User Privacy Policy of the University Library

It is the policy of the University Library that the privacy of all users shall be respected in compliance with federal and state laws and professional standards. The Library will not reveal the identities of individual users or reveal what information sources or services they consult. This policy applies to all resources regardless of their format or means of delivery as well as to all services offered by the Library.

To aid understanding of the use or value of resources and services the Library may aggregate and retain user data for a reasonable period of time. It will, however, neither collect nor retain information identifying individuals except during the period when and only for the purpose that such record is necessary to furnish a specific service (for example, loaning a book, ordering a report, recording user service preferences, or for internal service evaluation). Data on individuals will not be shared with third parties unless if required by law.

For examples of how this policy applies to specific services or programs, please refer to the Practice Guidelines that follow.

Circulation
It is the policy of the Library that the privacy of all borrowers of library materials shall be respected. The Library will not reveal the names of individual borrowers nor reveal what books are, or have been, charged to any individual.

When library users need books that are on loan, the units with circulation responsibility will assist them by calling in those books as soon as the guaranteed loan period (usually three weeks) has ended. If the books desired are in a renewal period, they will be recalled immediately.

Collection Development and Resource Management
Comments, purchase recommendations, gifts-in-kind, and special requests from users make an important contribution to building and shaping the Library's collections. Purchase, transfer, and related collection management requests linked to individual users-- or even group of users (e.g., the History Department)-- are deemed confidential reader information and not shared outside the Library. Within the Library, user names are temporarily attached to internal records and shared among relevant staff to facilitate notification of Library actions and follow-through.

Contracts and Licenses for Information Resources
Consistent with its user privacy policy the Library expects its information service providers to follow the same standards in the performance of the products they license, lease or sell to the Library. Contracts, licenses, agreements and arrangements that the Library enters shall accordingly and as the standard practice protect the identity of individual users and the information they use.

To provide additional personalized services (for example, help in using resources, profiling user interests for subsequent notification) service providers may require users to identify themselves. Such identification will be only at the user's discretion and will require the user to follow clearly indicated procedures before the service is activated. The service provider may not sell, lease, or loan information identifying individual users or the information they use to third parties unless authorized in advance by each user. To aid understanding of the use or value of resources and services, service providers may aggregate and retain anonymized user data.

Interlibrary Loan/Document Delivery
Requestors of interlibrary loan and document delivery services receive the same protection in terms of confidentiality of their requests. In some cases, information about requests is shared with other library staff for collection development purposes; it remains confidential within the library. Documentation of requests may be retained as necessary for the Library to comply with auditing, copyright or other regulations.

Library Surveys/Assessment Projects
Information and data obtained by the Library or its units through surveys (group or individual interviews or other means) in support of assessment of services, collections, facilities, resources, etc., or in support of research related to library and information services, are considered confidential and will not be shared except in aggregations, to protect the privacy of individual participants.

Public Access Digital Systems
The Library's access systems (e.g., Mirlyn, the Library's website, and discovery tools maintained by the Library) frequently track or "log" the actions performed by users of those systems. In some cases, specialized services or enhancements to system functionality require retaining the transaction logging. Users may request that the Library not retain their individual records, but a user who does so will be unable to use the associated services. In other cases, data that can be tied to individuals will be kept intact only for a limited period of time. Its use will be restricted to trouble-shooting and problem resolution related to system functions and service transactions. It is the Library's policy that no transaction logging containing personal information will be shared with third parties.

Information from transaction logs may be aggregated for reporting on types of use and use of materials. For this purpose, information regarding individual identities or the source of the transaction will be removed. In the case of logs kept for a limited period of time (i.e., where transaction logging is not retained for services or enhancements), the precise duration of the period needed for storing full transaction level logging will be determined on a case-by-case basis. When the information is no longer reasonably useful for problem resolution, the original transaction logging information will be destroyed, and backups and other stored forms of the data will not be retained.

Reference Privacy Policy
Final 8 June 2000
Updated 18 September 2008
Reference Policy updated 11 October 2005

Page maintained by Donna Hayward
Last modified: 03/31/2009