Gartner Research

Protecting PII and PHI With Data Masking, Format-Preserving Encryption and Tokenization

Published: 15 March 2018

ID: G00343738

Analyst(s): Ramon Krikken , Joerg Fritsch


Transforming data at the field level is an important option when securing PII and PHI. Technical professionals must select the appropriate architecture options to properly protect secrecy and privacy and to fit with their application and data assets.

Table Of Contents



  • Data Field Secrecy, Privacy and Utility
  • Data Deidentification Architecture Choices
    • Static Data Masking
    • Dynamic Data Masking
    • Tokenization and Format-Preserving Encryption


  • Design With Deidentification Limits in Mind
  • Choose the Right Fields and Techniques to Protect Them
  • Choose the Appropriate Architecture Options
  • Examine the Use of Data Subsetting to Limit Exposure
  • Complement Deidentification With Other Field-Level Controls

The Details

  • Information Secrecy and Privacy Protection
  • Risk and Regulatory Requirements
  • Data Utility Requirements
  • The Science of or Reidentifying Data
    • Attacks on Secrecy
    • Attacks on Privacy
  • Deidentification Technique Choices
    • Suppression
    • Redaction
    • Substitution
    • Generalization
    • Shuffling/Swapping
    • Randomization

Gartner Recommended Reading

©2021 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Become a client

Learn how to access this content as a Gartner client.