Skip main navigation


How is health data anonymised and is anonymisation effective? Read this article to find out more.
Laptop with a lock
© University of Groningen

You learned that a lot of data are being collected and used within the healthcare sector in order to treat patients as well as for medical research purposes. As long as the personal health data can be used to identify a natural person, like Anna, the GDPR applies.

For treating a patient it is important that the right health data is connected to the right patient. This means that in this context, health data cannot be anonymised. Anonymisation means that personal data can no longer identify a natural person. The GDPR however also mentions another safeguard: pseudonymisation.

Article 4 (5) GDPR explains what is meant by pseudonymisation in light of the GDPR. It means that the processing of personal data cannot be linked to a natural person on its own, addition information is needed to identify a person. It is important that the additional information is kept separately and that technical and organisational measures have been taken to ensure that this information cannot be attributed to a natural person. This means that pseudonymised data can be used to treat a patient and helps keep the data safe against unauthorised access.

For research purposes it is not always necessary to attribute personal data to a natural person, meaning that more drastic measures can be taken. This is why research data can, most of the time, be anonymised. We heard Anna’s research nurse explain that her health data is anonymised before it is transferred to another research institution.

The difference between pseudonymisation and anonymisation is that pseudonymised personal data can still, by using addition information, be used to identify a natural person. Anonymised data can never be used to identify a natural person, not even with addition information. The conclusion that can be drawn from this is that anonymised data does not need to comply with the GDPR, considering that the risks to the fundamental rights and freedoms of a natural person no longer exist.

When anonymising data it is however important to make sure that it is truly anonymised. With modern technologies, a lot of information is available and combining different data sets, makes it sometimes possible to re-identify a natural person in an anonymised data set. In 2015 Latanya Sweeney published an article which proved that she was able to re-identify anonymised datasets which she bought from a hospital, by comparing the dataset to newspaper stories in the same year. By using this technique she was able to identify 43% of the people in the anonymised dataset. This research showed that it is almost impossible to really anonymise data. If data is not anonymised, the risks to the fundamental rights and freedoms of a natural person are still present, and the GDPR applies.

If you have not done so already, we invite you to read Latanya Sweeney’s entire article called ‘Only You, Your Doctor, and Many Others May Know’ from Technology Science.

© University of Groningen
This article is from the free online

Protecting Health Data in the Modern Age: Getting to Grips with the GDPR

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now