Earlier this week, I attended the New England Library Association annual conference in Manchester, NH where I co-presented with my colleague, Jeanette Lundgren (Executive Director at CW MARS) on privacy audits we have each conducted at our respective library consortia.
A privacy audit is a great tool for libraries and library consortia to ensure that they are keeping their commitment to protect the privacy and confidentiality of their users. People trust their libraries, and we want to show them we are doing everything we can to earn that trust.
The American Library Association provides several guidelines and checklists for library agencies to perform a review of their privacy practices. Over the past year, a Task Force at the library consortium I lead reviewed one of these checklists – the one pertaining Library Management Systems – and ultimately made several recommendations to improve our data security practices so that we could better protect patron confidentiality.
Below are some lessons I’ve learned as we embarked on this process:
- Email is an easy way to communicate, but it’s insecure
In providing support to our member libraries and to their patrons, we were sharing a lot of patron information over email. Why is this a problem? Email is ubiquitous. You might copy several people on a message that then could be forwarded to somebody else. As you work through a problem, you may have forgotten that personal information was in the original thread. Each of those emails is then saved in multiple Inboxes and Sent folders where they may or may not be deleted long after the information is needed. Any of those accounts could then be hacked. Email is also easily misdirected to the wrong person. Many of the recommendations from our audit started with the goal of eliminating Personally Identifiable Information (PII) from email. - Consider performing an audit in small, manageable steps
If you’re busy like our office is, the long list of checklists on the ALA web site that are relevant to your organization can feel overwhelming. There is no reason you need to review them all at one time. I was concerned we would spend an entire year just going through checklists before we took any action to improve our privacy practices. Instead, we picked the checklist that would have the most impact on our organization and focused our efforts there. All of the recommendations from that first phase will be implemented by the end of next month, at which point, we can start reviewing other checklists, which we expect to require fewer action items. - The simple act of performing an audit helps build a culture of privacy
Even before any recommendations were made or actions implemented, privacy practices in my organization improved just through greater awareness of what PII is and how we should be storing, sharing and deleting it. People started raising questions whenever they were working with patron information about whether they were handling it properly. Continually engaging in conversations about how we handle patron data keeps this awareness in the forefront. - Our systems are in a great position to make this work easier for us, but they still have a long way to go
Let’s face it. If a system doesn’t have functionality to help us protect patron confidentiality, we may be limited in any improvements we make. Even those systems that put privacy first will fall short in some areas. Many vendors will prioritize other goals over privacy and confidentiality. In our audit, we had to hold back on some recommendations because we just didn’t have the functionality to implement them in a good way. It is critical that librarians continually advocate with their vendors for features that better protect patron data and features that build in opt-ins for patrons to let us know when they want to give us more access to their data. Those using open-source systems should advocate in their communities or, even better, allocate staffing / funding to make those improvements happen. We need to continually remind vendors that patron privacy and confidentiality are values that need to be supported by our systems. Every new feature needs to respect these fundamental professional values. - Protecting patron privacy is good customer service
Librarians are committed to providing great customer service to their patrons. As a result, some may struggle with new privacy practices that get in the way of helping patrons in the ways they’ve traditionally helped them. But protecting patron confidentiality is also good customer service. The difference is the patron who will most appreciate the new privacy practices may not be the patron stopping at the desk on a regular basis asking for help in remembering which books they’ve read. It may be the patron who is using the self-check because they don’t want anyone to see what they are checking out or the person who just likes to keep their reading/viewing/listening preferences private. The time when data security becomes a highly-visible customer service issue is when a breach of your system occurs. If you can’t demonstrate you’ve taken measures to protect your users’ personal information, you will lose their trust. Taking measures now to ensure you are only storing data that is needed to support your operations, that you are removing personal data when it is no longer needed, and that you are securing their accounts following industry standards will go a long way in maintaining that trust.