Report a Concern
Submit a report to the Compliance Hotline
GDPR for Researchers
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. Personal data that has been de-identified, encrypted or pseudonymized but can be used to re-identify a person remains personal data and falls within the scope of the law.
For personal data that has been rendered anonymous, it must be done in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymized, the anonymization must be irreversible.
- Council On Governmental Relations (COGR) GDPR Presentation [PDF 2/26/18]
- GDPR F.A.Q. [eugdpr.org]
- EU Data Protection Reform [ec.europa.eu]
- Compilation of European GDPR Guidances By Country (HHS.gov)