1

We have a website that requires some private information such as ssn to be filled out. The users would have to complete the form, print, then fax the form. We don't store the ssn information but we do store the other fields, such as name, email, etc. The users are just filling out the SSN on the form so they don't have to manually write it out after they print the form.

Is it against any regulations or are there risks in having the user fill out the ssn on the form eventhough the website doesn't save/store it? The website does use SSL.

Please pardon my explanation if it is not thorough enough. thanks in advance.

gdec
  • 11
  • 2
  • So, the ssn is stored local on the web client, right? Does it touch your server? – schroeder Nov 15 '16 at 07:57
  • 1
    No, it does not touch the server. It is just on the web client. They just fill out the form for the purpose of printing it out. – gdec Nov 15 '16 at 22:10
  • Well, that's a form of storage in that it resides in memory and passed to the printing process, but I understand your point. I was wondering because you mentioned SSL. – schroeder Nov 15 '16 at 22:15
  • Are there any regulatory requirements with our set up? I mean do you think this set up works since the ssn isn't transmitted? We are in california. thnx – gdec Nov 15 '16 at 22:17
  • @gdec I would question whether it touches the server or not. Is the form being sent via an HTML form, and is the SSN field part of this form? If so, the SSN input is touching your server, even if it is being ignored and not handled. – psosuna Oct 11 '17 at 21:33

2 Answers2

1

I Am Not A Lawyer.

IMHO, what matters here is the possibility for the SSN to be sent over network via you web form and captured. For example, if the SSN is an input field in a form that is used to upload other data, it may or not matter whether the SSN is or not processed by your application. One may argue that your application sending it unnecessarily is an exposition of sensitive data.

SSL is probably enough, but as you do not intend to use it, just do not transmit it. A simple way to have a printable form that will never be sent over network is to use a form with no sending button and an explicit invalid sending address. For example, a form ation URL like "http://127.0.0.1/INVALID_DO_NOT_USE" could be an additional security, even if it is rather hacky...

But my advice here would be to use a PDF form. If all you want to do is to print the form, PDF has two nice points:

  • by default it has no provision to be automatically sent over network
  • it gives you better control of the printed document
Serge Ballesta
  • 26,693
  • 4
  • 44
  • 89
  • Speaking in HTML terms, if a form is created, everything within the
    open and close tags will be sent to the server in the method specified (GET, POST, etc.). The data WILL travel to the server even if the information is not saved server-side. The only way to ensure otherwise is to NOT include the field that contains the SSN as part of the HTML form, which becomes a redundancy as the input will be discarded after the form is submitted. Saving the SSN input in a session variable requires PHP, and is stored on the server, if even momentarily. I agree with your PDF suggestion.
    – psosuna Oct 11 '17 at 21:31
0

The impact of this action varies by state. You should consider seeking the advice of someone knowledgeable in this are such as a lawyer or professional auditor. Even if you don't store the SSN on your side, it's likely being transmitted via the web form (there are laws and regulations that govern the transmission as well as storage of this data).

Josh Bressers
  • 51
  • 1
  • Hi Josh, we are actually not transmitting the ssn at all. It stays on the client browser just for the purpose of them printing it out. They, then fax the form to us. – gdec Nov 15 '16 at 22:15