GDPR

Personal Data

Any information relating to an identifiable ‘natural’ person who can be directly or indirectly identified in particular reference to an identifier.

This definition reaches far and wide from just your name.  It also includes any identification by number, location data or online identifier which takes account of new technological advances and the way organisations collect personal information.  It also includes voice data, video data and digital images.

The GDPR introduces some new terms where organisations have tried to secure the data using various technology so that the data records cannot directly (or indirectly) identify individual.

‘Pseudonymised’ Personal Data.  In other words this is key-coded, or put another way encrypted, hashed or other means that the data cannot be re-compiled into a form which could then identify the individual. The key for the organisation to re-compile the data is held securely and separately from the data itself.

‘Anonymised’ Personal Data.  As above, but there is no key-coding, no way to re-compile or reconstruct the data nor therefore re-create the relational or identification of individuals.

A new criminal office is being introduced for anyone trying to re-compile such data.