Managing Data for Patron Privacy: Comprehensive Strategies for Libraries

Build trust with your library’s users by securing their data privacy. Taking a holistic approach, this guide presents practical ways to implement privacy ethics into data practices.

Libraries are not exempt from the financial costs of data breaches or leaks, no matter the size. Whether from a library worker unwittingly sharing a patron’s address with a perpetrator of domestic violence to leaving sensitive patron data unprotected, patrons can also pay a hefty price when libraries fail to manage patron data securely and ethically. In this guide, readers will learn concrete action steps for putting the ethical management of data into practice, following two common public and academic library cumulative case studies. The authors explore such key topics as

• succinct summaries of major U.S. laws and other regulations and standards governing patron data management;
• information security practices to protect patrons and libraries from common threats;
• how to navigate barriers in organizational culture when implementing data privacy measures;
• sources for publicly available, customizable privacy training material for library workers;
• the data life cycle from planning and collecting to disposal;
• how to conduct a data inventory;
• understanding the associated privacy risks of different types of library data;
• why the current popular model of library assessment can become a huge privacy invasion;
• addressing key topics while keeping your privacy policy clear and understandable to patrons; and
• data privacy and security provisions to look for in vendor contracts.