION
So, Ok, you have heard about data maskingmasking, de-identifying, anonymizing, scrubbing, and de-identification and anonymization and scrubbing and tokenizationtokenization, and... now you are confused. You are not quite certain how to distinguish between them all. Everybody in the industry hastakes a different position on whether they are the same concept, indeed.
The first stop for the definitions are always international standards. The standards provide commonly accepted definitions and requirements among the practitioners around the world. Yet, in case of the data de-identification or data masking, there is no mentioning of the term in existing ISOs. The term that ISOs mention (or in particular the ISO/TS 25237) is Pseudonymization ( ISO/TS 25237: Health informatics – Pseudonymization, First edition, 2008-12-01 (Informatique de santé — Pseudonymisation))
Security
External Threat
T
Internal Threat
TEXT
Sensitive Data Definition
TEXT
De-identification in the Context of Security
TEXT
18 elements of Data Masking per HIPAA
TEXT