Assess whether your data can be considered anonymous and safe to use or share.
Independent, expert-led assessments to evaluate re-identification risk and support defensible anonymization decisions across regulatory frameworks.
You want to use or share data for secondary purposes
You are working with data received from external sources (e.g. hospitals, research, insurers)
You are acting as a data processor and need to validate anonymization
You are unsure whether your dataset is truly anonymous or still personal data
Legal, compliance, or partners require a defensible assessment of risk
Many organizations do not have in-house expertise to perform this type of analysis and need an independent, objective evaluation.
I design or review anonymization frameworks that are practical, scalable, and aligned with your organization.
Dataset intake and
context analysis.
Each attribute is reviewed and classified as:
This step ensures that all elements are fully understood before any risk is assessed
If needed, identifying and assessing transformations to reduce risk and support anonymization.
Using indirect identifiers to model the underlying population and assess the maximum re-identification risk.
This includes:
A clear conclusion on the level of re-identification risk and whether it meets the required threshold.
There are two approaches to anonymization:
no individual can be identified under any circumstances
a very small and acceptable level of risk remains
The outcome is a clear, audit-ready report that enables you to:
The report is written to be:
Incorrect assumptions about anonymization can lead to:
A structured and independent risk assessment ensures that decisions are defensible, transparent, and aligned with regulatory expectations.
And understand whether a re-identification risk assessment is needed.