Record de-identification is the removal of personal identifiers from a scheduling list. UK GDPR Art. 9 and DPA 2018 apply when health details appear in booking records. anonym.plus runs offline and keeps the slot times and visit types that drive capacity analysis.
When this applies
A booking list names each patient and ties them to a slot, a phone, and an email. For no-show or utilisation studies, those personal tags must go.
How anonym.plus handles it
- Open the booking list in anonym.plus on your device.
- It finds patient names, numbers, emails, and identifiers.
- Slot times and visit types stay in place.
- Shift the dates while you keep the spacing intact.
- Save the clean schedule on your device.
What you need to provide
- The schedule (CSV, JSON, PDF, or EPR export).
- A date-shift option to keep slot spacing.
- Replace with a steady label map for joins.
Patient data entity types detected
| Category | anonym.plus entity type | Example |
|---|---|---|
| Names | PERSON | booked name → [PATIENT] |
| Contact | PHONE_NUMBER | reminder phone +44 → [PHONE] |
| Contact | EMAIL_ADDRESS | confirm email → [EMAIL] |
| Dates | DATE_TIME | slot 09:30 03 Jun → shifted [TIME] |
| Record IDs | MEDICAL_RECORD_NUMBER | NHS 512 345 0099 → [NHS_NUMBER] |
| Names | PERSON | provider column → [CLINICIAN] |
Compliance achieved
- Strips special-category health data under UK GDPR Art. 9 & DPA 2018.
- Date-shift keeps slot spacing for capacity work.
- Fully offline — booking data stays on-site.
Anonymise appointment records offline — see plans & start free →
Limitations & cautions
Shifting dates keeps the spacing but breaks links to outside calendars unless you move those by the same offset. A rare visit type at a small clinic can still narrow identity after the obvious tags are gone.
Frequently asked questions
How does date-shift keep the schedule useful?
Every booking moves by one steady offset, so the gaps between slots stay. No-show and utilisation work still runs while the real dates hide.
Are provider names removed?
They can be. Provider names are not patient personal data, but you can swap them for blinded capacity studies.
Can I clean a whole month at once?
Yes. Point the tool at the export and it works through every row locally.