Library Security Issues and Policies Patron access and protection: Staff Security: Mitigating Actions By John R. Sanders LIS 390 4 Aug 2004.

Slides:



Advertisements
Similar presentations
IT Security Policy Framework
Advertisements

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
Red Flag Rules: What they are? & What you need to do
Accident Incident Policy Changes to Policy September 2007.
Unit 4- Assignment 3 P5, P6, M2 BTEC Business Level 3.
TGT - Debtor and Creditor Monitoring Program Risk Mitigation Experts - Managing your current and contingent liability" 1.
Topics Changes Risk Assessments Cloud Data Security / Data Protection Licenses, Copies, Instances Limits of Liability and Indemnification Requests for.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
NAU HIPAA Awareness Training
Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.
Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.
Lessons Learned Data and Asset Security FOCUS Spring 2006 Chuck Banner UVA-Wise.
ICS 417: The ethics of ICT 4.2 The Ethics of Information and Communication Technologies (ICT) in Business by Simon Rogerson IMIS Journal May 1998.
Presented by: Dan Landsberg August 12, Agenda  What is Social Media?  Social Media’s Professional Side  Benefits of Social Media  Regulatory.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
Queensland University of Technology CRICOS No J Ethical Use of Confidential Student Information Student Success Program Training.
Principle # 5 – Fair and respectful treatment of clients This presentation is made possible by the Smart Campaign
Factors to be taken into account when designing ICT Security Policies
Chapter 11 OFFICE MANAGEMENT.
ELECTRONIC MEDICAL RECORDS By Group 5 members: Kinal Patel David A. Ronca Tolulope Oke.
Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
ETHICS, POLICY & SECURITY ISSUES 1CIIT---ETHICS,POLICY AND SECURITY ISSUES.
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
Higher Administration
Practical Information Management
12 NYCRR PART PUBLIC EMPLOYER WORKPLACE VIOLENCE PREVENTION PROGRAMS.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Chapter 13 Security Permission granted to reproduce for educational use only.© Goodheart-Willcox Co., Inc. Objectives State the major responsibility.
Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.
CORPORATE COMPLIANCE Tim Timmons Vice President Compliance and Regulatory Services Health Future, LLC.
Abuse and Neglect Mandatory Reporting The Process of a Report Institutional tips.
Sensitive Data Accessibility Financial Management College of Education Michigan State University.
2 1.Client protection principles 2.Principle #6 in practice 3.Two components of protecting client data 4.Participant feedback 5.Practitioner lessons and.
Web Security for Network and System Administrators1 Chapter 2 Security Processes.
April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.
CONFIDENTIALITY TRAINING FOR CALLOWAY COUNTY SCHOOLS VOLUNTEERS SCHOOL YEAR
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
ETHICS, POLICY & SECURITY ISSUES
ETHICS, POLICY & SECURITY ISSUES
ANNUAL COMPULSORY EDUCATION CONFIDENTIALITY. LEARNING OBJECTIVES Be able to define confidentiality Understand who is responsible for confidential information.
IT Security Policy Framework ● Policies ● Standards ● Procedures ● Guidelines.
The Library’s Internet Acceptable Use Policy What it is for Why it is important What you need to know How you can help users understand it.
HIPAA LAWS.  Under the privacy rule, the patient must give consent to use his or her Protected Health Information.  Examples in which consent must be.
1 Policy Types l Program l Issue Specific l System l Overall l Most Generic User Policies should be publicized l Internal Operations Policies should be.
Draft Guidelines on Assaults for Schools INTO Special Education Conference Croke Park, 8 th December 2012.
Welcome….!!! CORPORATE COMPLIANCE PROGRAM Presented by The Office of Corporate Integrity 1.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Chapter 3 Pre-Incident Preparation Spring Incident Response & Computer Forensics.
Session 12 Information management and security. 1 Contents Part 1: Introduction Part 2: Legal and regulatory responsibilities Part 3: Our Procedures Part.
WESTERN PA CHAPTER OF THE AMERICAN PAYROLL ASSOCIATION – NOVEMBER 4, 2015 Risk Management for Payroll.
1 WA Legal and Policy Documents School Education Regulations 2000 Occupational Safety and Health Act 1984 –Occupational Safety And.
1. On a blank sheet of paper… Write down one reason why you may be disciplined (written up) at work.
Scientific data storage: How are computers involved in the following?
Computer Security and the “H” word Glen Klinkhart, CEO Mike Messick, CTO.
Welcome to the ICT Department Unit 3_5 Security Policies.
Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.
Information Technology (IT) Audits
Errors, Fraud, Risk Management, and Internal Controls
Policies 101 (Everything you never wanted to know)
HEALTH & SAFETY FORMS, FORMS, FORMS!!! REPORT, REPORT, REPORT!!!
Unit 7 – Organisational Systems Security
Move this to online module slides 11-56
Support and requirements for Research and Innovation
Confidentiality Agreement
H2.9b Maintain Information
Neopay Practical Guides #2 PSD2 (Should I be worried?)
IS-907 – Active Shooter: What You Can Do
Code of Conduct By Leo Coroneos
Handling information 14 Standard.
Presentation transcript:

