Policy: Confidentiality

White Plains Public Library’s Commitment to Our Users’ Rights of Confidentiality
This privacy policy explains the steps this Library takes to respect and protect your confidentiality when you establish an account with the Library and use certain Library resources and how we deal with the personally identifiable information we collect from users.
The courts have upheld the right to privacy based on the Bill of Rights of the U.S. Constitution. New York State law signed on June 13, 1988 (CPLR 4509) details library records deemed confidential by New York State. This Library’s privacy and confidentiality policies are in compliance with applicable federal, state, and local laws.
Our commitment to your privacy and confidentiality has deep roots not only in law, but also in the ethics and practices of librarianship. In accordance with the American Library Association’s Code of Ethics: “We protect each library user’s right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired, or transmitted.”

1. Public Disclosure of the Library’s Policy

Library users have the right to be informed about the policies governing the amount and retention of personally identifiable information and about why that information is necessary for the provision of Library services.
We post publicly and openly acknowledge the confidentiality and information-gathering policies of this Library. Whenever policies change, notice of those changes is made available to our users.
We avoid creating unnecessary records, retaining records not needed for the fulfillment of the mission of the Library and practices that could place personally identifiable information on public view.

2. Information Collected by the Library

Individuals are required to provide current and valid contact information in order to establish and maintain an active account with the Library. Personally identifiable information we may gather and retain includes the following:

  • User Registration Information: Name, address, telephone number and date of birth. You may at your option provide your email address, and you may request at any time that we remove your e- mail address from your record. Additionally, we collect name of employer or school, business address, and business telephone from nonresidents. This contact information is linked to a unique Library card number that is assigned to your account.
  • Circulation Information: For each circulation transaction, such as a checkout, return or renewal, we record the individual’s Library account number, the unique item identification number and the time and date of the transaction.
  • Electronic Access: When accessing the Library’s Website, certain information is automatically recorded, including IP address of the accessing computer, type and version of the browser and operating system used to access our Website, domain name of the network from which our site was accessed, referring page, and date and time of access. In addition, some sections of our Website require that you enter personally identifying information such as your Library account number to gain access to services.
  • Onsite Public Computer Use Information: The Library collects information about public computer use, including identity of computer, date, time and length of computer session and Internet sites visited. In addition, public computers designated for Internet access require entering personally identifying information such as your Library account number to gain access to services.
  • Closed Circuit Television (CCTV) Recordings: The Library employs CCTV to ensure the physical security of the Library facility, staff and patrons.

3. How Personally Identifiable Information is Used

By registering for Library services, you agree to give the Library personally identifiable information in order to establish your account with the Library, manage your use of Library services and enable communication by the Library and its affiliates with you. Your use of Library materials, programs and services may imply additional consent.
We use your Library account to enable and manage your borrowing privileges and your access to specific services, such as use of onsite public computers or use of certain electronic resources.

We use your contact information:

  • To communicate with you regarding your account;
  • To notify you about programs, activities and services of the Library or its affiliates;
  • To provide you with services you have elected to receive, such as access to a workshop, optional e-mail notifications and services you have requested.

We may share your contact information with Library affiliates: the Friends of the Library and the White Plains Library Foundation. We do not sell, license or disclose personal information to any other third party without your consent, unless we are compelled to do so under the law or to comply with a court order.

4. Access by Users

You are required to provide current and valid contact information in order to maintain an active account with the Library. You may update the contact information in your Library account at any time in person or online. In both instances, you will be asked to verify your identity.

5. Data Integrity & Security

  • Data Integrity: The data we collect and maintain at the Library must be accurate and secure. We take reasonable steps to assure data integrity, using only reputable sources of data and updating data whenever possible.
  • Data Retention: We protect personally identifiable information from unauthorized disclosure. Records are moved to secure off-line storage once they are no longer needed to manage Library services.
  • Tracking Users: We do not ask Library visitors or Website users for personally identifiable information such as Library account number unless they are borrowing materials, requesting certain services, using Library computers or network resources, registering for programs or classes, or making remote use from outside the Library of those portions of the Library’s Website restricted to registered borrowers.
  • Third Party Security: We make every effort to ensure that Library’s contracts, licenses, and offsite computer service arrangements reflect our policies and legal obligations concerning user privacy and confidentiality. Should a third party require access to our users’ personally identifiable information, our agreements appropriately address the use, aggregation, dissemination, and sale of that information. When facilitating connections to licensed databases maintained outside the Library by third parties, we only permit third parties to access information that authenticates users as having valid accounts at the White Plains Public Library. The Library is not responsible for the privacy practices, security or content of any external Websites to which it has provided links. It is the responsibility of users to familiarize themselves with the privacy and security information of any sites they visit.
  • Security Measures: Our security measures consist of both managerial and technical policies and procedures to protect against loss and the unauthorized access, destruction, use or disclosure of data. Our managerial measures include internal organizational procedures that limit access to data and ensure that those individuals with access do not utilize the data for unauthorized purposes. Our technical security measures to prevent unauthorized access include limits on access through use of passwords and storage of data on secure servers or computers that are inaccessible from a modem or network connection.
  • Staff access to personal data: We permit only authorized Library staff with assigned confidential passwords to access personal data stored in the Library’s computer system for the purpose of performing Library work.
  • Disclaimer: The Library uses standard systems and communication methods beyond its direct control, and no guarantee can be made that transactions over the Internet or the local network, by mail or e-mail, by telephone or at a public service desk are infallibly secure and confidential. While utmost care is exercised to protect Library systems and servers from unauthorized access, no guarantee can be made that personal information is invulnerable.

6. Enforcement & Redress

The Library only uses and shares personal information as described above. We conduct periodic privacy audits to ensure that we are complying with our confidentiality policy. Library users who have questions, concerns, or complaints about the Library’s handing of their privacy and confidentiality rights may file written comments with the Library Director. We respond to these in a timely manner, and may conduct a privacy investigation or review of policy and procedures as a result of such an inquiry.
The Library Director or his/her designee is solely authorized to receive and comply with requests from law enforcement officers. Library staff and volunteers are required to refer any law enforcement inquiries to the Library Director or his/her designee. We do not make Library records available to any agency of state, federal, or local government unless a subpoena, warrant, court order is issued pursuant to law. Before complying with any such requests, legal counsel is consulted to determine the proper response.
Adopted by the White Plains Library Board of Trustees on 10/17/06
Confidentialty Policy, page 3

PDF Version: Confidentiality.pdf