What is a Privacy Audit

 

An Educational Service of the American Library Association

Office for Information Technology Policy

 

Prepared by Leslie Harris & Associates www.lharris.com in conjunction with OITP staff www.ala.org/oitp

-----------------------------------------------------

Regardless of whether or not your library has a formal privacy policy, conducting a privacy audit is one way to ensure that your library's practices are in keeping with your library's goals and promises of privacy and confidentiality.  An audit ensures that information processing procedures meet privacy requirements by examining how information about patrons is collected, stored, shared, used and destroyed.  Privacy auditing is a process, not a one-time solution, as services, data needs, and technologies change.  A designated Privacy Officer may lead the audit, but all stakeholders and aspects of privacy need to be represented, from information technology to public relations.  The audit process needs to be capable of dealing with the full extent of the information system.  When a library is part of a larger organization that is conducting a privacy audit, specific library issues and needs must be included.

 

Protecting the privacy of library users is both a professional value of librarianship and a requirement by law and policy.  Protecting privacy in information systems is challenging, though, because of legitimate needs that can conflict with complete privacy protection.  Some of the goals that may seem in conflict with privacy protection include:

 

+   Providing customized services to patrons.  In order to provide tailored services, libraries need to keep information about patrons and be able to access it easily whenever they connect to the library systems.

+   Tracking statistics and management information to assess and improve library service.  Libraries can make better decisions when they have detailed information about who is using their collections and services.

+   Monitoring system use to detect intrusions and abuse. The Information Superhighway has become a mean street, and responsible systems managers must keep a wary eye on system use for signs of unauthorized intrusion and abuse.

+   Identifying those who have used systems for illegal or harmful purposes.  When our systems are used inappropriately, there is great pressure to identify those responsible, from management and from law enforcement.

+   Running systems in an efficient and cost-effective manner. Many systems we install come set up to collect a lot of personal information from users.  Turning off such practices or adding specialized routines to protect privacy can be costly.

 

Thoughtful privacy practices can meet these goals without compromising a library's ethical and legal obligation to protect the privacy of library users, by adhering to the following basic principles:

+   Avoid creating unnecessary records.  Only record a user's personally identifiable information when necessary for the efficient, effective operation of the library.

+   Avoid retaining records that are not needed for efficient operation of the library.  Check with your local governing body to learn if there are laws or policies addressing record retention and in conformity with these laws or policies, develop policies on the length of time necessary to retain a record.  Assure that all kinds and types of records are covered by the policy, including data-related logs, digital records, and system backups.

+   Restrict access to personally identifiable information closely and reveal it only with appropriate authority.

+   Tell your users what information you are keeping and why, and how to ask you for more clarification.

+   Be aware of library practices and procedures that place information on public view, e.g., the use of postcards for overdue notices or requested materials, staff terminals placed so that the screens can be read by the public, sign-in sheets to use computers or other devices, and the provision of titles of reserve requests or interlibrary loans provided over the telephone to users' family members or answering machines.

 

-----------------------------------------------------

Further information:

Coyle, Karen. 2002. "Privacy and Library Systems Before & After 9/11."

http://www.kcoyle.net/stbarb.html

 

Matis, Michael. 2002. "The Code of Librarianship: Ethics and Information Architecture."

http://library.albany.edu/dewey/presentations/enyacrl_sp_2002/enyacrl_presentation_2002.ppt

 

Texas Department of Information Resources. 2000. "Privacy Issues Involved in Electronic Government."

http://www.dir.state.tx.us/taskforce/report/privacy.htm

 

American Library Association, Office for Intellectual Freedom, Privacy Questions and Answers

http://www.ala.org/Content/NavigationMenu/Our_Association/Offices/Intellectual_Freedom3/Challenge_Support/Dealing_with_Challenges/qandaonprivacyandconfidentiality.pdf

-----------------------------------------------------

Copyright 2002, American Library Association, Office for

Information Technology Policy

 

Disclaimer

 

This Online Privacy Tutorial is a service of the American Library Association. The content of this tutorial is primarily the work of Leslie Harris & Associates in Washington, DC. The views expressed in these messages are not necessarily the views of ALA or Leslie Harris & Associates. This tutorial is for information only and will not necessarily provide answers to concerns that arise in any particular situation. This service is not legal advice and does not include many of the technical details arising under certain laws. If you are seeking legal advice to address specific privacy issues, you should consult an attorney licensed to practice in your state.