Pseudonymisation - Separating PII data from non-PII data

Pseudonymisation - Separating PII data from non-PII data - storing IDs for PII data and the actual PII data in another database.

Potentially this could be mitigated by an encrypted database and SSL, but many hosting companies do not offer DB encryption. Should we be encrypting the PII data tables, and would this even matter if it's readable from the application layer anyway?

Post initially from @Dubs #2848974-9: Privacy Concerns as GDPR Compliance

From https://techblog.bozho.net/gdpr-practical-guide-developers/

Implement pseudonymisation – the most obvious use-case is when you want to use production data for the test/staging servers. You should change the personal data to some “pseudonym”, so that the people cannot be identified. When you push data for machine learning purposes (to third parties or not), you can also do that. Technically, that could mean that your User object can have a “pseudonymize” method which applies hash+salt/bcrypt/PBKDF2 for some of the data that can be used to identify a person. Pseudonyms could be reversible or not, depending on the usecase (the definition in the regulation implies reversibility based on a secret information, but in the case of test/staging data it might not be). Some databases have such features built-in.