Redacted Data and Security

  1. Home
  2. chevron_right
  3. Information Management & Automation
  4. chevron_right
  5. Redacted Data and Security


What is Redaction?

Redaction is the deliberate removal or suppression of words, numbers, phrases, or even graphics from a document to preserve confidentiality. A redacted document may show black overlays where the original text appeared, or the text might be totally removed resulting in ‘white space’.

Redaction Law in the UK

How redactions must appear in the final document is governed by many laws and regulations which vary from country to country. In the United Kingdom, a document released under the FOIA (Freedom of Information Act) requires that redactions must be in black to indicate data which has been supressed, and for each redaction there must be an explanation.

Redaction in the Corporate World

In the commercial world, a business may redact a document with ‘white space’, and show no indication of the redaction, if this is for the suppression of personal data or commercially confidential information. However, such an approach is for the internal governance of that data.

A typical example of such usage would be where the HR department uses redaction to suppress automatically any user printing those parts of an employee file which reference specific classes of personal data, such as those related to an employee’s health. It might be decided that only HR personnel with roles of ‘Manager’ or ‘Director’ may see this data, but an HR Administrator should not – while still requiring sight of the file overall.

Redaction and Information Governance

To anyone involved in data protection, information governance, or regulatory compliance, the act of redacting a document is second nature. Unfortunately, all too often, redaction is happening in response to an event and not to prevent that event in the first instance.

Redaction and the GDPR

For many organisations, their first encounter with the process is when responding to a Subject Access Request as a result of their compliance with the GDPR. On the face of it, redaction is simple enough: strike out (obliterate) sensitive or privileged data from a document prior to releasing to a third party. The reality is more complex!

Law firms and government agencies use redaction extensively too, often when endeavouring to control events where a degree of public disclosure is required, while simultaneously needing to prevent classified or commercially sensitive data from being revealed.

The AstraZeneca E.U. Contract Example
Taking a topical example, central to the dispute between the European Union and the British pharmaceutical, AstraZeneca, was their contract which committed AstraZeneca to make ‘best reasonable efforts’ in respect of vaccine production.

The page which contains that phrase has now been revealed, but since the contract itself contains substantial amounts of highly confidential information, much has been rendered unreadable. These redactions were required in order that the E.U. would not cause harm to AstraZeneca’s intellectual property.

Reading Time: 7 minutes

Redacted Data and Information Security
AstraZeneca Redacted Contract ‘Best reasonable efforts’
AstaZeneca Contract Schedule A Best Efforts Redacted
United States of America vs PAUL J. MANAFORT JR.
United States of America vs PAUL J. MANAFORT JR

How Do I Find Out More?

Call the Advanced UK sales team on 01895 811811 to configure your solution.

Advanced Anniversary 30 Years
Humperdinck Jackman

Humperdinck Jackman – Marketing Director

Humperdinck has a 30-year career spanning Document Management Systems (DMS), data protection, Artificial Intelligence, Data Protection and Robotic Process Automation. With many articles published in print internationally, he believes the advances in office technology are such that we’re entering the 4th Industrial Revolution. Now Director of Marketing and Consulting Services at Advanced UK, he’s as active with clients as he is in endeavouring to write original blog articles.