Anonymization Without Borders: An International Framework

When:  Jun 20, 2023 from 12:00 to 13:00 (PT)
Associated with  Victoria Chapter

ISACA Victoria is pleased to present the June virtual session: Anonymization Without Borders: An International Framework

Abstract

The International Organization for Standardization (ISO) has developed a framework for safe and responsible data sharing and reuse through anonymization (aka deidentification). ISO/IEC 27559, developed over five years, provides guardrails for implementation with a range of options to mitigate risks across the lifecycle of deidentified data. The framework covers four main areas: context assessment, data assessment, identifiability assessment and mitigation, and deidentification governance. The standard is agnostic to legal interpretations and uses the more neutral term of deidentification, allowing for more jurisdictional variation. Once national standards bodies adopt ISO/IEC 27559, auditors will test compliance with the standard. The standard will play a crucial role in establishing best practices for the reuse and sharing of sensitive data, enabling industry, governments, and regulators to assess and implement processes with confidence.