Data Governance (DG) of Anonymized and Non-Anonymized Data

This section contains requirements concerning the collection, management and use of data in high-impact AI systems. Canada's AIDA - Section 6 - Anonymized data states, A person who carries out any regulated activity and who processes or makes available for use anonymized data in the course of that activity must, in accordance with the regulations, establish measures concerning (i) how data is anonymized, and (ii) the use or management of anonymized data. In this control, we deal with anonymized and non-anonymized data to suit different requirements. Whether you are using anonymized or non-anonymized data, the management principles and checks are the same. The only difference is the checks related to the process/techniques of data anonymization.

Below is the list of controls/checks part of Data Governance (DG) of Anonymized and Non-Anonymized Data:

• DG01 - Define Sets

• DG02 - Dataset Governance Policies

• DG03 - Dataset Design Choices

• DG04 - Dataset Source Information

• DG05 - Dataset Annotations Information

• DG06 - Dataset Labels Information

• DG07 - Dataset Cleaning

• DG08 - Dataset Enrichment

• DG09 - Dataset Aggregation

• DG10 - Dataset Description, Assumptions and Purpose

• DG11 - Dataset Transformation Rationale

• DG12 - Dataset Bias Identification

• DG13 - Dataset Bias Mitigation

• DG14 - Dataset Bias Analysis Action and Assessment

• DG15 - Dataset Gaps and Shortcomings

• DG16 - Dataset Bias Monitoring - Ongoing

• DG17 - Dataset Bias Special/Protected Categories

• DG18 - Dataset Anonymization Process

• DG19 - Dataset Anonymization Assessment