 |
|
 |
 Privacy
Policy |
|
|
| 1. Policy Statement
|
| |
|
|
The Worcester Public Library champions
the protection of personal privacy.
Protecting library user privacy
and keeping confidential information
that identifies individuals or
associates individuals with their
use of library books, materials,
equipment, programs, facilities,
and/or staff assistance is an
integral principle of the Library.
This policy affirms the Library’s
commitment to privacy, explains
the information that the Library
collects, and alerts visitors
to Library facilities and users
of remotely accessed library services
to the privacy choices they face.
The Worcester Public Library supports
and adheres to the American Library
Association's "Policy on
Confidentiality of Library Records,"
and ALA Council documents CD#19.3
“Resolution on the Retention of
Library Usage Records” (see attached).
The Library collects only the
minimum personal information necessary
to provide effective services
for its users. Library records
that identify library users by
name are confidential. Such records
will not be made available except
as permitted in the Massachusetts
General Laws, Chapter 180 of the
Acts of 1988 (see attached), or
with the explicit permission of
the user in question or pursuant
to judicial process, subpoena
or court order. The USA PATRIOT
Act expands the federal government’s
authority for access to library
records and documents to protect
against international terrorism
and clandestine intelligence activities.
It also expands federal law enforcements’
authorization to track telephone
and electronic communication,
including any dialing, routing,
addressing, or signaling information
and the actual content of the
communication. This law prohibits
library workers from informing
users if federal agents have obtained
records about them.
If a process, subpoena or order
is served on this library or its
employees or Directors, the Head
Librarian will consult with the
City of Worcester's Law Department
to determine if such process,
subpoena or order is in proper
form and if any necessary showing
has been made for its issuance.
The Head Librarian will notify
the Board of Directors. The Library
shall, subject to legal advice,
comply with the process, subpoena
or order.
This policy applies to all library
records, including but not limited
to records related to the circulation
of library materials, computer
database searches, interlibrary
loan transactions, reference queries,
holds, use of restricted materials,
or use of audiovisual materials.
|
| |
|
| 2. General Guidelines |
| |
|
2.1
|
The Library will keep
confidential all such information
that it collects or maintains to
the fullest extent permitted by
federal and state and local law,
including the Massachusetts General
Laws, Chapter 180 of the Acts of
1988 and the USA PATRIOT Act. To
make this policy easy to find, the
Library makes it available on the
Library’s Web site. |
2.2
|
Protection of confidentiality
extends to information sought or
received, and materials consulted,
borrowed, and received. |
2.3
|
Protection of confidentiality
includes database search records,
circulation records, interlibrary
loan records, and other personally
identifiable uses of library materials
or services. |
| 2.4 |
Any library user information
will be used only to provide or
improve library services. |
| 2.5 |
Library user account
information is located on the C/W
MARS’ server and is protected under
its privacy
policy. |
| |
|
| 3. Library Cards
and Circulation Records |
| |
|
3.1
|
To receive a library
card library users are required
to provide identifying information
such as name, birth date, mailing
address, social security number
(optional), and email (optional).
This identifying information is
retained as long as the library
user continues to use the library
card. |
3.2
|
Through the C/W MARS
network, a library user’s own record
includes current information, items
currently checked out or on hold,
as well as overdue materials and
fines. |
3.3
|
The Library does
not maintain a history of what a
library user has previously checked
out once books and materials have
been returned on time. The exception
is that the last user is tied to
the item record. See also 5.3. |
3.4
|
When fines accrue
on a user’s account, the Library
does maintain record of items that
have been borrowed but returned
after the due date, or are still
outstanding on the user’s record.
When overdue materials are returned
and all associated fines are paid,
the information associated with
the library card number is deleted. |
| 3.5
|
The Library normally
sends overdue notices via email
or by postcard, but occasionally
telephones. The Library notifies
users via telephone, email or mail
when requested items are ready for
pickup. |
3.6
|
Museum passes are
loaned through a third party hosted
service, Library users are protected
under its privacy
policy. |
| 3.7
|
The Library does
not sell, lease or otherwise distribute
or disclose user name, email address,
postal address, telephone number,
or other personal information to
outside parties. The Library occasionally
conducts promotional campaigns to
inform the community of services.
