The present application relates generally to an improved data processing apparatus and method and more specifically to mechanisms for image anonymization using an analytics tool
Data anonymization is a type of information sanitization whose intent is privacy protection. It is the process of either encrypting or removing personally identifiable information from data sets, so that the people whom the data describe remain anonymous. Data anonymization enables the transfer of information across a boundary, such as, for example, between two departments within an agency or between two agencies, while reducing the risk of unintended disclosure, and in certain environments in a manner that enables evaluation and analytics post-anonymization. In the context of medical data, anonymized data refers to data from which the patient cannot be identified by the recipient of the information. The name, address, and full post code must be removed together with any other information which, in conjunction with other data held by or disclosed to the recipient, could identify the patient. Generalization and perturbation are two popular anonymization approaches for relational data.
Increasingly, users of Information Technology (IT) systems are required to handle sensitive information, such as Personal Identifiable Information (PII), other Sensitive Personal Information (SPI), and information in images that is otherwise of a secret, sensitive, or proprietary nature. At times, images containing such information must be saved or presented to third parties with the sensitive information anonymized because of laws, regulatory compliance requirements, or company policy. For example, an insurance company may send an image of an automobile accident to an outsourcing investigator in order to determine which car caused the accident. According to company policy, no identifiable element should be found in the image. Such an image may include a few people with exposed faces, a few cars with exposed license numbers and identifiable models, and a few houses in the background. Even if faces are changed or obscured, there may be elements in the image that can be combined to identify individuals in the image.