8 Navigating sensitive and protected data
This chapter covers
- The legal and regulatory landscape of sensitive data analysis
- Identifying and handling key types of protected information
- Applying techniques for anonymization to protect individuals in your datasets
- Analyzing sensitive data in a responsible and ethical manner
Let’s talk about ethics. Whether intentional or not, data practitioners can produce unintended consequences for their users and the general population. A set of guidelines, ethical principles, and an understanding of the legal landscape will provide a framework for minimizing the likelihood of causing harm with your work and deliverables.
You may be thinking, “What harm could I possibly cause in my work? I work with spreadsheets, codes, and numbers. I write reports on operational metrics to improve my company’s efficiency. How is my work potentially harmful to people?” Hear me out—there are countless tasks and specializations where your work will have few to no implications outside of the daily operational functioning of your organization. Many roles (e.g., financial analysis, operational analysis) and tasks narrow in scope can be multiple degrees removed from the organization’s relationship to its end users and target population. However, I invite you to consider that many more areas of your work can affect and influence people in ways you may not know.