Conceptual Model for Protecting Personal Data by De-Identification in Information Systems

This article describes a solution for systematizing the approach to personal data protection using the method of de-identification in the context of regulatory pressure and growing cyber threats. It proposes a comprehensive conceptual model that formalizes the de-identification process as a manageable sequence of steps, from attribute classification and method selection to mandatory verification of the result. The article also provides a comparative analysis of existing de-identification methods in terms of their applicability within the proposed model. The model serves as a basis for the development of specific algorithms, as demonstrated by the example of a data shuffling approach.