Library Security Issues and Policies Patron access and protection: Staff Security: Mitigating Actions By John R. Sanders LIS Aug 2004

Patron access and protection To ensure data integrity by preventing data from being inappropriately changed or deleted. To ensure data integrity by preventing data from being inappropriately changed or deleted.

Patron access and protection To protect confidentiality by ensuring private information is kept private. To protect confidentiality by ensuring private information is kept private.

Patron access and protection To ensure data access. To ensure data access.

Patron access and protection Patron protection from third party. (Patron V Patron) Patron protection from third party. (Patron V Patron)

Patron access and protection Patron physical protection procedures Patron physical protection procedures The library security guidelines document can be found on the ALA web site. The library security guidelines document can be found on the ALA web site. urity.htm urity.htm

Staff Security: Libraries have the responsibility to protect their staff as well as patrons. Libraries have the responsibility to protect their staff as well as patrons.

Staff Security: Several different reports place unruly patrons as the top security problem. Several different reports place unruly patrons as the top security problem.

Staff Security: Security policy should entail details regarding staff parking, building entrances and exits. Security policy should entail details regarding staff parking, building entrances and exits.

Mitigating Actions: American Library Association has established a Library Bill of Rights as well as a Library Code of ethics. American Library Association has established a Library Bill of Rights as well as a Library Code of ethics.

Mitigating Actions: Effective security policies do not happen overnight. Effective security policies do not happen overnight. Make Risk Assessments Make Risk Assessments Review existing policy Review existing policy Create the security policy as a living document Create the security policy as a living document Train staff regarding current and new policy Train staff regarding current and new policy

Mitigating Actions: People People Staff- what does it cost to find train and employee Staff- what does it cost to find train and employee Patrons- Without patrons there is no library Patrons- Without patrons there is no library

Mitigating Actions: Collection- Collection- Information – books, journals, images and so forth Information – books, journals, images and so forth Intellectual property Intellectual property Computer hardware Computer hardware Computer software Computer software Building Building

Mitigating Actions: The review of current policies should also include the removal of ineffective, old and out dated material The review of current policies should also include the removal of ineffective, old and out dated material

Mitigating Actions: Verbally Abusive or Aggressive Patron If a patron exhibits verbally abusive or aggressive behavior such as yelling, swearing or threatening the staff member, the staff member should say, "This is no longer productive and I am stopping this conversation. I am calling my supervisor to deal with this situation." If a patron exhibits verbally abusive or aggressive behavior such as yelling, swearing or threatening the staff member, the staff member should say, "This is no longer productive and I am stopping this conversation. I am calling my supervisor to deal with this situation." Staff member should alert supervisor to the situation so that it may be handled from this point. Staff member should alert supervisor to the situation so that it may be handled from this point. If there is no supervisor available, call another colleague to assist with situation. If there is no supervisor available, call another colleague to assist with situation. Record incident in the Log Book Record incident in the Log Book

Conclusion security policy will effect the perception security policy will effect the perception perception can and often will effect the operation perception can and often will effect the operation security policy will impact the finances security policy will impact the finances security risk = reduced usage =financial pinch security risk = reduced usage =financial pinch Poorly written security policies or no policy will increase liability exposure, again creating financial hardship. Poorly written security policies or no policy will increase liability exposure, again creating financial hardship.

References: 1999 Brooklyn Law School Brooklyn Law Review, 1999, 65 Brooklyn L. Rev Brooklyn Law School Brooklyn Law Review, 1999, 65 Brooklyn L. Rev. 827 Sheridan, L. W People in libraries as security agents. Library & Archival Security 3(1): Sheridan, L. W People in libraries as security agents. Library & Archival Security 3(1): tm tm tm tm ics.ala ics.ala ics.ala ics.ala ml ml ml ml

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.