anonym.legal

By · Last updated 2026-06-05

Rudi kwa BlogGDPR & Ufuatiliaji

PII ya Excel: Futa Safu Mia Kadhaa

Excel ni miongoni mwa aina za hati zenye PII nyingi zaidi katika shughuli za biashara. Hapa kuna sababu uchanganuzi wa kawaida wa maandishi unashindwa kwenye lahajedwali na jinsi uchanganuzi wa muktadha wa safu unavyotatua tatizo.

June 5, 20268 dakika kusoma
Excel GDPRspreadsheet anonymizationXLSX complianceHR datadata minimization

Kwa Nini Excel Ni Aina Yako ya Faili Yenye Hatari Zaidi

Faili za Excel ni moja ya hatari kubwa zaidi za GDPR katika biashara nyingi. Rekodi za matibabu zinaweza kubeba data nyeti zaidi kwa kila mstari. Lakini lahajedwali hukusanya PII haraka — na timu za uzingatiaji mara nyingi huziachilia.

Mambo matatu yanafanya faili za Excel kuwa vigumu kusimamia.

Kiasi: Faili moja ya XLSX inaweza kushikilia mistari 50,000 na safu 100. Hiyo ni seli milioni tano. Ukaguzi wa mkono hauwezi kuzikagua zote.

Mpangilio wa gridi: Maandishi hutiririka katika mwelekeo mmoja. Excel hueneza data katika mistari na safu. Data ya kibinafsi inaweza kujificha popote katika gridi hiyo.

Maudhui mchanganyiko: Vipimo vya malipo, msimbo wa idara, na madaraja ya kazi hukaa katika faili ile ile kama SSN na anwani za barua pepe. Kufuta kila kitu hufanya faili kuwa haina thamani.

Uhifadhi mrefu: Orodha za wafanyakazi na rekodi za wateja hubaki katika Excel kwa miaka. Kifungu cha 5(1)(e) cha GDPR kinasema data lazima ihifadhiwe "si muda mrefu zaidi kuliko inavyohitajika." Faili ambazo "zinaweza kuwa na manufaa" mara nyingi hubaki mbali zaidi ya kiwango hicho.

Kwa Nini Skanzi za Kawaida za Maandishi Zinashindwa kwenye Lahajedwali

Zana za uchanganuzi wa maandishi zilijengwa kwa hati. Zinaharibika kwenye lahajedwali kwa njia chache za kawaida.

Tatizo la SSN-kama-Nambari

Excel huhifadhi Nambari za Usalama wa Jamii bila deshi (123456789) kama nambari za kawaida — si maandishi. Skana iliyojengwa kutafuta `###-##-####` itazikosa. Zana nzuri lazima ijue kwamba nambari ya tarakimu 9 katika safu inayoitwa "SSN" ni Nambari ya Usalama wa Jamii.

Tatizo la Tarehe-kama-Nambari

Excel huhifadhi tarehe kama nambari za mfululizo. Februari 6, 2024 huhifadhiwa kama 45329. Maudhui ya CSV yataonyesha "45329" katika safu ya "Tarehe ya Kuzaliwa". Skana lazima ibadilishe nambari hiyo hadi tarehe halisi kabla ya kuweza kualamu thamani.

Tatizo la SSN ya Sehemu

Mifumo mingine inaonyesha tarakimu nne tu za mwisho za SSN (***-**-1234). Nambari kamili iko katika safu iliyofungwa. Thamani ya sehemu bado lazima ifutwe — hata kama haionyeshi kama SSN kamili.

Tatizo la Formula ya PII

Baadhi ya seli hujenga PII kutoka seli nyingine. Seli yenye `=CONCATENATE(B2," ",C2)` inaonyesha jina kamili. Ukifuta safu B na C, jina kamili bado linaonekana katika seli ya formula. Zana inayosoma thamani zilizohifadhiwa tu — si viungo vya formula — itaacha PII mahali pake.

