Anonymising Data

The state of NHS IT systems
“NHS 60th anniversary” by Scottish Government is licensed under CC BY 2.0

The inspiration for this article was the report that so many people have opted out rHNS’s data sharing scam that they have had to postpone it. The associated throwaway comment that the data would only be partially anonymised rang alarm bells.

Anonymising Data is the process where you replace the real names and addresses of people with fictitious ones. Joe Smith becomes Donald Duck and so on. The problem is that names and addresses are held in so many places on most systems it is not easy to achieve real anonymity.

I may have mentioned before that I spent several years working for one of the largest Swiss Banks (there are only 2 really big ones so spin a coin).

We programmers had a copy of their live system to use for implementing new applications and testing new code as we developed it. They eventually removed this and anonymised the data because they were setting up a duplicate data centre in the far east and they did not want the orientals seeing the real data.

It got so far down the rabbit hole that when there was a real problem on the live system we had to apply to the security team for access to the live system for a few hours so we could diagnose what was going wrong.

Anyway, we got the new “anonymised” data and yes, query an account and it showed a nonsense name. All well and good you might think. I was working on the interest calculation application and one of the core inputs is the account balance by day. Because of some trickery, we might need to look at account transactions so you could see a list of transactions on the account and then you could query each transaction to see the details. This is the part where it fell down. Here you could see the real name of the payee. That part had not been anonymised.

Of course, with a well designed system you might only have one location to keep all the names in but these systems had been around for decades.

The colleagues I worked with at the bank were well above average and generally extremely competent, though perhaps not in hiding customer’s names. The NHS IT is a complete shambles. They are still (as far as I know) using Internet Explorer as their browser (and XP as their OS) because, aeons ago, some twat decided to integrate their applications so deep into the then current browser, they don’t know how to get out of it. Heads should have rolled but it was probably just covered up.

© well_chuffed 2021

The Goodnight Vienna Audio file