Automatic anonymising and desensitising of data project

The UK Government’s Health and Safety Executive, HSE, accumulates large volumes of information on health and safety industrial operating experience, how well risks are controlled across workplaces and the causes of serious accidents through its day to day regulatory activities in Great Britain.   

For example, each year, HSE receives data from duty holders relating to approximately 80,000 RIDDOR reportable incidents (approximately 75,000 injuries and 5,000 dangerous occurrences). Further data is generated as part of its inspection and investigation activities, with approximately 20,000 inspections and 3,000 investigations carried out each year. The volume of data directly generated by HSE and available for potentially useful processing and interrogation is clearly substantial. 

The data held by HSE, by its very nature, relates to health and safety issues above the threshold for requiring regulatory interest. However, individual organisations hold a wealth of additional value information on how well health and safety risks are controlled across their workplaces along with learning from accidents and near miss incidents.  

If all these sources of health and safety information are to be brought together for better collective exploitation of the learning contained, an aspiration voiced by many working within the health and safety field, then the practicalities of achieving such an endpoint need to be given due attention. One of these relates to the commercial sensitivity of such information sources and the need to redact such content before it can be shared.  

This commercial sensitivity, and the potential risk of breaching data protection regulations, are likely to be key factors determining the willingness of many individual organisations sharing their health and safety data within their own organisations, within their industry and the wider safety space.  

Thus, a challenge was set in conjunction with Discovering Safety that sought innovative, effective, automated techniques for desensitising and anonymising health and safety information which could ultimately enable a much more diverse set of health and safety information to be curated, unlocking much higher value knowledge outputs. 

Successful applicant 

Ohalo were the successful applicant for this challenge. Ohalo automates data governance to meet regulations like GDPR and state data protection laws. The company was founded by a group of data professionals from the financial services industries. They have knowledge of data management within some of the largest and most secure companies in the world. 

Ohalo’s goal is to make data aware of what regulations apply to it. This allows their customers to ensure that the correct data controls are implemented no matter whether data is within their own organisation or at third party partners.