Internal Audit Dataset De-Identification with anonym.plus

Healthcare Solution · Hospital Administration · UK GDPR Art. 9 & DPA 2018

Audit-dataset de-identification is the removal of personal data from a compliance extract under UK GDPR Art. 9 & DPA 2018. anonym.plus runs on your own device. The findings stay testable, but the rows no longer name patients or staff.

When this applies

A compliance team samples charts and access entries to test a control. The sample names patients and the workers who touched each chart, and that must come out.

How anonym.plus handles it

1. Point anonym.plus at the sample on your server.
2. It scans ID columns and any free-text fields.
3. Steady labels keep links across joined rows.
4. Review the summary and adjust the column rules.
5. Swap each identifier, shifting dates to keep the gaps.
6. Save the clean sample. Source rows stay local.

What you need to provide

• The sample (CSV, JSON, or a file bundle).
• A column map for known ID fields.
• Replace with a steady map to keep joins.

Patient data entity types detected

Compliance achieved

• Strips personal data under UK GDPR Art. 9 & DPA 2018.
• Runs offline, so no supplier contract is needed.
• Keeps row links steady, so the control stays testable.

Limitations & cautions

A compliance sample mixes tidy columns with note fields. The columns are easy to map; notes need the same care as any chart. Test a small slice first, and confirm that date-shifting keeps the gaps your test relies on.