Pseudonymisation Primer

Pseudonymisation is nothing new nor overly complicated. With the explicit inclusion into the General Data Protection Regulation (GDPR), with a dedicated definition, and in combination with the relevance to (and even ‘relaxation’ of) certain obligations under the GDPR, pseudonymisation has gained prominence in many data protection scenarios. But it comes at the cost of additional complexity in terms of compliance. While it sounds simple in concept, the details on what ‘proper’ pseudonymisation is, when it is effective, and how it differs from or overlaps with synthetic data, anonymisation, and other types of Privacy Enhancing Technologies (PETs) requires a more detailed analysis of its objectives, risks, and techniques. This course focuses on the justification for its use and the operational side; how it is applied as a technology and risk management framework; and how it differs from other PETs. The course does not go into details of legal aspects, because those can vary across jurisdictions.

This course is ideal for busy DPOs, managers, and compliance officers, who want to better understand Data Protection (DP) by Design and how personal data can be better protected without the need to deploy sophisticated techniques in an attempt to ‘escape’ all legal DP obligations. The course explains the typical engineering jargon and technical details in an understandable manner for non-Information Technology (IT) audience.

This course complements our Anonymising Data using k-Anonymity course.

Who should attend?

  • Privacy  / Software Engineers, Technical Staff, Developers, Data Analysts, Data Architects, and Project / Risk Managers
  • Data Protection Officers (DPOs), Compliance Professionals, and Corporate / In-house Counsels

Course Details

Course Code: PE103
Title: Pseudonymisation Primer
Duration: ½ day (approximately 3.5 contact hours)
Mode of Training: In-person
Available Date(s): 22 May 2025
20 June 2025
Time: 2.00pm - 5.30pm (SGT)
Venue: Drew & Napier LLC, 10 Collyer Quay, 10th Floor, Ocean Financial Centre, Singapore 049315 
Course Fee: S$300.00 (excluding GST)

Course Outline

  • Core aspects and scope of pseudonymisation
    • Pseudonym as identifier
    • Pseudonym(isation) as protection
    • Attribute types and pseudonymised data
  • Common Techniques (with pros and cons) for pseudonymisation 
    • Simple appending / replacement
    • Derived pseudonyms
    • Advanced techniques
    • Use case dependence
  • Differences / overlaps between pseudonymisation and anonymisation
    • Basic technical and legal aspects
    • Threat models and risk levels
    • Differences in tool support
  • Comparison of Guidance from regulators
    • PDPC and ASEAN Guide
    • European Data Protection Board (EDPB) Guide
    • and others

Course Facilitator

Albert-PichImaier.jpg
 
 

Senior Cybersecurity and
Privacy Engineer

Senior Learning Technology
Designer, Drew Data
Protection & Cybersecurity
Academy