Coding best practices for PII
This document covers coding best practices related to Personal Identifiable Information (PII), which refers to sensitive data that can be used to identify a specific individual. PII includes the following:
person's name
Social Security number
date of birth
address
phone number
ICN (Integration Control Number)
EDIPI (Electronic Data Interchange Personal Identifier)
The best practices listed in this document are intended to protect the privacy and security of VA.gov users and comply with federal privacy regulations. This is a living document and will be updated as necessary. For more information on PII, see PII guidelines.
For more information on URLs, see URLs - VA.gov Design System standards
Don’t put PII into URLs or query strings
Putting an address or ZIP code in a URL or query string is problematic because it's likely to be the user's home address or current location, both of which are PII, and are logged as query strings into Splunk, possibly Google Analytics, and other platforms as well. Because of how the logging works, it’s possible to link log entries back to individual users.
A user-friendly and secure approach is to use POST rather than GET, and put a "Share" button on the page, which will copy the URL with the encrypted address/token onto the clipboard for the user to share. Using this approach, the PII won’t show up in the URL or query string, and therefore doesn't get logged to Splunk, etc.
Help and feedback
Get help from the Platform Support Team in Slack.
Submit a feature idea to the Platform.