A method of de-identifying data, wherein the data to be de-identified is stored in a transaction table containing transactions and a personal information table containing identifiable information. The method includes the steps of generating a de-identification pointer associated with an individual in the personal information table, wherein the individual is associated with at least one transaction in the transaction table; creating a non-protected transaction table, wherein the non-protected transaction table includes a non-protected transaction reference and non-protected information associated with a transaction from the transactional table; and creating an index table including the identification and the non protected transaction reference. According to a preferred embodiment, the identification is advantageously unique and may also lack context to the individual. According to a further feature, the identification may be random or pseudo-random.