Confidentiality of Library Customer Records
Confidentiality of Library Customer Records Policy
Highlights
It is the policy of the Cumberland County Library System to comply with all judicial processes while preserving customer confidentiality to the extent allowed by law. This policy explains customer privacy and confidentiality rights, the steps the Library System takes to respect and protect customer’s privacy when using library resources, and how the Library System deals with personally identifiable information that it may collect from its users.
Legal Protections
In accordance with the "Pennsylvania Library Code", records related to the circulation of library materials which contain the names of library users or other personally identifying details shall be considered confidential in nature and may be revealed only to the library card holder or used by the library during the normal course of business except by a court order in a criminal proceeding (24 P.S. §4428), or a federal investigative proceeding (USA PATRIOT Act of 2001).
Other Information Treated as Confidential
The Library System also considers program registration and attendance lists as well as information questions asked by customers to be confidential
Selling or Leasing of Personal Information
The Library System does not sell or lease users' personal information to companies, universities, or individuals. It will not disclose any personal data it collects from customers to any other party except:
- When required by law;
- When requested by the account holder;
- When requested by a minor customer’s parent or legal guardian;
- To enforce the library’s service policies, including, but not limited to, circulation regulations and customer behavior guidelines;
- To contact customers during the course of the library’s business including affiliated entities such as library friends or library foundation organizations; or,
- To protect the health, welfare and safety of library customers.
Borrowers may allow a party to act on his or her behalf for checkout of materials by sending his or her library card with another party.
Online Financial Payments
As for credit or debit card information that customers submit online when paying fees, making donations, or purchasing goods or services, the Library System contracts for online payment processing services that are hosted by vendors that comply with current Payment Card Industry Data Security Standards (PCI DSS). The Library System does not collect or store any online credit or debit card processing data that is submitted online by customers. The Library System is not responsible for any breach of security with respect to data collected or stored by these vendor-hosted sites, nor is the Library System responsible for these site’s compliance with applicable federal and state laws and regulations.
This policy is subject to change at any time without notice. Updates to the policy may be obtained from the Library System.
Page reviewed June 4. 2012.
|
|
|
|