Category Archives: Dobbs

Anonymization v. De-Identification, Post-Dobbs; Rumblings from the FTC

When is personal data “anonymized”?  The answer to this question has largely been based on jurisdiction.  If your business is in the U.S., so long as HIPAA or the CCPA does not govern, then generally aggregated or de-identified data could often be considered “anonymized” for legal compliance purposes.  (Both HIPAA and the CCPA have specific requirements for what counts as “de-identified” data.)  Under the GDPR, the story has been much more complicated:  merely “de-identified”… More