Pseudonymization is the process of removing personal identifiers from data and replacing those identifiers with placeholder values. It's a strategy that's sometimes used for protecting personal privacy, largely under the umbrella of the GDPR.

The General Data Protection Regulation mentions pseudonymization as one method that can be used to protect personal data, but it does not require its use. Pseudonymization is no guarantee that privacy will be preserved, nor does it guarantee that an organization will avoid violating the GDPR.

In fact, the GDPR still considers pseudonymous data to be personal data because it can be associated with a person by adding additional information. The GDPR states that:

"Personal data which have undergone pseudonymisation, which could be attributed to a natural person by the use of additional information should be considered to be information on an identifiable natural person."

So while pseudonymization can be useful for protecting data, it is not sufficient on its own for maintaining privacy or for GDPR compliance.

In short: no pseudonym maintenance mechanisms exist within LemonadeLXP.

In a sense, however, it is still possible to support this concept. You would have to maintain the pseudonymized mapping in a user directory that you govern.

Assuming this could exist, you would then provide anonymized data via SAML2 during the SSO flow. If you were then to disable registration (forcing SAML2 only), you could ensure that the LemonadeLXP database contains no PII.

Consider this example:

Database A: Your Active Directory

You would then edit your SAML2 claims to map this information during the SAML payload exchange:

This would cause a pseudonymized version of the information to be passed via SAML, and stored into LemonadeLXP - which would then look like this:

Database B: LemonadeLXP

The learner information thereafter becomes pseudonymized, and can be recombined via UID in your internal database systems only.

LemonadeLXP is built to generate all of its views, dashboards, tables and reports using PI. By applying this logic, you can no longer search for "James Cole", you will need to understand that the pseudonymized algorithm has renamed James to User_42.

Similarly, pseudonymization requires you to create systems to support the interpretation of reports. If you are required to recombine data for certification audits or activity reports, you will want to stand code that can recombine your PI database with LLXP's exports in order to satisfy your use cases.