In this diagram, the Digital Twin is the source dataset at the top. It contains identifying fields like last name and quasi-identifying fields like age and gender.
In Step 1, The BigPrivacy system ingests source data as designated by the data controller.
In Step 2, the system enforces a Privacy Transformer Configuration that transforms the data into a schema established by the data controller. Step 2 includes application of Pseudonymisation-enabled privacy techniques to transform the output data into static or deterministic pseudonyms as appropriate for the authorised use.
In Step 3, a randomly generated pseudonym is added to each record - known only to the BigPrivacy system - allowing Variant Twins to be later linked to identity for authorised purposes. Prior to outputting data into a Variant Twin, it is assessed for re-identification risk by grouping records into cohorts and suppressing records that are too unique and pose a risk of re-identification.
The Variant Twin is the dataset at the bottom of the diagram. It has resistance to unauthorised re-identification and can have up to 100% of the data utility of source data enabling you to comply with GDPR requirements for lawful secondary processing and repurposing of data.