All forms must conform with data protection laws. To ensure your form meets the requirements all forms must be approved by your departmental data processing coordinator before going live.
Every form must include a privacy statement. This lets the user know what will happen to any personal information they supply. A corporate privacy statement has been produced that informs the user that information given will not be passed to any third parties. If this statement fits your requirements then you are welcome to link it.
If your form has differing requirements that are not covered within our privacy statement you should create your own statement. For example if the information is passed onto any third parties, even within Hampshire County Council or information is to be kept on a database the user must be made aware of this and what happens to the information. If there is sensitive information to be entered in the form and it is not in a secure environment, for example monetary details when applying for grants etc., let the user know.
Before the form and privacy statement go live please contact your departmental data protection officer.
Do not rely only on colour or an asterisk (*) to indicate required fields as this means little to screen readers and magnifiers. You can use colour or asterisks to indicate required fields, however they must be in addition to text. For example,
Enter your name * (Required):
The recommended method is to request only required information - ask yourself why you are requesting information that is not required - in this case the text 'optional' could be inserted in front of the fields that are not required eg
Enter your address (Optional).
Some forms may use scripts/programs - the forms must work on unsupported scripts browsers.
You must inform the user where the form is being sent so the user has somewhere to address any queries. A team name or job title must be used instead of naming an individual.