The European Union Agency for Cybersecurity (ENISA) has published two reports since the adoption of the new GDPR Article 4(5) definition of Pseudonymisation on best practices for compliant Pseudonymisation - in November 2018 and 2019.
ENISA’s mandate is to enhance existing expertise in member states by supporting the development of cross-border communities committed to improving network and information security throughout the EU.
* Pseudonymisation techniques and best practices (Nov 2019) * Recommendations on shaping technology according to GDPR provisions (Nov 2018)