Presentation is loading. Please wait.

Presentation is loading. Please wait.

Patron Privacy Issues Cindy Cunningham – OHSU. Overview Balancing demands (academic environment) Privacy in Libraries System Privacy  Vendor  Institution/Library.

Published byDiane Stephens Modified over 9 years ago

Similar presentations

Presentation on theme: "Patron Privacy Issues Cindy Cunningham – OHSU. Overview Balancing demands (academic environment) Privacy in Libraries System Privacy  Vendor  Institution/Library."— Presentation transcript:

1 Patron Privacy Issues Cindy Cunningham – OHSU

2 Overview Balancing demands (academic environment) Privacy in Libraries System Privacy  Vendor  Institution/Library Privacy checklist Resources

3 Balancing Competing Demands in the Academic Environment Intellectual freedom  Unrestricted access to resources  Network security  Data-share - research  Protect proprietary information  Statistics Open records vs. privacy statutes Record retention requirements Manage institutional risk

4 Privacy in Libraries User privacy is an integral library mission  ALA - Library Code of Ethics "We protect each library user's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired or transmitted.” Responsibility to develop local policies and procedures  Protect patron confidentiality  Comply with institutional policies  Respond to legal challenges

5 Acquiring, Storing and Analyzing Data ILS – patron and transactional data, notes E-resources - retained search histories, required cookies Email, web-based service forms Services with IP tracking, user authentication Conventional education and distance education Statistics

6 ILS System Privacy Issues - Vendor Controls Formal privacy policy  Accountability  Oversight Data access  Permissions  Protection of stored data - INNKeeper service Audit trails

7 Patron Privacy - Library Controls System security  Firewalls  Requirements for logins, strong passwords  Required password changes  Wireless network protections  Staff laptop secure logins System data storage  Backup, retention  Proxy access tracking  Audit trails

8 Patron Privacy - Library Controls What PII is collected/stored?  Name, address, phone numbers, email, ID’s (SSN- based?)  Last patron check out  Notes (orders, fines, reserves, gifts, claims returned, suggestions) MARC displays Patron record access  Permissions Who has access What content is displayed System generated emails, override reports, etc. Paging slips

9 Patron Privacy - Library Controls Staff training Patron education - reading history, saved searches (disabled by default) Response Coordination  Institutional policies and procedures  Library policies and procedures Regular Review

10 Summit Privacy Practices Discarding paging slips - home address, phone number  "Send it back clean.” Remove any materials that may be left in item before returning it to Owning site, including the paging slip which is no longer necessary, and compromises confidentiality of patrons borrowing materials.  http://www.orbiscascade.org/staffhome/matrls_processing.htm http://www.orbiscascade.org/staffhome/matrls_processing.htm New agreement - patron names not used on summit-circ list  (http://www.orbiscascade.org/staffhome/patron_confid_agrmt.htm)

11

12 Privacy Checklist Assess your institutional and library system security Determine vendor, institutional and library practices affecting data access, storage and retention Develop management procedures Review regularly Develop staff and patron training on privacy issues

13 Privacy Checklist Develop and link to your privacy policy  ALA resources - Developing a Confidentiality Policy http://www.ala.org/ala/oif/iftoolkits/toolkitsprivacy/guidelinesfordevelopin galibraryprivacypolicy/guidelinesprivacypolicy.htm  Examples  OHSU’s policy http://www.ohsu.edu/library/privacy.shtmlhttp://www.ohsu.edu/library/privacy.shtml  University of Michigan Law Library http://www.law.umich.edu/library/libinfo/security.htm http://www.law.umich.edu/library/libinfo/security.htm Develop a library-specific response to legal challenges

14

15 Resources Thanks to Kara Phillips, Barbara Engstrom, Susan Kezele & Jan Hartley (Seattle University Libraries) presentation on privacy issues– NWIUG 2005 Enstrom, B.S. et al, “Evaluating Patron Privacy on Your ILS” AALL Spectrum, April 2006, http://www.aallnet.org/products/pub_sp0604/pub_sp060 4_ProDev.pdf (accessed July 24, 2006). http://www.aallnet.org/products/pub_sp0604/pub_sp060 4_ProDev.pdf Adams, H.R. et al (2005) Privacy in the 21 st Century. Westport: Libraries Unlimited.

16 Resources Breeding, M., “Defending your ILS Against Security Threats” Computers in Libraries, May, 2003, at 38. ALA “Code of Ethics,” “Library Bill of Rights” http://www.ala.org/ala/oif/statementspols/statementsif/librarybillrights.htm ACRL “Intellectual Freedom Principles for Academic Libraries” http://www.ifla.org/faife/ifstat/acrlprin.htm

Download ppt "Patron Privacy Issues Cindy Cunningham – OHSU. Overview Balancing demands (academic environment) Privacy in Libraries System Privacy  Vendor  Institution/Library."

Similar presentations

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.

Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.
Privacy and Library Systems Karen Coyle for InfoPeople November, 2004.

Privacy and Library Systems Karen Coyle for InfoPeople November, 2004.
JISC Managing Research Data 2 Programme Launch Nottingham 1-2 December,2011 Robin Rice Data Librarian University of Edinburgh.

JISC Managing Research Data 2 Programme Launch Nottingham 1-2 December,2011 Robin Rice Data Librarian University of Edinburgh.
I Choose Privacy! Intellectual Freedom: Addressing the Privacy Issue in the Academic Library.

I Choose Privacy! Intellectual Freedom: Addressing the Privacy Issue in the Academic Library.
Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna 412-396-4419.

Managing Access to Student Health Information per Federal HIPAA Guidelines Joan M. Kiel, Ph.D., CHPS Duquesne University Pittsburgh, Penna
Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,

Voice over the Internet Protocol (VoIP) Technologies… How to Select a Videoconferencing System for Your Agency Based on the Work of Watzlaf, V.M., Fahima,
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Please do not reuse these slides without prior permission from Copyright 2004 Scott Nicholson, Syracuse.

Please do not reuse these slides without prior permission from Copyright 2004 Scott Nicholson, Syracuse.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Information Security Policies and Standards

Information Security Policies and Standards
Data Retention LIS 550 Winter 2010 Unsworth Tuesday, March 02, 2010.

Data Retention LIS 550 Winter 2010 Unsworth Tuesday, March 02, 2010.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
Library integrated system -Aleph Fang Peng Stony Brook University.

Library integrated system -Aleph Fang Peng Stony Brook University.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Why Comply with PCI Security Standards?

Why Comply with PCI Security Standards?
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.
Created May 2, 20081 Division of Public Health Managing Records What is a Record? What is a Records Retention & Disposition Schedule? Why is this Important?

Created May 2, Division of Public Health Managing Records What is a Record? What is a Records Retention & Disposition Schedule? Why is this Important?

Similar presentations

Ads by Google