How to handle requests for information that contain personal data?

As a Service Owner you might sometimes get a "one time request" to extract, process or transfer data for a very particular purpose. Like for example information about all the participants of a given event.

The best way to answer reasonable requests of this type is with anonymised data. To carry out anonymisation it is important to understand what is the information being requested and the purpose for which the information will be put.

For data sets with very few people or very specific combinations of characteristics it is important to make sure that the identify cannot be reconstructed, or inferred, when using any other information that would be readily available.

It’s important to understand the difference between anonymised data and pseudonymised data.

To truly anonymise data, all individual identifiable information will be removed, and the data set will also be aggregated based on the requested fields. Anonymising data is an irreversible process rendering the data subject unidentifiable, while in case of pseudonymisation the data subject remains identifiable and can be identified with the use of additional information. However, pseudonymising the data provides further protection as it is no longer possible to directly identify the individual.

So for example instead of reporting there was a 23 year old Greek female, a 24 year old Spanish male and a 23 year old Spanish female, it is preferable to report the average age was 23.3 years, 2/3 of the participants were Spanish, 1/3 was Greek, 2/3 female and 1/3 male.