A bank wants to protect customer transaction data before sharing it with analysts. Instead of modifying values, they generalize transaction amounts into broad categories (e.g., "low," "medium," "high"). What type of anonymization technique is used?

A power company provides energy consumption data of customers for a research study. Even though names are removed, researchers detect daily patterns showing when people are at home, sleeping, or on vacation.

Which disclosure risk does this case represent?

The technique used to prevent identity disclosure by principle of indistinguishability on k-records is referred to as

What is the primary purpose of tokenization in data privacy?

A bank records transactions and classifies customer information as follows:

• Name & Account Number: Explicit Identifier
• Transaction History: Sensitive Data
• Age Range & ZIP Code: Quasi-Identifiers
• Branch Location: Non-Sensitive Data

Which of the following is not correctly classified?

If all medical records in a dataset for a rare disease contain “Female, Age 45, Lives in City X,” which privacy attack is possible?

A hospital wants to share patient microdata while ensuring privacy. They apply noise addition to patient ages before releasing the data. What type of data protection method is this?

A hospital experiences a data breach where patient records are exposed. Which privacy law would apply in handling this breach?

Which one of the following enables more information on PI?

A hospital releases a de-identified dataset containing patient age, diagnosis, and city for public health research. However, a local newspaper cross-references it with publicly available obituary data and successfully re-identifies a few patients.

What type of disclosure risk does this case illustrate?