Privacy and Confidentiality of Information

Policy Number: No. G-09
Policy Title: Privacy and Confidentiality of Information
Category: Operational Policies: Public Services
Adopted: June 2011
Last Review: November 2020

Background:

Perth & District Union Public Library recognizes that use of the library is a private matter, as governed by the Municipal Freedom of Information and Protection of Privacy Act and by the principles of intellectual freedom (See Appendix C: Statements of Intellectual Freedom). The library therefore makes every reasonable effort to protect personal information about its users and their use of library materials, services, and programs.

Policy:

Personal information is defined in Municipal Freedom of Information and Protection of Privacy Act, R.S.O. 1990, c. M56 (MFIPPA), in part, as “recorded information about an identifiable individual.” In the library context, this may include, but is not limited to, contact information, information on items requested or borrowed, and information related to computer and internet use.

The purposes for which personal information is being requested will be identified to library users before such information is collected and will not be disclosed without the express consent of the user, except under the following circumstances as provided by MFIPPA:

  1. to the public or persons affected if the CEO has reasonable and probable grounds to believe that it is in the public interest to do so and that the record reveals a grave environmental, health or safety hazard to the public
  2. to a parent or guardian of a child under the age of 14
  3. to the police upon the presentation of a warrant
  4. to the police, in the absence of a warrant, if approved by the CEO

The collection of personal information will be limited to that required for operation of the library and provision of services. The library will not retain personal information about library use any longer than is required for the provision of services. The library stores information in its databases related to borrowed items, computer sessions, and meeting room bookings. Information related to websites visited or other computer use is not retained beyond the day of use. When no longer required, all personal information collected by the library will be shredded or deleted.

The library will make all reasonable efforts to protect the integrity and security of its electronic databases.

An individual shall be informed of the existence, use, and disclosure of his or her personal information and shall be given access to that information upon request and proof of identity. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.

Nothing in this policy will prevent library staff from accessing user information for legitimate purposes, such as matters related to the circulation of materials and issues concerning the suspension of privileges.

See also:

  • 2.I-1: Records Retention Policy
  • Appendix C: Statements of Intellectual Freedom