At the Calvin T. Ryan Library, the right to privacy is the right to open inquiry without having the subject of one's interest examined or scrutinized by others. Confidentiality exists when a library is in possession of personally identifiable information about users and keeps that information private on their behalf.
The courts have upheld the right to privacy based on the Bill of Rights of the U.S. Constitution. Many states provide guarantees of privacy in their constitutions and statute law. Nebraska law expressly provides the right to privacy. The Calvin T. Ryan Library privacy and confidentiality policies are intended to comply with applicable federal, state, and local laws, as well as with any UNK and NU policies on privacy.
User rights, as well as our institutional responsibilities, outlined here are based in part on what are known in the United States as the five "Fair Information Practice Principles." These five principles outline the rights of Notice, Choice, Access, Security, and Enforcement.
Our commitment to your privacy and confidentiality has deep roots not only in law but also in the ethics and practices of librarianship. In accordance with the American Library Association's Code of Ethics:
"We protect each library user's right to privacy and confidentiality with respect to information sought or received and resources consulted, borrowed, acquired, or transmitted."
The Calvin T. Ryan Library affirms that our library users have the right of notice to be informed about the policies governing the amount and retention of personally identifiable information and about why that information is necessary for the provision of library services.
In all cases we avoid creating unnecessary records, retaining records not needed for the fulfillment of the mission of the library, and do not engage in practices that might place information on public view.
Information we may gather and retain about current and valid library users include the following:
This policy explains our information practices and the choices you can make about the way the Calvin T. Ryan Library collects and uses your information. We will not collect or retain your private and personally identifiable information without your consent. Further, if you consent to give us your personally identifiable information, we will keep it confidential and will not sell, license, or disclose personal information to any third party, unless we are compelled to do so under the law or to comply with a court order.
If you wish to receive borrowing privileges, we must obtain certain information in order to provide a library account.
We never use or share the personally identifiable information provided to us online in ways unrelated to the ones described above, without also providing you an opportunity to prohibit such unrelated uses, unless we are compelled to do so under the law or to comply with a court order.
If you are affiliated with the University of Nebraska at Kearney, the Calvin T. Ryan Library automatically receives personally identifiable information to create and update your library account through MyBlue (for students) or Firefly (for employees).
Individuals who use Calvin T. Ryan Library services that require the function and process of personally identifiable information are entitled to view and/or update their information. You may either view or update your personal information online or in person. In both instances, you may be asked to provide verification such as an identification card to ensure confirmation of identity. Patrons affiliated with the university should make permanent updates to their information with the Office of Student Records and Registration (for students) or Human Resources (for employees).
The purpose of accessing and updating your personally identifiable information is to ensure that library operations can function properly. Such functions may include notification of overdue items, recalls, reminders, etc. The library will explain the process of accessing or updating your information so that all personally identifiable information is accurate and up to date.
Data Integrity:The data we collect and maintain at the library must be accurate and secure. We take reasonable steps to assure data integrity, including: using only reputable sources of data; providing our users access to your own personally identifiable data; updating data whenever possible; utilizing middleware authentication systems that authorize use without requiring personally identifiable information; destroying untimely data or converting it to anonymous form.
Data Retention: We protect personally identifiable information from unauthorized disclosure once it is no longer needed to manage library services. Information that should be regularly purged or shredded includes personally identifiable information on library resource use and material circulation history.
Tracking Users: We remove links between patron records and materials borrowed when items are returned and we delete records as soon as the original purpose for data collection has been satisfied. We permit in-house access to information in all formats without creating a data trail. Our library has invested in appropriate technology to protect the security of any personally identifiable information while it is in the library's custody, and we ensure that aggregate, summary data is stripped of personally identifiable information. We do not ask library visitors or website users to identify themselves or reveal any personal information unless they are borrowing materials or making remote use from outside the library of those portions of the library's website restricted to registered borrowers under license agreements or other special arrangements. We discourage users from choosing passwords that could reveal their identity, including social security numbers. We regularly remove cookies, Web history, cached files, or other computer and Internet use records and other software code that is placed on our computers or networks
Security Measures:Our security measures involve both managerial and technical policies and procedures to protect against loss and the unauthorized access, destruction, use, or disclosure of the data. Our managerial measures include internal organizational procedures that limit access to data and ensure that those individuals with access do not utilize the data for unauthorized purposes. Our technical security measures to prevent unauthorized access include encryption in the transmission and storage of data; limits on access through use of passwords; and storage of data on secure servers or computers that are inaccessible from a modem or network connection.
Staff access to personal data:We permit only authorized library employees to access personal data stored in the library's computer system for the purpose of performing library work. We will not disclose any personal data we collect from you to any other party except where required by law or to fulfill an individual user's service request. The library does not sell or lease users' personal information to companies, universities, or individuals.
The Calvin T. Ryan Library will not share data on individuals with third parties unless required by law. Library users who have questions, concerns, or complaints about the library's handling of their privacy and confidentiality rights should file written comments with the Dean of the Library. We will respond in a timely manner and may conduct a privacy investigation or review of policy and procedures.
We authorize only the Calvin T. Ryan Library Dean to receive or comply with requests from law enforcement officers; we confer with our legal counsel before determining the proper response. We will not make library records available to any agency of state, federal, or local government unless a subpoena, warrant, court order or other investigatory document is issued by a court of competent jurisdiction that shows good cause and is in proper form. We have trained all library staff to refer any law enforcement inquiries to the Calvin T. Ryan Library Dean.