What's the best practice for collecting SSNs during onboarding?
I was thinking of writing them to a diffent list that only HR has access to, rather than just the list with all of the new user info.
Thanks for any help.
There would be numerous ways that would be relevant in SharePoint , it all depends on what is the use case for your SSN? Do you want to store them for later retrieval, then obviously it will be classed as highly sensitive data and what are your organisational rules around storing Highly sensitive data? Can they be stored in SharePoint. This is more from the data governance stand point. SharePoint can be used for storing sensitive data but it will still be visible to the SharePoint Farm or Site Collection Admins? Are other senstive data stored in SharePoint in your org?
If your use case involves just collecting the SSN but for some validation and not storing it in the system, then you could consume Nintex workflow variable and once the processing is finished the workflow dies and so does any data stored within it.
Shrini mentioned many good ideas, it really is a matter of governance and what is acceptable in your case. I am of the opinion that this sort of data needs heavily protected, so limiting its exposure is certainly best. Have you considered offloading it to a SQL database once it is collected rather than storing in a list,where it could possibly be less exposed and more secure?