Question 15
Domain 1: Data Collection, Use, Dissemination, and DestructionA research team wants analysts to link repeated observations from the same participant without exposing direct identity. Which method best fits?
Correct answer: C
Explanation
A keyed token lets analysts link repeated records from the same participant while keeping direct identifiers hidden, because the token stands in for identity and the key is stored separately. This matches the definition of pseudonymization: replacing identifiers with a code or token so data can still be matched without revealing the person’s direct identity.
Why each option is right or wrong
A. Store names in plain text and remind analysts not to misuse them
B. Delete all participant records before analysis begins
C. Replace direct identifiers with a keyed token and keep the key separately
Under GDPR Article 4(5), pseudonymization means processing personal data so it can no longer be attributed to a specific data subject without additional information, and that additional information must be kept separately and subject to technical and organizational safeguards. A keyed token allows the same participant’s repeated observations to be matched across records while the direct identifiers remain hidden, which is exactly the linkage-preserving use case described here.
D. Hash the full record and publish the key so others can verify the link