Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DST Staging Review: Include guidance on privacy masking for sensitive prefilled content. #3381

Open
shiragoodman opened this issue Oct 15, 2024 · 0 comments
Open

DST Staging Review: Include guidance on privacy masking for sensitive prefilled content. #3381

shiragoodman opened this issue Oct 15, 2024 · 0 comments
Assignees
@msbtterswrth
Labels
a11y-defect-3 Medium-severity accessibility issue that should be fixed within 1 - 3 sprints accessibility Any Section 508 or accessibility issue auth-exp-design-patterns collab-cycle-feedback Comprehension DS-Staging-Review exp-std-task-completion guidance modality-screen-reader platform-design-system-team staging

Comments

@shiragoodman
Copy link
Collaborator

Need help? Please review how to read a Staging Review ticket. Tag @platform-governance-team-members on Slack if you need further assistance.

Design System Staging Information

Component: Help users to... Know when their information is prefilled
Staging Review ticket: AEDP, Design Patterns, Help users to... Know when their information is prefilled

Findings details

VA.gov Experience Standard - issue: User doesn't have enough information to complete a task.
VA.gov Experience Standard - category: Comprehension
This is an issue with the: guidance
High-priority: No
Collab Cycle Reviewer: @briandeconinck (Accessibility)

Description

In the Personal information page anatomy section, the Veteran's Social Security number is displayed with the first five digits masked. I don't think we have anywhere in the design system that currently tells VFS teams how to mask digits like this in an accessible way, and this feels to me like an appropriate place to do it.

Recommended action

Up to you to decide where this should be inserted --- I'm thinking possibly in the still pending Code Usage section or in a standalone Accessibility Considerations section (example of an Accessibility Considerations section), but you obviously know where it should go.

When masking characters, what we definitely don't want is screen reader software reading "Social Security Number: star star star dash star star dash 1234." The visible text with masked values should be wrapped in a <span aria-hidden="true"> (this tells screen readers to ignore it), and then followed immediately by something like <span class="sr-only">Number ending in 1234</span> (this tells screen readers what to announce instead).

I would also encourage you to work with CAIA to establish guidance on what kinds of data should/shouldn't be masked for privacy, and include that here as well. But at a minimum I think the code guidance would be a huge benefit.

References

Next Steps for DST

  • Close the ticket when the issue has been resolved or validated by your Product Owner
  • If your team has additional questions or needs Governance help validating the issue, please comment on the ticket
  • If this ticket has a high-priority label, please address as soon as possible so VFS teams are not impacted
  • If this ticket has a consider label, please consider for future implementation
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@msbtterswrth msbtterswrth

Labels
a11y-defect-3 Medium-severity accessibility issue that should be fixed within 1 - 3 sprints accessibility Any Section 508 or accessibility issue auth-exp-design-patterns collab-cycle-feedback Comprehension DS-Staging-Review exp-std-task-completion guidance modality-screen-reader platform-design-system-team staging
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@msbtterswrth @shiragoodman