HOME   Cart(1)   Quotation   About-Us Tax PDFs Standard-List
Powered by Google-Search & Google-Books www.ChineseStandard.net Database: 189760 (13 Aug 2022)

GB/T 37964-2019 (GBT 37964-2019)

GB/T 37964-2019_English: PDF (GBT37964-2019)
Standard IDContents [version]USDSTEP2[PDF] delivered inStandard Title (Description)Related StandardStatusPDF
GB/T 37964-2019English679 Add to Cart 6 days Information security technology -- Guide for de-identifying personal information GB/T 37964-2019 Valid GB/T 37964-2019

BASIC DATA
Standard ID GB/T 37964-2019 (GB/T37964-2019)
Description (Translated English) Information security technology - Guide for de-identifying personal information
Sector / Industry National Standard (Recommended)
Classification of Chinese Standard L80
Classification of International Standard 35.040
Word Count Estimation 34,362
Date of Issue 2019-08-30
Date of Implementation 2020-03-01
Drafting Organization Tsinghua University, Venus Star Information Technology Group Co., Ltd., Zhejiang Ant Micro Finance Services Group Co., Ltd., Alibaba (Beijing) Software Service Co., Ltd., Beijing Qi'anxin Technology Co., Ltd., Beijing Tianrongxin Network Security Technology Co., Ltd., Chinese Academy of Sciences Software Research Institute, China Software Testing Center, Shanghai Computer Software Technology Development Center, Beijing Digital Certification Co., Ltd., Xidian University, Hunan Science and Technology Information Technology Co., Ltd., China Electronics Technology Standardization Research Institute, Shaanxi Province Information Engineering Research hospital
Administrative Organization National Information Security Standardization Technical Committee (SAC/TC 260)
Regulation (derived from) National Standard Announcement No. 10 of 2019
Proposing organization National Information Security Standardization Technical Committee (SAC/TC 260)
Issuing agency(ies) State Administration of Markets and China National Standardization Administration

GB/T 37964-2019
Information security technology - Guide for de-identifying personal information
ICS 35.040
L80
National Standards of People's Republic of China
Information Security Technology
Guidelines for De-identification of Personal Information
2019-08-30 released
2020-03-01 Implementation
State Administration for Market Regulation
Issued by China National Standardization Administration
Table of contents
Foreword Ⅰ
Introduction Ⅱ
1 Scope 1
2 Normative references 1
3 Terms and definitions 1
4 Overview 3
4.1 De-identification target 3
4.2 Principles of de-identification 3
4.3 Re-identification risk 3
4.4 Impact of de-identification 4
4.5 The impact of different public sharing types on de-identification 4
5 De-identification process 4
5.1 Overview 4
5.2 Determine the goal 5
5.3 Identification mark 5
5.4 Processing identification 6
5.5 Verification and approval 7
5.6 Monitoring and review 8
6 Role responsibilities and personnel management 9
6.1 Role responsibilities 9
6.2 Personnel management 9
Appendix A (informative appendix) Commonly used de-identification techniques 10
Appendix B (informative appendix) Commonly used de-identification models 17
Appendix C (informative appendix) Selection of de-identification models and technologies 24
Appendix D (informative appendix) Challenges of de-identification 29
Reference 31
Preface
This standard was drafted in accordance with the rules given in GB/T 1.1-2009.
Please note that certain contents of this document may involve patents. The issuing agency of this document is not responsible for identifying these patents.
This standard was proposed and managed by the National Information Security Standardization Technical Committee (SAC/TC260).
Drafting organizations of this standard. Tsinghua University, Venus Star Information Technology Group Co., Ltd., Zhejiang Ant Small and Micro Financial Services Group
Co., Ltd., Alibaba (Beijing) Software Service Co., Ltd., Beijing Qi Anxin Technology Co., Ltd., Beijing Tianrongxin Network Security Technology Co., Ltd.
The company, the Software Research Institute of the Chinese Academy of Sciences, China Software Evaluation Center, Shanghai Computer Software Technology Development Center, and Beijing Digital Certification
Co., Ltd., Xidian University, Hunan Kechuang Information Technology Co., Ltd., China Electronics Standardization Institute, Shaanxi Provincial Information Engineering Research Institute.
The main drafters of this standard. Jin Tao, Xie Anming, Chen Xing, Bai Xiaoyuan, Zheng Xinhua, Liu Xiangang, Chen Wenjie, Liu Yuling, Song Pengju, Zhao Liang,
Song Lingdi, Ye Xiaojun, Wang Jianmin, Fang Ming, Pei Qingqi, Pan Zhengtai.
introduction
In the era of big data, cloud computing, and the Internet of Everything, data-based applications are becoming more and more extensive, and it also brings huge personal information security
problem. In order to protect the security of personal information and promote the sharing and use of data, we have formulated guidelines for de-identification of personal information.
This standard aims to draw on the latest research results on the de-identification of personal information at home and abroad, refine the best practices currently prevailing in the industry, and study individual
The goals, principles, technologies, models, processes and organizational measures of de-identification of human information are proposed to scientifically and effectively resist security risks and comply with information
Guidelines for the de-identification of personal information needed for the development of globalization.
The data set to be de-identified that this standard focuses on is microdata (a data set represented by a record set, which can logically be shown in a table
Show). De-identification is not only to delete or transform the direct identifiers and quasi-identifiers in the data set, but can also be combined with later application scenarios
Consider the risk of re-identification of the data set, so as to select the appropriate de-identification model and technical measures, and implement appropriate effect evaluation.