Referencing the diagram below, this is how we run our data privacy process:
We provide clients with a Product description, including EFI Data Protocols, that specifies the formats for submitting their data;
Upon receiving client data, if the provided format is not correct, we process client data to correct the format according to the EFI Data Protocols instructions;
When the format is correct, the first step we undertake to support data privacy is called pseudonymisation. This is done in order to reduce the linkability of the client data with the original identity of the client.
Pseudonymisation process: Let us assume that a client shares a dataset with fields name and date with us. When Elucidate runs this dataset through the pseudonymisation process, one chosen unique data attribute e.g. ‘Test Elucidate’ will be replaced by another e.g. ‘A01’.
Anonymisation: The next step performed on the client dataset is called anonymisation. This is a process through which personal data is irreversibly altered in such a way that personal data can no longer be identified directly or indirectly. As part of this process we use eventualities. An eventuality is a test performed on the data set which can be evaluated as either being true or false.
Anonymisation process: In the anonymisation process, we process pseudonymised data to produce metadata. This means that we will apply eventualities to the pseudonymised data e.g. ‘A01’ and obtain results as “True” or “False” (“Metadata”). From that point on, we will only process the Metadata results, i.e. "True" or "False", to produce the EFI score;
EFI Score: Finally, An ‘EFI Score’ will be calculated based on the anonymised Metadata.
The anonymised data does not constitute personal data.