In Europe we must comply to GDPR which is coming into practise in the next few months. We’ve had to implement what you mentioned on every single system which holds more than one piece of identifying information about a user.
What did you do, just hash or encrypt everything? We are facing the same right now.
Not everything, just database tables containing personally identifiable information. You’ll want to encrypt this information rather than hash it, as you’ll more than likely need to retrieve it at a later date. Here is a good read which explains the legislation in more detail: techblog.bozho.net/gdpr-practical-...
So it's not just a good idea, it's the law ;)
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.