Protecting sensitive data is no longer a ‘nice-to-have’; it's an absolute necessity. More and more organizations are discovering that simply restricting access isn't enough. Data moves at lightning speed, and security must keep pace. Especially in sectors like healthcare, where information can often be directly traced back to an individual, it's essential to mask data at the source. This prevents privacy-sensitive information from being exposed to unnecessary risks.
With Datamasker, we built a tool that makes responsible data usage possible. Datamasker hides or replaces sensitive data so it's not visible to unauthorized users, while keeping the data usable. Since its launch, we haven't stood still: we've continuously listened to users, gathered their experiences, and closely examined what can be improved. We used those insights to continue building. The result? Datamasker 2.0: a renewed version that better protects organizations against data risks and makes masking sensitive information smarter, faster, and more reliable. This article details what has been optimized compared to Datamasker 1.0.
Data Masker 1.0
The first version of Datamasker was developed to securely mask personal data and sensitive company information, ensuring it's inaccessible to malicious actors or unauthorized users. The strength of Datamasker lies in its integration. It works with virtually any type of database, allowing organizations to integrate it directly into their existing landscape.
Users can choose from two forms of data masking:
Anonymize
By anonymizing data, it is modified so that the original values can never be traced back. This is ideal when testers and developers need to work with realistic data but are not allowed access to real personal data.
Pseudonymizing
In pseudonymization, personal data is replaced with alternative values, but it remains possible to retrieve the original data under controlled conditions. This is important when it remains necessary to link or analyze information after masking.
Easier to implement
With the two forms of data masking, Datamasker offers organizations a solid foundation for handling sensitive data securely, responsibly, and future-proof. Yet, we saw room for improvement. Albert Dijkstra, Software Developer at Enlite, explains: “During the initial implementation, we discovered that a number of features were still missing. Subsequently, we expanded and improved Datamasker 1.0. Because we made further adjustments later on, Datamasker 1.0 is now less efficient than we would like. With Datamasker 2.0, we are establishing an efficient framework. This makes the new version easier to implement and gives us more opportunities to respond to specific customer needs.”
The new framework is essentially the foundation of Datamasker 2.0. All basic features are incorporated here, and it's built in a way that makes it easier to expand with new features. The framework makes Datamasker 2.0 more robust than the previous version. As a result, Datamasker 2.0 is less prone to errors, both during implementation and customer use.
Unmasking sensitive information
Although Datamasker is intended to mask sensitive information, healthcare professionals sometimes need the original data to make choices about a specific patient. In Datamasker 1.0, it was possible to demask pseudonymized data through a workaround. It was not possible to use the tool on which Datamasker runs to demask data; users had to log into a different tool. During this process, login credentials were often copied and pasted from one system to another. Copying login credentials carries risks, so a solution was needed.
With Datamasker 2.0, it's possible to remain within the tool where Datamasker is running, for example, Logsfect, and mask the necessary data from there. Security is maintained because the number of masking requests per second is limited. Additionally, data can only be unmasked by authorized users. This update ensures a more secure way of unmasking, makes unmasking less prone to errors, and saves users time when they temporarily want to view original data.
Use of names
Datamasker 1.0 masked names by replacing them with random character combinations that have no meaning for the reader. We discovered that it can sometimes be difficult for users to distinguish between the different character combinations. This approach is sufficient when the data is only used for statistical analyses. In practice, it may work less well if a user needs to distinguish between data in a short period of time to draw conclusions from it. For example, a user who needs to quickly compare multiple case files sees names like “XQFRT,” “XQFRP,” and “XQFST,” making it difficult to immediately recognize who the person is and to establish connections.
Datamasker 2.0 works with existing last names. For example, the name ‘Janssen’ could be replaced by ‘De Vries’. This change ensures that real names are still masked, but it also allows for clear distinction between individuals. This helps healthcare professionals, for instance, to discover patterns among patients. Based on these patterns, they can provide more targeted advice, make diagnoses, and analyze treatments. A protective layer remains between the real names and the replacement names. This keeps the data just as secure as before.
Eye on the future
Datamasker 2.0 takes an important step in using data securely and efficiently. Thanks to improved masking techniques, users can identify data faster without violating privacy, making analyses more reliable and clear. With an eye to the future, Datamasker 2.0 is designed to grow flexibly and scalably with changing demands, ensuring your data remains secure and usable in the long term.
Curious how Datamasker 2.0 makes your data safer and more user-friendly? Get in touch!