This knowledge base article elucidates the mechanisms and procedures involved in data anonymization within zapAudit
zapAudit offers robust features for anonymizing sensitive data fields, safeguarding privacy while preserving data utility. By utilizing asymmetric encryption methods and facilitating secure storage practices, zapAudit empowers users to adhere to stringent data protection standards. It is imperative for users to understand and adhere to best practices in data management to ensure the integrity and security of their information within zapAudit.
Anonymization of Data Fields
zapAudit allows users to anonymize individual data fields, with many fields already anonymized by default. Users can refer to the software interface when creating a project to download a comprehensive and continuously updated list of anonymized fields.
Encryption Method
zapAudit employs an asymmetric encryption method to anonymize data, necessitating the utilization of both a "public key" and a "private key." Users have the option to generate this key pair using external software such as PGP4Win (Kleopatra) or utilize the standard key generation functionality within zapAudit.
Anonymization Process
During the anonymization process, data is encrypted using the public key, rendering it theoretically indecipherable without access to the corresponding private key. It is important to note that zapAudit does not provide any means for decryption, ensuring the irreversible nature of the anonymization process.
Secure Storage Responsibility
Users bear the sole responsibility for securely storing their private keys. Upon creation, zapAudit allows users to upload the public key for encryption purposes. Subsequently, the encrypted data is stored on the designated storage device. It is crucial to emphasize that only individuals possessing the corresponding private key theoretically retain the ability to decrypt anonymized data.