Pasar al contenido principal

DataVaccinator: Personal data protection by design via “industrialised pseudonymisation”

“Violation of personal data protection is not always with evil intent but often rooted in human errors. Storing data pseudonymised and separate from identifiable attributes protects from any kind of personal data violations.”
Kurt Kammerer, Co-founder of DataVaccinator

Why

Protecting personal data has been a focus topic for several years. Sharing personal data can be as advantageous as it is controversial and complex. Medical records, for example, are sensitive personal data. At the same time, scientific research greatly benefits from analysing health records to better understand diagnostics and treatment. Identifiable attributes like the name of the patient are not important for research. Therefore, anonymisation and pseudonymisation are effective tools that enable sharing of personal data without the identifiable attributes. However, those tools can bare the risk of re-identification and leave the original pool of data that was used to disidentify the data, post-generation, at risk to leakages, breaches, and theft. 
A pseudonymisation of data at the point of its generation mitigates this risk. If a person’s medical record is stored separately from the identifiable attributes when it is generated, the medical record is no longer directly identifiable. Only with the VID, personal identifiable data and content data be combined, for example when going to the doctor or using a personal health app. This makes storing and sharing medical records much safer. 

How

DataVaccinator splits data into separate databases upon generation and is joined real-time in the local applications. Using encryption, DataVaccinator ensures that only eligible parties can access the sensitive joined data. The solution also lowers the costs of data pseudonymisation and management.
The software is available as opens source software. Developers can integrate ready-to-use components with open licence, state-of-the-art encryption and hashing algorithms. The source code can get viewed and downloaded on GitHub (AGPL licenced) same as the JavaScipt Client implementation (MIT licenced). The software can enable new applications but also re-engineer existing ones. 
Organisations such as hospitals, universities, banks, insurers, retailers or manufacturers can also operate their own private or public instances of the DataVaccinator service.

Prospects

In the future, data protection will not be a current focus topic anymore but an established model of data management. Generosity towards misuse, unawareness or mistakes will further decrease. At the same time the rick of not sharing depersonalized data will become more clear and compliant and feasible solutions will be on demand to support a competitive Europe. Key sector for personal data protection solutions like DataVaccinator are Financial Services, E-Media, Smart home, E-Commerce, Industry 4.0, E-mobility, and, of course, E-health.

To learn more about DataVaccinator, watch our interview with its co-founder Kurt Kammerer

 

Name

DataVaccinator

Sector

IT and software services

Region

Luxembourg / World

Countries

Any

Time

Ongoing

URL

https://www.datavaccinator.com/

Business model

Open source, non-commercial

Participants

Spin off from Regify GmbH

Type of organisation

Non-commercial

Data sharing model(s)

Sharing of pseudonymised data that is stored separately from its identifiable attributes.

Core impact

Protection of data against abuse or errors that lead to data breaches violating GDPR. Separating the personal attributes from the data describing related content, like diagnostics is stored separately enabling the sharing of this information without sharing personal data. This is highly valuable for example for research in health and diagnostics.

Context

Open source software for secure and safe data storage and personal data protection using pseudonymisation of personal data at the point of its generation.