ENISA Publishes a New Report on Pseudonymisation Techniques in Health Sector

The European Union Agency for Cybersecurity (“ENISA”) publishes a new report regarding how pseudonymization techniques can help increase the protection of health data.

The report explains how the techniques can be applied to improve the level of protection of personal data through simple use-cases.

The decision on the techniques to be used should be based on previously conducted risk-impact assessment activities such as:

  • the target personal data (e.g. a set of identifiers);
  • the technique to be used;
  • the parameters applicable to the technique;
  • the pseudonymization policy to be used.

The techniques and parameters to take into account can therefore vary according to the applicable requirements in relation to regulations, speed, simplicity, predictability, and cost.

The scenarios chosen to explore these parameters are:

  • Exchanging patient’s health data;
  • Clinical trials;
  • Patient-sourced monitoring of health data.

You can reach the full text of the Report here.

Kind regards,

Zumbul Attorneys at Law

info@zumbul.av.tr