Creating a Contact is the second-most-common write you make in Salesforce. The decisions are simpler than Account but the gotchas hurt more, because most Contact mistakes show up later as broken email campaigns, orphan support cases, or compliance findings.
- Open the Account where the Contact belongs
Most healthy orgs avoid creating Contacts from the global Contacts tab because that path lets you skip the Account. Find the Account record first and use its Contacts related list.
- Click New Contact on the related list
If the New button is missing, the related list is hidden on your page layout or your profile lacks Create on Contact. Treat both as admin conversations rather than working around them.
- Fill the name
LastName is the only platform-required field. FirstName is optional but most orgs require it through a page-layout setting or a validation rule. Capitalize properly; a lowercase last name shows up across every email and report.
- Fill the email and phone
Marketing platforms and most automation rely on Email being populated and clean. Set Email Opt Out explicitly if the Contact has asked not to receive marketing. Do not leave the field on its default of false if the customer pre-opted-out in a separate system; the gap creates the next compliance complaint.
- Set Reports-To and Title if you know them
Both fields drive views and segmentation later. Reports-To powers the on-Account hierarchy; Title powers role-based reports. The org chart you sketch out during a discovery call should land here, not in a Word document.
- Save and verify the Account association
Confirm AccountId is set after save. If your org has duplicate-management rules enabled, the alert fires here. Read it before you click Allow Save; the warning often points at a Contact you missed because of email-case differences.
The only platform-required field on Contact. Person Accounts inherit this requirement; Business-Account Contacts do too.
- Private Contacts (no AccountId) do not show up on Account reports. Most orgs enforce AccountId with a validation rule or live with a known data-quality gap.
- Email is not unique by default. Layer a duplicate rule on (Email + LastName) and accept that case differences will still slip through.
- Triggers and Flows that send email need to check HasOptedOutOfEmail. Salesforce native send paths honor it; custom send paths do not unless you write the check in.
- Contact deletion does not satisfy GDPR/CCPA on its own. Plan for a related-record scrub through Data Mask or a third-party tool when subject-deletion requests arrive.