Data redaction vs. data masking: The key difference

Although similar, data redaction and data masking have their differences. Where data masking creates test data by removing personal information, redaction is used to release readable information without disclosing classified data.

In this blog post, we’ll explore data redaction and masking before looking into some examples of when data may be redacted in court.

What is data redaction?

Data redaction is the process of obscuring information that’s personally identifiable, confidential, classified or sensitive. The data redaction should be applied to a copy of the original document. Data redaction should be done securely, such as by encryption or removal in a way that ensures the redaction is irreversible.

With the ever-growing amount of data organisations need to deal with, data redaction is now a crucial part of any data strategy. Whether it’s employee, customer or company data, redaction can protect from leaks or unauthorised access.

Redacting unnecessary information can mitigate risk and provide a higher level of security. Regardless of industry, you’ll likely need to use data for your business processes. Therefore, by applying an effective data redaction policy, your company will desensitise its data, making it suitable for use.

If the sensitive data is the data you need, then you’ll likely need to explore avenues outside of redaction.