HRIS export de-identification is the removal of staff identifiers from a data dump, guided by GDPR Recital 26. That recital sets when a dataset no longer points to a person. anonym.plus marks names, IDs, and contacts on your device, so the table stays analyzable while the data goes.
When this applies
The file lists every worker's name, ID, and salary in rows and columns. You must shield those before the dataset moves to analytics or a vendor.
How anonym.plus handles it
- Open the dump in anonym.plus on your device.
- The tool scans each row for the identifier set.
- It flags names, IDs, emails, and salary figures.
- Apply Replace with a steady label per worker.
- Confirm no direct identifier remains in any column.
- Save the clean dataset locally.
What you need to provide
- The data dump (CSV, DOCX, or PDF table).
- An operator (Replace keeps the rows joinable).
- Optional shared map so one worker maps to one alias.
PII entity types detected
| Category | anonym.plus entity type | Example |
|---|---|---|
| Names | PERSON | row name → [WORKER_1] |
| Identifiers | NATIONAL_ID | staff ID → [ID] |
| Identifiers | US_SSN | SSN column → [SSN] |
| Contact | EMAIL_ADDRESS | work email → [EMAIL] |
| Financial | US_BANK_NUMBER | deposit acct → [ACCOUNT] |
| Dates | DATE_TIME | DOB column → [DOB] |
Compliance achieved
- Aligns with the anonymity test in GDPR Recital 26.
- A shared map keeps a worker steady across rows and files.
- Offline work keeps the dataset inside your team — nothing leaves it.
Anonymize HRIS exports offline — see plans & start free →
Limitations & cautions
Recital 26 warns that quasi-identifiers, like role plus location plus salary, can re-identify a person even after names go. Remove or generalize those columns too, and turn off the reversible map for true anonymity.
Frequently asked questions
Is removing names enough to anonymize the table?
No. Recital 26 covers quasi-identifiers like role, site, and salary. Generalize or drop those columns to lower the re-identification risk.
Can I keep rows joinable for analysis?
Yes, with a shared map. But a reversible map is pseudonymous, not anonymous. Turn it off when you need true anonymity.
Is the dataset uploaded?
No. The whole run is offline, so staff data stays on your machine.