Managing Data for Patron Privacy

Libraries are not exempt from the financial costs of data breaches or leaks, no matter the size. Whether from a library worker unwittingly sharing a patron's address with a perpetrator of domestic violence to leaving sensitive patron data unprotected, patrons can also pay a hefty price when libraries fail to manage patron data securely and ethically. In this guide, readers will learn concrete action steps for putting the ethical management of data into practice, following two common public and academic library cumulative case studies. The authors explore such key topics as

• succinct summaries of major U.S. laws and other regulations and standards governing patron data management;
• information security practices to protect patrons and libraries from common threats;
• how to navigate barriers in organizational culture when implementing data privacy measures;
• sources for publicly available, customizable privacy training material for library workers;
• the data life cycle from planning and collecting to disposal;
• how to conduct a data inventory;
• understanding the associated privacy risks of different types of library data;
• why the current popular model of library assessment can become a huge privacy invasion;
• addressing key topics while keeping your privacy policy clear and understandable to patrons; and
• data privacy and security provisions to look for in vendor contracts.

Kristin Briney is the Biology & Biological Engineering Librarian at the California Institute of Technology. She has a PhD in Physical Chemistry and an MLIS, both from the University of Wisconsin-Madison. In addition to being a liaison librarian, Kristin teaches and consults on research data management for both researchers and librarians. She is the author of the book Data Management for Researchers: Organize, Maintain and Share Your Data for Research Success and conducts research on student privacy in academic libraries.

Becky Yoose is the founder of and Library Data Privacy Consultant for LDH Consulting Services. She received her MA-LIS from the University of Wisconsin-Madison and is a certified privacy professional by the International Association of Privacy Professionals. With well over a decade of experience in wrangling library data in academic and public libraries, Becky helps libraries and library vendors navigate the intersection of library data and privacy.