1. PURPOSE

This document provides guidance to individuals employed by the Kenosha Public Library and vendors partnered with the library that provide patron resources and content; fulfilling the library’s commitment to data privacy and security. Following the guidelines helps to ensure that patron data is protected from unauthorized access and that the patron can easily access all of the library's resources.

The underlying foundation for KPL’s Data Privacy & Security Guidelines are the KPL Confidentiality Policy, Records Retention Schedule for Wisconsin Public Libraries, Wisconsin State Statute 43.30, Wisconsin Student Privacy Alliance (WSPA), the American Library Association Library Bill of Rights, and the Interpretations of the Library Bill of Rights.

2. DEFINITION

The Kenosha Public Library Data Privacy & Security Guidelines has adopted the definition of data security and personally identifiable information used by the U.S. National Institute of Standards and Technology.

Data Security

The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. (source: NIST: INFOSEC)

Personally Identifiable Information

Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means. (source: NIST: PII)

3. SCOPE

These guidelines support public and staff applications, including the following examples:

• Websites
• Video and audio content
• Electronic documents
• Desktop, mobile, and cloud-based applications
• Content and digital archive management systems
• Email and calendars
• Library resources
• Computers and peripherals

4. STANDARDS

Patron Authentication

Patrons will not be required to create additional accounts to access information provided by a vendor. Vendors will allow patrons to access their resources using SIP2 over TLS, the SirsiDynix Web Services API, or ezProxy for authentication.

Staff Authentication

When possible, SAML or Secure LDAP authentication shall be used for staff accounts within resources. KPL recognizes not all vendors have the ability to provide such authentication methods, but actively encourages vendors to provide such a feature. KPL IT is willing to help vendors seeking to implement such features by participating in testing programs. Following best cybersecurity practices set forth by the SANS Institute, library staff will have their own accounts to operate any purchased system. Staff will not be required to log into any system using the patron’s credentials.

Data Encryption & Security

All user and patron data will be encrypted while at rest and in motion. Security certificates used to verify in-motion data encryption must be signed by a trusted source and cannot be self-signed. At-rest encryption will consist of either full disk encryption or full database encryption.

Data Retention & Destruction

Data should be retained according to the Records Retention Schedule for Wisconsin Public Libraries. Numerous conditions are covered in this schedule and any questions should be directed to the Wisconsin Department of Public Instruction (DPI) Public Library Development Team for clarification. Physical documents will be securely shredded, and data storage mediums will be shredded or drilled as needed to ensure the maximum destruction of the data retaining medium. Basic statistical information may be kept for longer periods of time. This information will consist of dates and times resources were accessed, the number of times accessed, the number of searches conducted, and other information sets that do not contain personally identifiable information (PII). If required by a Federal grant, a patron card number may be kept with this information; however, there is no commitment that the card number will remain within the ILS past the usual expiration date.

Data Sharing, Marketing, and Notifications

Unless expressly stated in writing by the Library Director, first-party use of patron data by a vendor will not go beyond usage statistics and authentication. Any 3rd party use or access of patron data by a vendor is strictly prohibited. Any direct marketing by a vendor to a patron, including but not limited to promotion of individual paid services, direct patron marketing, or notification of the service’s removal by a vendor is prohibited unless the patron has opted into such notifications. Patrons will be opted out of all vendor-supplied notifications and marketing by default.

Vendor License Agreement/Privacy Policy

The vendor’s privacy policy will be publicly available online, and the license agreement or privacy policy will include wording similar to the following:

The Library owns all patron and staff data, supplied manually or via system synchronization, in perpetuity. In the event of contract termination, all Library owned data will be removed from the vendor’s systems the day after the last day of the contract. Data export will be made available of all Library owned data and statistics to a designated Library Staff Member on the last day of the contract. Data will be provided in industry-standard formats including CSV, JSON, and MRC.

5. RESOURCES

The following resources can assist the KPL community in understanding and meeting its data privacy & security goals. These resources can also be used as a reference for vendors and contractors providing products and services to the Kenosha Public Library.

• Wisconsin State Statute 43.30
• Records Retention Schedule for Wisconsin Public Libraries
• Wisconsin Student Privacy Alliance (WSPA)
• Library Bill of Rights
• Privacy: An Interpretation of the Library Bill of Rights
• NISO Privacy Principles
• Library Privacy Guidelines For Data Exchange Between Networked Devices And Services
• SirsiDynix APIs & Web Services
• EZproxy for content providers
• How SAML authentication works