A. Purpose of this document
This document outlines the Moraine Valley Library’s approach to protecting privacy, the types of data that we collect and store, and related user rights. We follow the five "Fair Information Practice Principles" which are notice, choice, access, security, and enforcement.
B. Our Commitment
Privacy is essential to academic freedom, free thought, and free inquiry, and therefore, central to the educational mission of Moraine Valley Community College. The right to privacy is at the heart of the Library Bill of Rights, and it is enshrined in the4th Amendment of the United States Constitution.
As the American Library Association's Code of Ethics states, "We protect each library user's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired, or transmitted.”
In keeping with the educational goals of the College and the ethics of the library profession, the Moraine Valley Community College Library is committed to protecting the privacy of students, staff, faculty, administrators, and community members who utilize our services. We define privacy to be the freedom to read, research, and use our facilities whether face-to-face or virtually without the fear of scrutiny by others.
Library patrons should assume privacy when utilizing our library. This policy gives notice (Part C) of the types of information that are collected when using library services.
It is our intent to reasonably safeguard face-to-face interactions in the library as well as the personally identifiable information our online library systems collect to ensure this freedom and only collect information that is necessary to fulfill of our duties.
C. Notice & Openness
The Moraine Valley Library affirms the right of users to be given notice of the types of information that are personally identifiable so that patrons can make informed choices as to how they utilize services.
We hereby give notice that the following types of information are collected related to user activities in our library
1. In-Person Transactions
- Circulation & Reference Interactions at Service Desks
Librarians and library staff members work to protect patron privacy as much as possible given the public nature of the Circulation and Information Desks. We do not keep personally-identifiable data at these desks unless required for special service (see iii below).
- Material checkouts
The Library only retains a record of current items checked out by each patron. Previous checkouts are deleted from our system to protect privacy. Records on any billed items are retained until payment is made.
- Forms for special services
Some special services require additional forms such as technology checkouts or accessing the College Archives. These forms are kept on file for six months or the duration of the agreement whichever is greater.
2. Library System Data
- Patron Account Information
The patron record in the Library system includes name, address, phone, email, MVCC username, Colleague ID number, and status (student/faculty/staff, etc). The record includes activity-generated data such as active checkouts, holds, notes about accounts, and billing information. The Library purges inactive patron records every three years. The system retains records for billed items, overdue items, and fine histories.
- Patron-Generated Account Information
The Library system allows patrons to access additional services such as saved searches and tagging records. These are opt-in services, and thus, are only initiated at the request of the patron.
- Off-Campus Access to Research Tools
- Interlibrary Loan & Document Delivery
Records of ILL requests with patron names and contact information are retained in a printed form for copyright compliance reasons for three years. Patron name and item title are only shared with non-library staff members to enable delivery of items at satellite campus locations.
3. Website Usage Data
- Study Room Online Reservation System
The Acuity reservation system retains user data such as student ID number, phone number, room checkouts, emails, and room reservation details.
- Faculty Lab Online Reservation System
The Acuity reservation system retains user data such as staff ID number, phone number, room checkouts, emails, and room reservation details.
- Ask a Librarian Text Service
The Library H3lp reference service does not collect individually identifiable information. Library H3lp does retain text phone numbers, IP addresses, and chat transcripts.
- Social Media Instances
The Librarians review social media data such as total likes, page visits, and demographic information in the aggregate. We do not share any social media data with third parties. For more information please review the individual privacy policies for each platform to see how they use data.
- Online Forms
The Library’s consultation request forms, item suggestion form, website suggestion form, and Moraine Valley Broadcasting Channel submission form utilize Google forms. Information such as name, contact information, and specific requests and submissions are collected on these forms. This data is stored in an online, password-protected spreadsheet accessed by Library staff members.
- Library Database Vendors
The Library provides access to specialized research databases provided by outside vendors e.g. EBSCO, Proquest, JSTOR. These vendors generally do not collect personally identifiable information unless patrons create their own user accounts and login when they search. Some services such as the PrepStep: Test Preparation database or the Hoopla media platform require patrons to login in order to utilize the service. These tools often retain data and usage histories. Patrons are responsible for reviewing the privacy policies of these tools.
- MVCC Campus IT information
The MVCC Campus IT manages the College’s digital infrastructure and has access to tools that monitor the campus network. Patrons should review the campus technology policies. Data collected by Campus IT is outside of the control of Library staff.
- Security Information from Cameras
The Campus Police utilize security cameras at the entrance of Library and in the hallways outside of the Library.
- Outside Web-based Services
Many web-based services such as Google, Microsoft, Facebook, Twitter, and others collect user information. Please consult the privacy policies of these tools to learn more.
D. Choice & Consent
The Moraine Valley Library only collects personally identifiable information when necessary to carry out library services. In cases where our Library may collect additional, personally identifiable information beyond the items listed in Part C above, we will only do so with patron consent and patrons will have the option to opt out. The Library system is on a regular and secure patron information purge cycle that removes data in order to protect patron privacy.
Library patrons have access to their library account through the Library’s website. They can view checkouts, holds, fines, and other preferences. Library patrons may also request to view their personal account information such as address and contact information by making a request to the Dean, Learning Resource Center.
F. Data & Security
The Moraine Valley Library takes data security seriously. We take the following measures to protect patron data:
1. In Person Interactions
Library patrons should have a reasonable expectation that their work will not be monitored by others. Library staff will take actions to make reasonable accommodations to protect this expectation. Library staff will not reveal the location of library users unless there is an emergency situation. Patrons may not take photos or videos of identifiable individuals (beyond incidental photography) without their knowledge and permission.
2. Technical measures
The Moraine Valley Library partners with campus IT to ensure that we follow current best practices in information security. In cases where Library staff utilize data to make decisions (such as number of checkouts or database searches), personally identifiable information is removed and data is viewed in the aggregate.
3. Staffing measures
Only staff members who have a need to access personally identifiable information and patron records are given access to these records. These staff members follow protocols to ensure that only they can access these records. Student workers have limited access to access patron accounts.
4. Data Retention and Deletion
Personally identifiable data such as patron records are only retained while patrons are active (not expired) in our system . Patron records are purged after three years. Patron information on outstanding fines and fees for billed items are retained until returned or paid off.
5. Data audits
The Moraine Valley Library participates in College-wide data audits to improve processes and practices.
G. Enforcement & Redress
The Moraine Valley Library does not share data on individuals with outside third parties unless required by law.
Library patrons may address concerns about privacy practices in case of a potential violation of this policy to the Dean, Learning Resource Center.
Approved ELT September 2018