Pseudonymization
Pseudonymization is a privacy technique that replaces direct identifiers in a record with artificial identifiers or tokens, so individuals cannot be identified without separately held additional information.
Pseudonymization swaps out direct identifiers, such as names, account numbers, or Social Security numbers, with reversible substitutes like codes, tokens, or pseudonyms, while keeping the mapping back to the real identity in a separate, controlled key. Because re-identification remains possible through that key, pseudonymized data is generally still treated as personal data subject to privacy obligations, unlike anonymization, which aims to make re-identification impossible and removes the data from those obligations entirely.
In recordkeeping, pseudonymization lets organizations preserve the analytical and operational value of records, including linkage across datasets over time, while reducing exposure if records are shared, processed, or breached. It supports data minimization without destroying the underlying record, which matters when retention schedules require the record to be kept intact. A common example is replacing patient names in a research dataset with study IDs, holding the crosswalk under stricter access controls. Distinguish it from redaction, which permanently obscures content, and from full anonymization, which severs the link to identity for good.