Tatizo la Lahajedwali Nyingi

Daftari kubwa linaweza kuwa na lahajedwali tano: Orodha ya Wateja, Maagizo, Tiketi za Msaada, Bili, na Uchambuzi. Majina ya wateja yanaonekana katika zote tano. "John Smith" katika lahajedwali moja lazima awe tokeni ile ile — "PERSON_0047" — katika kila lahajedwali lingine. Tokeni mbili tofauti huvunja viungo vya rekodi.

Vichwa vya Safu kama Ishara

Uboreshaji mkubwa zaidi katika ugunduzi wa PII ya lahajedwali ni uchanganuzi wa kichwa cha safu.

Safu inayoitwa "SSN" inaiambia zana kwamba thamani zote katika safu hiyo ni Nambari za Usalama wa Jamii. Hii inafanya kazi hata kama thamani ni za sehemu, zimepangwa kwa njia ya ajabu, au zimehifadhiwa kama nambari.

Kichwa cha safuKinachoisymbolia
SSN / Social Security / Tax IDZingatia nambari za tarakimu 9 kama SSN
Email / E-mail / Email AddressAlamu hata mifumo ya barua pepe ya sehemu
Phone / Telephone / Mobile / CellKubali muundo wowote wa simu
DOB / Date of Birth / BirthdayBadilisha nambari za mfululizo hadi tarehe
First Name / Last Name / Full NamePunguza kizingiti kwa ugunduzi wa jina
Address / Street / City / ZIPUnganisha sehemu za karibu za eneo
Patient ID / MRN / Record NumberTumia mifumo ya kitambulisho cha afya

Muktadha wa safu hauachilii ukaguzi wa maudhui. Unaongeza. Safu inayoitwa "SSN" yenye thamani 100: ukaguzi wa maudhui hupata 99 zilizopangwa vizuri. Muktadha wa safu hupata moja inayoonekana ya ajabu.

Hifadhi Muundo, Ondoa Majina

Lengo katika kesi nyingi za Excel za GDPR si kuharibu faili. Ni kuondoa data ya kibinafsi huku ukihifadhi sehemu zinazofanya faili kuwa na manufaa.

Kwa faili ya rekodi za wafanyakazi yenye mistari 15,000, afisa wa uzingatiaji anahitaji:

Ondoa:

  • Majina ya wafanyakazi → tokeni za PERSON_XXXX
  • SSN → IMEFUTWA
  • Anwani za barua pepe → IMEFUTWA
  • Nambari za simu → IMEFUTWA
  • Anwani za nyumbani → IMEFUTWA

Hifadhi:

  • Misimbo ya idara
  • Majina ya kazi (majukumu ya jumla tu)
  • Vipimo vya malipo (makundi mapana)
  • Alama za utendaji (data ya kikundi)
  • Tarehe za kuanza (kwa takwimu za umri wa kazi)
  • Misimbo ya wasimamizi (ikiwa imefanywa kuwa isiyo ya kawaida)

Zana inayojua tofauti kati ya "data inayotaja watu" na "data inayoelezea kazi" inakupa faili inayofanya kazi bado kwa uchambuzi wa HR — na inakidhi kanuni za kupunguza data za GDPR.

Kesi Halisi: Uhamishaji wa Data ya HR ya M&A

Kampuni inayonunua inapata rekodi za wafanyakazi kutoka kwa kampuni inayonunuliwa: XLSX yenye mistari 15,000 na safu 40. Faili lazima iende kwa kampuni ya nje ya HR kwa mipango ya faida. GDPR inasema data inayohitajika tu kwa kazi hiyo inaweza kushirikiwa.

Kabla ya usindikaji: Safu 40 zenye majina kamili, SSN, barua pepe, anwani za nyumbani, mawasiliano ya dharura, na maelezo ya benki.

