← Docs
Recipe

PII Audit Checklist

Systematically inventory every place personally identifiable information touches your stack — from request headers to cold storage.

1Ingress Surface

  • Audit every form field, query param, and JSON body key that accepts user input.
  • Flag fields collecting email, phone, SSN, passport, DOB, IP, or full name.
  • Check file upload endpoints for EXIF / geolocation metadata leakage.

2Transit & Middleware

  • Verify TLS everywhere — no plaintext PII over internal service mesh.
  • Inspect logging middleware: are headers, bodies, or tokens accidentally serialized?
  • Review error-reporting pipelines (Sentry, Datadog) for PII in stack traces or breadcrumbs.

3Persistence & Caching

  • Map every database column holding PII — mark encryption status (at-rest yes/no).
  • Check Redis / Memcached keys: are session tokens or user profiles stored in plaintext?
  • Audit backup snapshots — are they encrypted? Who holds decryption keys?

4Egress & Third Parties

  • List every vendor receiving PII (analytics, CRM, email, payments).
  • Confirm DPA contracts are signed and data processing boundaries are documented.
  • Test webhook payloads — are you accidentally forwarding PII to unapproved sinks?

5Retention & Deletion

  • Define max retention windows per PII category — enforce with TTL or cron jobs.
  • Implement hard-delete flows: verify data is unrecoverable from replicas and backups.
  • Document GDPR / CCPA deletion request SLAs and automate the fulfillment pipeline.

Pro tip: Run this audit quarterly. PII sprawl is silent — new features, new vendors, new logs. Treat the checklist as a living document checked into your compliance repo.