Overview#
Investigators, legal teams, and researchers often need to circulate useful case material before they are allowed to reveal the real identities behind every person or organisation in that material. If pseudonyms are applied manually, the same subject may receive three different aliases across three different documents, and every later disclosure review turns into a reconciliation exercise.
The Pseudonymisation and Controlled Disclosure Workflows module gives the platform a governed way to create scoped pseudonyms, reuse them consistently across a case or disclosure package, render pseudonym maps into documents, and reveal a real identity only through an audited justification flow. It is designed for disclosure, legal review, research, and secondary-use reporting where privacy and traceability matter at the same time.
Last Reviewed: 2026-03-25 Last Updated: 2026-03-25
Key Features#
- Scope-Based Pseudonyms: Create a stable pseudonym for a real entity within a defined scope such as a case, export, or disclosure bundle.
- Consistent Registry: Reuse the same pseudonym throughout the scope so reviewers are not forced to reconcile multiple aliases for the same subject.
- Document-Ready Maps: Produce a pseudonym map that downstream document generation and disclosure workflows can apply automatically.
- Controlled Identity Reveal: Allow authorised users to reverse a pseudonym only with a recorded reason.
- Reveal Audit Trail: Preserve a complete log of de-pseudonymisation actions for legal and governance review.
- Secondary-Use Protection: Support analytics, briefing, and research exports that do not need direct identity exposure.
- List and Review Views: Give reviewers a governed way to inspect pseudonym sets, scopes, and reveal history.
Use Cases#
- Disclosure Bundle Preparation: A legal team prepares a disclosure pack with stable aliases applied across statements, notes, and attachments.
- Research Export: A service shares a pseudonymised dataset for service-improvement work without releasing direct identifiers.
- Partner Briefing: A multi-agency briefing circulates relationship context and behaviour patterns while identities remain protected until a later stage.
- Witness and Subject Protection: Sensitive individuals are masked in routine working material while authorised staff retain a governed reveal path.
- Court or Oversight Query: A reviewer requests a justified reveal of one pseudonym and the system records who revealed it and why.
Integration#
- Disclosure and Court Filing Workflows: Pseudonym maps can be applied during disclosure-pack preparation and later partially reversed where permitted.
- Export and Reporting Services: Secondary-use datasets can be generated from the same governed pseudonym registry instead of ad hoc masking.
- Document Generation: Renderers can substitute pseudonyms directly into human-readable documents and summaries.
- Audit and Compliance Services: Reveal requests and results feed the wider immutable audit trail.
- Case and Investigation Workspaces: Teams can manage pseudonyms in the same scope as the underlying case material.
Open Standards#
- ISO/IEC 20889: the workflow aligns with a recognised standard for privacy-enhancing de-identification techniques.
- W3C PROV-DM: pseudonym creation and reveal events can be represented as a provenance trail for accountability.
- RFC 8259 JSON: pseudonym maps and disclosure payloads can be exchanged in a standard structured format.
- ISO 8601: creation and reveal timestamps use a standard date-time representation.
- Unicode: pseudonyms and rendered text can preserve multilingual names and document content consistently across systems.