At People Insight, ensuring the anonymity and privacy of survey respondents is central to our process. Here’s how we protect anonymity and manage data privacy throughout the survey lifecycle:
1. Anonymity thresholds
We set default anonymity thresholds of five respondents, though this can be increased based on client preferences. This threshold ensures that no data is visible for any group until the minimum number of responses is met, preventing the identification of individuals within smaller groups.
2. Comments anonymity threshold
We also provide a separate anonymity threshold for comments, distinct from the main survey questions. This allows you to manage the visibility of open-text comments, ensuring that additional privacy is maintained for respondents providing free-text feedback. The threshold applies to the number of people who could have answered that question rather than the number of comments made.
3. Data sanitisation
To protect personal privacy, we remove personally identifiable information (PII) from free-text responses to comments. We generally use Microsoft's UK-based PII redaction service, which automatically detects and removes identifiable information. In some cases, we may manually redact PII to ensure no personal details remain in the data before it is analysed.
4. Secure data transfer
We safeguard sensitive data by using both Secure File Transfer Protocol (SFTP) and API data transfers, ensuring all transmitted data is encrypted and secure. We also implement two-factor authentication (2FA) to control access, ensuring only authorised personnel can access survey data, minimising the risk of data breaches.
5. Data encryption
All sensitive data is encrypted both in transit (using TLS 1.3) and at rest (using Transparent Data Encryption, TDE). We use AES 256-bit encryption for stored data and enforce HTTPS for all web-based interactions, ensuring robust security measures are in place at every stage of the data lifecycle.
6. Compliance with data protection legislation
Our surveys comply with GDPR and all applicable data protection laws. As an ISO 27001-certified organisation, we are committed to the highest standards of information security, ensuring that all aspects of data handling meet strict legal and regulatory requirements.
7. Data retention and deletion
Our data retention policy is designed to ensure compliance with GDPR and other data protection legislation:
Survey data: Participant names and email addresses are anonymised 120 days after the last survey response, retaining only hashed employee IDs for future use. If email addresses are used in place of employee IDs, hashed email addresses are retained for the contractual period and up to 12 months post-contract to support potential renewals.
Dashboards and 360 users: For dashboard, admin, and 360 users, email addresses are essential for access and are retained for three years after the last account activity to ensure continued access and functionality.
Backups: Off-site tape backups are maintained for up to 30 days to ensure data security and integrity.
By following these practices, we ensure that your data remains secure, anonymised, and compliant with all relevant privacy legislation, while protecting the anonymity of your survey respondents.