| ATTENTION: This page has been migrated to the Tazama GitHub repository and is now located at: This page will no longer be maintained in Confluence. |
|---|
| Table of Contents |
|---|
Introduction and context
Psuedonymisation is the processing of personal data in such a manner that the personal data
can no longer be attributed to a specific individual (data subject) without the use of additional information,
provided that such additional information is kept separately and is subject to technical and
organisational measures to ensure that the personal data are not linked to an identified or
identifiable natural person.
...
Personal data in Actio may be vulnerable to the following risks:
Due to the sensitive nature of the financial crime risk monitoring process, all aspects of the monitoring service is logged and logs will be available for inspection by operators of the platform for operational purposes. Personal data that is not pseudonymised may be exposed to unauthorised users, or insiders with links to the criminals that the system aims to detect.
A data breach may exposes the personal data information stored in the platform. Pseudonymisation of personal data provides an additional layer of protection in the event that data is leaked.
A third party may retrieve data from the Actio platform for investigation purposes, but if data is retrieved beyond the scope of the third party’s authority, the third party may retrieve data that it is not directly privy to. Pseudonymisation of personal data would allow the third party to reverse the pseudonymisation for only the data it has authority over, while maintaining the protection of personal data over which the third party does not have authority over.
Actio requirements
Personal data that can be used to identify data subjects must be pseudonymised as soon as is feasible in the data pipeline. The purpose of the pseudonymisation is to protect the identity of the individuals involved in a transaction as transactions are screened for financial crime risk.
...