Best Practices for Avoiding the Collection of PII

Last Updated: Dec 06, 2016 10:37AM PST

Overview:

UserTesting’s platform allows customers to record audio and video of test participants interacting with websites, apps, prototypes, and other products. Occasionally, a study will require test participants to enter information into a form. To protect test participants’ privacy, it’s important to avoid collecting Personally Identifiable Information (or “PII”) whenever possible.

PII is defined as information that can be used to identify a particular individual, including name, date of birth, social security number, email address, postal address, phone number and any other information that, either alone or in combination with other data, could be used to identify or contact a particular person.

Best practices:

Follow these best practices when you run a study that may prompt test participants to provide their PII: 

1. When requiring a test participant to complete a form requesting PII, instruct them to enter false or “dummy” information that will not identify a specific individual.

For example: “Enter the email address = fake@google.com and password = fake.” 

2. Never ask for social security numbers, medical records, or bank and credit card information.  
For example: “Please use fake information like 5555-5555-5555-5555 Exp: 12/20”  

3. If your study requires test participants to go through a complete checkout process, provide participants with gift cards or gift codes in order to complete the checkout process without entering their own credit card information.


4. If it’s necessary for a test participant’s PII to be visible on the screen during a certain task, enable the “blur tool” (if available with your account) to make the screen unreadable during that specific task. Your Customer Success Manager can help you use the blur tool correctly. Go to this link for more on the blur tool.

5. If these best practices will not be sufficient for your research needs, please contact your Customer Success Manager to discuss alternatives. If you and your Customer Success Manager determine it is acceptable to record PII during your study, you will need to provide test participants with a detailed explanation of what PII will be recorded and what it will be used for and get their written consent before the start of the test.

6. If you expect test participants’ PII to pop up during the recording (such as notifications), please create screener questions to set expectations before the test starts.

For example: Create a screener saying, “This test requires you to disable notifications. Have you disabled all notifications on your smart device?”
              
1. Yes, I have disabled notifications. [Accept]

2. No, I do not wish to disable notifications. [Reject]

entsupport@usertesting.com
http://assets0.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete