Dataset anonymization is the removal of personal data from a mobile-health study collection. GDPR Art. 89 lets such data serve research under safeguards. anonym.plus applies the strongest one — anonymization — on your device, so the study fields stay usable.
When this applies
A mobile study gathers app events, sensor readings, and survey answers from enrolled users. To share the collection with partners, identity must go.
How anonym.plus handles it
- Open the study set in anonym.plus on a local device.
- It scans ID columns and free-text fields alike.
- Sensor readings and survey scores stay in place.
- Swap the personal parts with the map turned off.
- Save the anonymous collection for sharing.
What you need to provide
- The collection (CSV, JSON, or a record bundle).
- Replace with the re-link map off for anonymity.
- Optional column map for participant fields.
PHI entity types detected
| Category | anonym.plus entity type | Example |
|---|---|---|
| Names | PERSON | participant name → [SUBJECT_n] |
| Contact | EMAIL_ADDRESS | enrol email → [EMAIL] |
| Identifiers | ID | device handle → [DEVICE] |
| Network | IP_ADDRESS | sync IP → [IP] |
| Dates | DATE_TIME | enrol date → shifted [TIME] |
| Free text | LOCATION | diary city → [PLACE] |
Compliance achieved
- Supports scientific reuse under GDPR Art. 89 safeguards.
- Anonymization is the strongest safeguard — see Recital 26.
- On-device work supports EU data residency.
Anonymize mHealth research datasets offline — see plans & start free →
Limitations & cautions
Rich mobile data raises re-identification risk, since dense sensor traces can fingerprint a subject. Coarsen timestamps and geography, keep no re-link key, and review rare diary entries before you share the set.
Frequently asked questions
What does GDPR Art. 89 allow?
It lets data be processed for scientific research under safeguards like data minimisation. Full anonymization is the strongest such safeguard.
Are the sensor readings kept?
Yes. Readings and survey scores stay. Only the participant fields and free-text clues are removed.
Can subjects stay linkable across visits?
Yes. A steady code map gives each subject one alias, so visits join with no real identity kept.