At those times, user email or mail
addresses may be used. |
| |
|
| 4. Radio Frequency
Identification (RFID) |
| |
|
| 4.1
|
The library
uses the Checkpoint Intelligent
Library System technology to secure
and circulate library materials.
The system server contains a transaction
database and log file for gathering
monthly reports. |
4.2
|
The information stored
on the RFID chip/tag is limited
to the item barcode that can only
be read by library equipment. |
| 4.3 |
RFID is not used for
library cards. |
| |
|
| 5. Public computer
use and the Library’s Online Public
Access Catalog (OPAC) |
| |
|
5.1
|
The Library uses
an online computer reservation program
that utilizes library cards or visitor
cards for the public to reserve
computers to access the Internet
and other resources. For some computers,
paper sign-up sheets are employed
and disposed of daily. |
5.2
|
The Library’s public
computer stations are programmed
to delete the history of a library
user’s Internet session and all
searches once an individual session
is completed. Reservation transaction
history is deleted within 48 hours. |
5.3
|
The Library’s OPAC
offers library user self-activated
features, such as My Reading History.
Information gathered and stored
using this feature is only accessible
to the library user. There is no
administrative interface to this
information for library staff and,
therefore, it is not retrievable
by anyone other than the user. The
user has the option to delete his/her
reading history at any time. |
| |
|
| 6. Reference Questions,
Distance and In-house |
| |
|
6.1
|
Information provided
by a library user via email will
be used only for purposes described
at the point of collection, such
as to send information or provide
library services to the library
user, or respond to a library user’s
questions or comments. |
6.2
|
If contact information
is provided, the Library may contact
the library user to clarify a comment
or question, or to learn about the
level of customer satisfaction with
library services. |
6.3
|
The Library treats
reference questions, regardless
of format of transmission (in person,
via telephone, fax, email or online)
confidentially. Personal identifying
information related to these questions
is purged on an ongoing basis. |
6.4
|
Email is not necessarily
secure against interception and
may be subject to disclosure requirements
of the Public Records Act or other
legal disclosure requirements. |
| |
Users may not misrepresent
themselves for purposes of fraud. |
| 7. Web Site Use |
|
|
| 7.1 |
The Library
collects no personal information
about a library user when he/she
visits our website. |
7.2
|
Since the Library web
site is hosted through a subscribed
service, library users are protected
under its privacy
policy. |
7.3
|
7.3 The Library has
links to many federal, state and local
organizations, as well as commercial
sites. Once users link to other sites,
they are subject to the privacy policies
of the new sites. |
| |
|
| Formerly Policy
on Confidentiality of Library
Records Revised 9 September 2003
Approved by the Board of Directors
8 May 2007
|
|
| |
 |
|
| |
|
|
|
|
|
| |
|
Policy on
Confidentiality of Library Records |
|
| |
|
|
|
|
|
| The Council of the
American Library Association strongly
recommends that the responsible
officers of each library, cooperative
system, and consortium in the United
States: |
| |
|
|
|
|
|
1.
|
Formally adopt a policy
that specifically recognizes its
circulation records and other records
identifying the names of library
users to be confidential. (See also
ALA
Code of Ethics, Article III,
"We protect each library user's
right to privacy and confidentiality
with respect to information sought
or received, and resources consulted,
borrowed, acquired or transmitted"
and Privacy:
An Interpretation of the Library
Bill of Rights.) |
2.
|
Advise all librarians
and library employees that such
records shall not be made available
to any agency of state, federal,
or local government except pursuant
to such process, order or subpoena
as may be authorized under the authority
of, and pursuant to, federal, state,
or local law relating to civil,
criminal, or administrative discovery
procedures or legislative investigative
power |
3.
|
Resist the issuance
of enforcement of any such process,
order, or subpoena until such time
as a proper showing of good cause
has been made in a court of competent
jurisdiction. |
| |
|
|
|
|
|
| Note: Point 3, above,
means that upon receipt of such
process, order, or subpoena, the
library's officers will consult
with their legal counsel to determine
if such process, order, or subpoena
is in proper form and if there is
a showing of good cause for its
issuance; if the process, order,
or subpoena is not in proper form
or if good cause has not been shown,
they will insist that such defects
be cured. |
| |
|
|
|
|
|
Adopted January 20, 1971, by the
ALA Council; amended July 4, 1975;
July 2, 1986.
