Data de-identification refers to the process of removing or hiding the direct and indirect (quasi-)identifiers from data elements through transformation, generalization, or removal. Through active research over twenty years, diverse de-identification approaches, algorithms and tools have emerged. Existing survey studies focus predominantly on the application of de-identification within specific domains and to different data types, with attention to intrinsic characteristics of the algorithms and methods, and the impact on data utility –the extent to which the data can still serve its functional purpose after de-identification.

However, from a software architecture design perspective, de-identification affects a number of additional non-trivial and impactful non-functional attributes, and a comprehensive overview of the involved architectural concerns and trade-offs is currently lacking.

To address this gap, we present the outcome of a systematic literature review (SLR) study that:
(1)~outlines the current state of the art in an architecture tactic tree which classifies different architectural approaches to de-identification, (2)~provides a further exploration of the relevant architectural trade-offs discussed in literature.