Does your business have hidden data assets?

March 4, 2011

By Steve Gold (@stevewgold)

The Information Commissioner’s Office is holding a seminar on the opportunities and challenges around using anonymised information at the end of this month in central London.

You’re probably scratching your head and asking: why?

Well, the reason is that all manner of businesses, especially the larger ones, hold a lot of information on their customers – that’s you and me – and they rarely use this data for anything that isn’t directly to do with their businesses.

And given the scale of the Data Protection Act, not forgetting other regulatory governance such as Basel II and the Companies Act, it’s not really surprising because, as the elephant house cleaner at the zoo said: “one step wrong and you’re in deep doo-doo.”

The good news is that the information that businesses hold on their customers and dealings generally can be data mined on an anonymised basis – using suitable tools – and qualitative  “what if” database extrapolations and projections created.

The NHS has done this on a quarterly and annual basis for years. Back in the day, when I worked in finance for the NHS in the 1980s and mainframe batch-driven computers were the norm, virtually all patient data was computer-recorded – on an anonymous basis, of course – and area, regional and national statistics were compiled.

These stats were then used to project everything from patient meal requirements all the way to medical equipment lifetime projections – and when you’re dealing with life-saving kit that’s a lot of money, that can be something of a godsend, I can tell you.

The NHS – which employs anywhere between 1 in 10 and 1 in 16 of us, depending on who you talk to – is at the high end of the anonymised data usage scale.

Most corporates could use this data. Heck, with the correct anonymised safeguards in place, they probably could sell or trade this demographic data with other businesses.

But whoa! Is this legal? Ah, that’s where it gets interesting, as there are a lot of popular misconceptions doing the rounds, even among – I have observed – supposedly knowledgeable IT professionals.

The ICO is, quite frankly, the final arbiter in what is legal and what is not, and that’s why sessions like this are worth attending.

The seminar – “the ICO seminar on privacy and data anonymisation” – will be held at the Wellcome Trust’s headquarters on the Euston Road, London, on March 30.

Plans call for speakers to look at current practice, the risks associated with anonymisation and possible solutions for the future.

The presentations will be followed by a discussion that aims to allow speakers and audience members to explore and discuss the different perspectives in greater detail.

Speakers at the day-long event include representatives of the Cabinet Office and the Office of National Statistics, as well as Paul Ohm of the University of Colorado.

Further details of the event can be found here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: