Gonymizer: A PostgreSQL Tool for Anonymizing Protected Health for HIPAA Compliant Test Infrastructure

Wednesday 2:00 PM - 2:50 PM

@ Foothills 1

PostgreSQLOpen Source Databases

50 minutes conference


PostgreSQL, Kubernetes, Database Security

With the advent of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 all entities that handle health information are required by law to secure all data which contains personally identifiable information (PII) and private health information (PHI). Fines for leaking this data can range from $100 to $50,000 per leaked record. A data breach or leak is extremely costly for both the patients as well as the companies that are entrusted with their PHI. In our presentation, we introduce Gonymizer, a tool that is written in Go at SmithRx to handle the anonymization of PHI and PII data from our production database instances.

This data is anonymized and loaded into non-production environments to allow us to use representative data to develop and test against. This makes anonymization of sensitive information quick and simple using a simple column map that is defined in a single JSON file for your dataset. There is a selection of custom processors that we have built to handle basic tasks, such as first and last name anonymization, changing data to fake locations such as street addresses, cities, zips, and states. The interface for building processors is also completely extendable and anyone with basic Go experience should be able to build processors that can anonymize your data efficiently. We will also show how this tool decreases our development time for new features as well as simplifying testing in a compliant environment with non-sensitive data sets (HIPAA, PCI, etc).

Toward the end of our presentation, we will be discussing how we built our infrastructure using Docker to containerize Gonymizer and schedule anonymization and loading of our test environments using Kubernetes. This talk is targeted for anyone working in the healthcare space where collected data contains PHI and/or PII and is regulated by HIPAA.


Levi Junkert

Levi Junkert (SmithRx)

Senior Infrastructure Engineer


Levi is an infrastructure engineer who works at SmithRx creating HIPAA compliant infrastructure and software for the prescription benefits management industry. Levi believes that scaleable, fault tolerant, secure database systems must be built with integrity and scrutiny during all phases of the development life cycle while maintaining a personal mission to never build software that loses or leaks patient's data. He has been building automated systems for over 10 years and working with MySQL and PostgreSQL database management systems for the past 18 years. Previous to SmithRx software that Levi has written can be found at companies such as: Facebook, Cisco, Oracle, JPL-NASA, and other small start-ups in The Bay area. Levi is an avid Burning Man patron where he has lead a loud sound theme camp of over 100 people for the past 11 years while building his own custom large sound system totaling over 20,000 Watts.


  Download Slides  


Please sign in for 15 day access

Connect with Percona

Stay Connected on:

Percona Live Conferences

The Percona Live Open Source Database Conferences are the premier event for the diverse and active open source database community, as well as businesses that develop and use open source database software.

Contact Us

For general information about the event/expo/conference, including registration, please contact us at:

  • info(@) percona.com
  • +1-888-401-3401
  • +1-919-948-2863