Log de-identification is the removal of personal data from the answers a symptom checker records. Those entries are health data under GDPR Art. 9. anonym.plus does this on a local device, so the symptom flow stays usable for product work.
When this applies
A self-triage tool stores what each user typed, plus their email and device. To study these answers for accuracy, the personal parts must go.
How anonym.plus handles it
- Open the saved entries in anonym.plus on a local device.
- It finds names, emails, IPs, and any free-text clues.
- Symptom selections and scores stay in place.
- Swap the personal parts with the re-link map turned off.
- Save the anonymous records on your machine.
What you need to provide
- The entries (CSV, JSON, or a text dump).
- Replace with the map off for true anonymity.
- Optional column map for known ID fields.
PHI entity types detected
| Category | anonym.plus entity type | Example |
|---|---|---|
| Names | PERSON | name field → [USER] |
| Contact | EMAIL_ADDRESS | signup email → [EMAIL] |
| Network | IP_ADDRESS | 203.0.113.7 → [IP] |
| Free text | LOCATION | “clinic in Lyon” → [PLACE] |
| Dates | DATE_TIME | session time → [TIME] |
| Identifiers | ID | session token → [ID] |
Compliance achieved
- Strips GDPR Art. 9 health personal data from the entries.
- True anonymity puts the result beyond GDPR by Recital 26.
- On-device work supports EU data residency.
Anonymize symptom checker logs offline — see plans & start free →
Limitations & cautions
IP addresses and session tokens are strong clues, so they must go for true anonymity. A rare free-text answer plus a place can still narrow identity. Drop any re-link key and weigh the residual risk first.
Frequently asked questions
Why treat an IP address as personal data?
Under GDPR an IP can single out a user, so it is personal data. The tool flags it and swaps it like a name or an email.
Anonymous or pseudonymous — which do I get?
If you keep a re-link key it stays pseudonymous and in scope. Drop the key and the output can be anonymous under Recital 26.
Do the symptom answers stay usable?
Yes. The selections and scores remain. Only the personal fields are removed.