Data Masking and GDPR

12th February 2018Blog

Are you ready to get in touch?

  • 0207 448 8500
Request a Call back

The secondary impact of GDPR

Does your organisation have a good handle on data masking, or are you potentially letting personally identifiable data slip through the net?

Many organisations routinely replace names and other personal identifiers in certain sets of data with pseudonyms – a process commonly known as data masking. The 2018 GDPR legislation places more rigorous demands on data confidentiality, potentially extending both the types of data that should be masked and the scenarios in which masking is required.

In particular, the GDPR aims to restrict the so-called secondary use of data, in which data originally collected for one purpose, say, signing up for a newsletter, is used for a different purpose such as user profiling.

As organisations introduce greater granularity around permissions, there will potentially be many new areas in which the ability to rapidly and reliably mask data will be a major benefit. And where data may be shipped out to external partners, perhaps for statistical analysis, ensuring that masking is rigorous and non-reversible is absolutely critical.



Another key area in which data masking is increasingly important is in the test and development of new applications – whether internal or outsourced to a third party, potentially outside of the EU. Software developers rely heavily on fictitious sets of data that look and behave like the real thing. As organisations in all sectors become increasingly digitalised, any delay or difficulty in creating reliable and consistent test data will start to have an impact on the organisation as a whole.

Facing fines of up to 20 million EUR for non-compliance, organisations clearly need to get a firm grip on the personally identifiable data that they store. And while data masking is a simple enough concept, its practical application across multiple large data sources is typically challenging, time-consuming and costly.

Building on our long experience with best-of-breed enterprise software, Northdoor can help you enhance, simplify, accelerate and reduce the cost of both data masking and test data creation. What’s more, we can help you set up automated data discovery and classification, so that your data masking capabilities stay in lockstep as you add new data sources.

With consistent, reliable, non-reversible data masking solutions from Northdoor, your organisation can cap the costs of achieving and maintaining GDPR compliance, while simultaneously reducing internal administration and cutting time-to-market for new applications.

Beyond our technical credentials as one of just a handful of IBM Platinum Partners in the UK, Northdoor was awarded a place on the UK government’s G-Cloud 12 supplier list for Data Pseudonymisation – permitting us to offer compliance solutions to public sector organisations seeking to automatically protect, anonymise and safeguard personal and sensitive information.

For more information on how Northdoor can help, contact us today.

Crown Commercial Service Supplier (CCS)

Our Awards & Accreditations