Dos and Don'ts

  • DO read and follow the Government Website Standards.
  • DO explain why you are collecting personal information, and how to get access to that information (for more, see the Privacy Policy and Statement (PDF) and the CIO intranet on website privacy (internal only).
  • DO put a link to the privacy statement on every page (as done on this page).
  • DO have a cookies notice on all pages that set permanent cookies. Government employees can access the latest “Cookie Notification Standard” here for more information.
  • DO use the government copyright statement.
  • DO make sure the site is usable without plugins, script features, images, and CSS, and fully usable using the keyboard with no mouse.
  • DON'T host personal information in the USA, or with an American company (FOIPOP Act and PIIPDA ACT implications) unless appropriate safeguards have been put in place and approved by your Information Access and Privacy officer.
  • DON'T send personal information or passwords over insecure HTTP.
  • DON'T put company or product endorsements on any pages either visibly or in comments.