IV Data Oriented Strategies

Question 1

Separating Data

Answer 1

Distributing data so that teams only receive the PIA they need to perform their job (HR and payroll receive different info on new employees.

Question 2

Minimizing Data

Answer 2

Limit the amount of personal information that needs to be processed. “Exclude. Select. Strip. Destroy.”

Question 3

Exclude (minimizing data)

Answer 3

Exclude unnecessary data

Question 4

Select (minimizing data)

Answer 4

Select what data will be processed

Question 5

Strip (minimizing data)

Answer 5

Strip unnecessary data

Question 6

Destroy (minimizing data)

Answer 6

Destroy data you no longer need

Question 7

Abstracting Data

Answer 7

Limits detail. An example: ask someone if they’re over a specific age, rather than asking their exact age. “Grouping, Summarizing, Perturbing.”

Question 8

Grouping (data)

Answer 8

“those who bought hammers also bought nails.”

Question 9

Summarizing (data)

Answer 9

e.g. using an age range (20-30)

Question 10

Perturbing (data)

Answer 10

Add approximation or noise to data

Question 11

Hiding Data

Answer 11

Protects personal information by making it unconnectable or unobservable to others. “Restrict, Mix, Obfuscate, Disassociate”

Question 12

Restrict (data)

Answer 12

Prevent unauthorized access to data, such as by requiring login credentials.

Question 13

Mix (data)

Answer 13

Process information randomly within large groups to reduce correlation.

Question 14

Obfuscate (data)

Answer 14

Obstruct the ability to read or understand personal information. Often done with encryption or hashing.

Question 15

Disassociate (data)

Answer 15

Remove correlation between data subjects and their personal information. Ex: after restaurant delivers order, they need to remember what someone ordered to plan for next week/month, but they don’t need to remember who ordered it.