[ddoolin]

> I work on a health industry related web app. Our web app is used by health professionals on tablets that are shared between their team members. We have a form within our app that enables our customers (the health professionals) to set up new Clients (their patients).

> Autofill is a Privacy Violation here as it is retaining identity information about Clients when it MUST NOT.

Seems to make perfectly fine sense to me.

[nomel]

The problem is not in the autofill, it's storing the information in the first place!

[true_religion]

Will it store things that were placed into a field with auto fill off?

[SAI_Peregrinus]

AFAIK yes, caching can do so. Even if it doesn't, autofill=off doesn't require it to not store the data, just to not fill it in. Things like session resumption can still store and refill it.

[matheusmoreira]

The web app has no control over what information the browser is and isn't saving. Autofill can and should be disabled in the browser in that case.