[ISBN 8389-6082-0]
|
|
Chapter 78, Section 7 of
the Massachusetts General Laws
(as amended by Chapter 180, Acts
of 1988)
|
| |
| Section 7. A town may establish and maintain public libraries for
its inhabitants under regulations
prescribed by the city council or
by the town, and may receive, hold
and manage any gift, bequest or
devise [sic] therefore. The city
council of a city or the selectmen
of a town may place in such library
the books, reports and laws which
may be received from the commonwealth. |
| |
| That part of the records of a public library which reveals the identity
and intellectual pursuits of a person
using such library shall not be
a public record as defined by clause
Twenty-six of section seven of chapter
four. Library authorities may disclose
or exchange information relating
to library users for the purposes
of interlibrary cooperation and
coordination, including but not
limited to, the purposes of facilitating
the sharing of resources among library
jurisdictions as authorized by clause
(1) of section nineteen E or enforcing
the provisions of sections ninety-nine
and one hundred of chapter two hundred
and sixty-six. |
| |
2005-2006 ALA CD#19.3
2006 ALA Annual Conference
|
| |
| Resolution
on the Retention of Library Usage
Records |
| |
|
|
|
WHEREAS,
|
“Protecting user privacy and confidentiality is necessary
for intellectual freedom and fundamental
to the ethics and practice of librarianship”
(ALA Policy Manual, 53.1.16; Privacy:
An Interpretation of the Library
Bill of Rights); and |
WHEREAS,
|
Library usage records containing personally identifiable
information (PII) are maintained
for the sole purpose of effectively
managing library resources; and |
WHEREAS,
|
The confidentiality
of library usage records is protected
by law in all fifty states and in
the District of Columbia (see
http://www.ala.org/oif/stateprivacylaws);
and |
WHEREAS,
|
“The government’s interest in library use represents a
dangerous and fallacious equation
of what a person reads with what
that person believes or how that
person is likely to behave” (ALA
Policy Manual, 52.4.2; Confidentiality
of Personally Identifiable Information
About Library Users); and |
WHEREAS,
|
The American Library Association strongly recommends the
adoption of policies recognizing
“circulation records and other records
identifying the names of library
users with specific materials to
be confidential” (ALA Policy Manual,
52.4; Confidentiality of Library
Records); now, therefore, be it |
| |
|
|
|
| RESOLVED, That the American Library Association urges
all libraries to: |
| |
|
|
|
- Limit the degree to which
personally identifiable information
is collected, monitored, disclosed,
and distributed; and
- Avoid creating unnecessary
records; and
- Limit access to personally
identifiable information to
staff performing authorized
functions; and
- Dispose of library usage
records containing personally
identifiable information unless
they are needed for the efficient
and lawful operation of the
library, including, but not
limited to data-related logs,
digital records, vendor-collected
data, and system backups; and
- Ensure that the library work
with its organization’s information
technology unit to ensure that
library usage records processed
or held by the IT unit are treated
in accordance with library records
policies; and
- Ensure that those records
that must be retained are secure;
and
- Avoid library practices and
procedures that place personally
identifiable information on
public view; and
- Assure that vendor agreements
guarantee library control of
all data and records; and
- Conduct an annual privacy
audit to ensure that information
processing procedures meet privacy
requirements by examining how
information about library users
and employees is collected,
stored, shared, used, and destroyed;
and, be it further
|
| |
|
RESOLVED,
|
That the American
Library Association urges all
libraries to adopt or update a
privacy policy protecting users’
personally identifiable information,
communicating to library users
how their information is used,
and explaining the limited circumstances
under which personally identifiable
information could be disclosed;
and, be it further
|
RESOLVED,
|
That the American Library Association urges members of
the library community to advocate
that records retention laws and
regulations limit retention of library
usage records containing personally
identifiable information to the
time needed for efficient operation
of the library. |
| |
Adopted by the Council of the American Library Association
Wednesday, June 28, 2006
New Orleans, Louisiana
|
 |
|
|
Keith Michael Fiels
ALA Executive Director
|
|
|
|
| |
|
|
|
|
|
|