Baada ya usindikaji wa muktadha wa safu:

  • Safu 12 zinatambua watu moja kwa moja (majina, SSN, barua pepe, simu, anwani, data ya benki): zimebadilishwa na tokeni thabiti
  • Safu 3 zinatambua watu kwa njia ya pande (kitambulisho cha wafanyakazi, msimbo wa msimamizi, msimbo wa kazi): zimebadilishwa na tokeni zisizo za kawaida zinazofanana ndani ya faili
  • Safu 25 ni data ya mkusanyiko (kiwango cha malipo, idara, umri wa kazi, daraja): zimebakizwa bila kubadilishwa

Muda: Dakika 8 kwa seli 600,000

Matokeo: Mpangilio sawa wa XLSX, safu 40, 15 zilizofutwa, 25 hazikubadilishwa

Kumbukumbu ya ukaguzi: Rekodi ya kiwango cha seli ya kila hatua yenye aina ya enti, alama ya ujasiri, na ishara ya safu iliyotumika

Kampuni ya HR inapata seti kamili ya data kwa kazi yake — bila majina au vitambulisho. Rekodi ya uzingatiaji inapata uthibitisho kwamba data sahihi tu ilishirikiwa.

Changamoto hii si ya kipekee kwa Excel. Kila muundo wa faili unashindwa kwa njia yake. Angalia jinsi mgawanyiko wa muundo unavyoathiri ugunduzi wa PII kwa mtazamo wa aina za faili.

Kanuni Tatu za Kifungu cha 5 cha GDPR, Mchakato Mmoja

Ufutaji wa lahajedwali uliopangwa hukidhi kanuni tatu mara moja.

Kupunguza data (Ibara 5(1)(c)): Safu zinazohitajika tu kwa kazi zinaenda kwa mpokeaji. Safu za kutambua zinafutwa.

Ukomo wa uhifadhi (Ibara 5(1)(e)): Faili ya asili inabaki kwa uhifadhi wa kisheria. Nakala safi inafanywa kwa kushiriki — yenye uhitaji mfupi au bila uhitaji wa uhifadhi.

Uadilifu na usiri (Ibara 5(1)(f)): Hakuna data ya kutambua inayoondoka kwenye eneo la udhibiti. Nakala safi tu zinashirikiwa.

Kumbukumbu ya ukaguzi kutoka kwa mchakato pia ni uthibitisho wako wa Ibara 5(2). Inaonyesha jinsi kila kanuni ilivyokidhiwa kwa kila faili.

Ikiwa timu yako inashughulikia DSAR au maudhui makubwa ya data, mantiki ile ile inatumika katika kiwango cha API. Angalia jinsi kupunguza data ya GDPR kunavyofanya kazi katika API za wakati halisi.

Kwa timu zinazoshughulikia kiasi kikubwa chini ya muda mfupi, angalia usindikaji wa kundi la GDPR DSAR kwa kiwango kwa mifumo ya mtiririko wa kazi inayotumika hapa pia.

Vyanzo

Makala Zinazohusiana

GDPR & Ufuatiliaji

Japan My Number: Verhoeff & APPI

63% of generic tools fail My Number detection in Japanese documents. My Number uses Verhoeff algorithm — the most complex national ID checksum in Asia.

GDPR & Ufuatiliaji

HDPA Greece: AFM & AMKA Detection

Greek AFM detected with 52% accuracy by generic tools. HDPA issued 89 decisions in 2024 — up 162% from 2022. Tourism and maritime sectors face distinct.

GDPR & Ufuatiliaji

NAIH Hungary: TAJ-Szám and Adóazonosító Jel

Hungarian NER accuracy is 67% vs. EU average 82% — NAIH's 2024 assessment. TAJ-szám weighted checksum and adóazonosító jel detection gaps.

Tayari kulinda data yako?

Anza kuanonymisha PII na aina 285+ za vitu katika lugha 48.

Anza Jaribio la BureTazama Vipengele

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.