From HIPAA to GDPR to other regulatory framework compliance, the importance of removing identifiers from data – and thereby reducing regulatory risk – is only increasing. Truly mitigating the risks of identification requires a layered, context-specific approach tailored to the specific needs and vulnerabilities associated with each data set.
Immuta brings an incredibly powerful, flexible toolset to anonymize or “pseudonymize” data, from simple data masking-based policies to more advanced methods like differential privacy. Figure 1 below depicts available policies within Immuta.
Figure 1. Immuta’s natural language policy builder.
Immuta’s explainable policy builder allows the application of a range of policies against data sources. These policies include:
- Masking, including generalization (modified k-anonymization), irreversible hashing, replace with constant and regex (or regular expression replacement).
- Row-level security, where specific rows will only be displayed based on the specific values in a specified column (for example, “only show rows where column ‘purpose’ matches the value ‘data subject: purposes consent’”).
- Time-based policies, which allow only the access of data generated within specific windows of time.
- Purpose-based data access control, which only allow the use of specific data sources for designated purposes that Immuta can audit and track.
- Minimization, which generates a statistically representative sample of the underlying data, and which can limit access to a designated percentage of that data.
- And differential privacy, which provides mathematical guarantees on the privacy of individuals’ data contained within specific data sets (see below more information about differential privacy).
The policies above can be combined through a risk-based, layered approach to significantly limit what types of data can be made available to data consumers (protecting the privacy of that data), while still affording high degrees of utility to the data consumers.
In particular, differential privacy, as applied through Immuta, constitutes among the most robust and proven approaches to anonymization. This method utilizes both query restrictions (allowing only aggregate queries) and noise injection (the calculated injection of noise into query results to protect the values of the data), to ensure the privacy of individuals whose data is contained in an underlying data set.
It is for this reason that companies like Apple, Google and other technology giants utilize differential privacy heavily to protect their data’s privacy. Immuta is the first commercial software vendor to make applying differential privacy so easy and flexible, working with any underlying storage technology.