This policy describes how Sharing Heartland’s Available Resources Equally (SHARE) collects, uses, and discloses patron information.
SHARE collects patron data primarily for identity verification and communication. That data may include name, address, phone number, email, photograph, driver’s license number, and date of birth. SHARE requires public and academic libraries to collect address, birthdate, and driver’s license or identification number to validate identity, but the decision of what additional data to collect or what is an acceptable form of proof of residency is left wholly to the local library administration and policies. We do not collect social security numbers.
In addition, our integrated library system (ILS) also tracks data of items that are currently checked out, items that have fines or fees, and in some cases a reading history. The reading history feature is optional, as a patron convenience, but due to the implications of patron privacy, it will only be available if it has been enabled first by the local library, and then activated by the patron in their online account or by patron request. It is not automatic or a system-wide feature.
Patron data, including any details of reading history or items checked out, is confidential. Confidentiality of library materials is a “core value of librarianship” (American Library Association). SHARE is governed by Illinois law, including the (75 ILCS 70/) Library Records Confidentiality Act. This act states that library registration and circulation records are protected as confidential by law. No person may obtain these records without court order or as required by law.
SHARE and your local library may use patron statistical data for reporting purposes, or to inform library policy, such as collection development and programming. SHARE and your local library may also use statistical data in advocacy and marketing efforts. No personal data is used in these statistical reports.
SHARE does not sell patron data. There are trusted third-party library vendors that do have limited access through authentication protocols that allow patrons to access additional library-supported services, like e-books or other electronic resources.
Patron information is stored as long as you have an active account with a SHARE member library. An active account is defined by the member library, which maintains policies and procedures that determine when accounts are deleted. Data in SHARE is the property of the patron’s home library and conforms to all applicable federal and state laws.
SHARE takes every precaution for the data we maintain, using industry-standard physical, electronic, and procedural safeguards. We use a layered approach to provide multiple levels of protection, including firewall protection, encryption, computer registration, and strict authentication via password protection with varying degrees of member library staff access. Member library staff are also governed by Illinois state law: “No person shall publish or make any information contained in such records available to the public,” (Library Records Confidentiality Act [75 ILCS 70]). Each SHARE staff person, member library, and member library staff are expected to understand and comply with Illinois law and take reasonable precautions to protect database access and library records.
The Illinois Student Online Privacy Protection Act (SOPPA) is intended to protect the privacy and security of student data when collected by companies operating websites, online services, or online/mobile applications primarily used for K-12 school purposes.
SHARE does not primarily serve K-12 school members; however, we support the philosophy and intent of the law. Children may have an account through their school or public library. Minors have the same right to privacy under the Library Records Confidentiality Act.
If you have any questions or comments regarding our privacy practices, security procedures, or this policy, please contact us at firstname.lastname@example.org.