Systems should take care to ensure that personal data is displayed only where absolutely needed. Account numbers, birth names, login names, social security numbers and other specific identifying personal data should always be masked (if an account number is 123456789 the application should display the number as *****6789) unless absolutely needed. First names or nicknames should be used for birth names, and numeric identifiers should display a subset of the complete string.

Where the data is needed the pages should: