TPL-GEN-07_Confidentiality and the protection of privacy
1.0 Purpose: The Timmins Public Library recognizes that in order to fulfill its mission statement, library users and staff must not feel constrained in their use of library resources because they fear invasion of personal privacy. The users’ choice of materials they borrow and websites they visit is a private matter. The Library will therefore make every reasonable effort to ensure that personal information about its users and their use of library materials, services and programs remains confidential.
Personal information is defined in the Municipal Freedom of Information and Protection of Privacy Act, R.S.O. 1990, c. M.56 “MFIPPA”, in part, as “recorded information about an identifiable individual.” This could include, in the library context, information on a user’s borrowing habits, as well as information related to computer use, including sign-up sheets and information on Internet use.
2.0 Board Responsibilities
The Board ensures that:
- the Library complies with the spirit, principles and intent of the MFIPPA;
- members of the public have access to information about the operations of the library and to their own personal information held by the Library in accordance with the access provisions of the MFIPPA;
- the privacy of an individual’s personal information is protected in compliance with the privacy provisions of the MFIPPA;
- staff may view and amend patron records as required to perform appropriate library functions;
- staff are not permitted to view or amend records outside the scope of their duties.
The Board is responsible for personal information under its control and designates the Chief Executive Officer (CEO) as the individual accountable for the organization’s compliance with legislation and ensures that:
- the purposes for which personal information is collected shall be identified by the Library at, or before, the time the information is collected;
- consent of the individual is acquired for the disclosure of collection use or personal information;
- the collection of personal information shall be limited to that which is necessary for the proper administration of the Library and the provision of library services and programs.
3.0 Retention
The Library will not retain any personal information related to the items borrowed or requested by a user, or pertaining to a user’s on-line activity, longer than is necessary for the provision of library services and programs, or when users voluntarily opt in to do so; for example, in order to enhance or personalize library functions or services.
- Examples of retention of personal information:
- Personal information regarding library transactions remain in the user database as long as the circulation record indicates that an item remains on loan or fees remain unpaid
- Records of returned items that have no outstanding fees/charges remain on the user record in the circulation database until the end of the working day, or indefinitely if the user has voluntarily enabled the checkout history option on their account
4.0 Disclosure
The Library will not disclose personal information related to a visitor or a library user to any third party without obtaining consent to do so, subject to certain exemptions as provided by the MFIPPA. With the approval of the CEO, personal information will be disclosed:
- to a parent or guardian of an individual younger than (16) years of age
- to someone holding Power of Attorney for a specific individual
- in response to the request for specific personal information from a law enforcement agency supported by a warrant
- to police in the absence of a search warrant to aid an investigation (at the CEO’s discretion)
- in compassionate circumstances to facilitate contact with next of kin or a friend of an individual who is injured, ill or deceased (at the CEO’s discretion)
- to the Library’s authorized collection agency for the collection of library property, unpaid fees, fines or other charges
The Library may allow certain of its service providers access to relevant personal information solely for the purpose of maintaining the Library’s electronic services
5.0 Safeguards
- personal information shall be protected by security safeguards appropriate to the sensitivity of the information
6.0 Accuracy
- personal information shall be as accurate, complete and up-to-date as is necessary for the purpose for which it is used
- members are responsible for identifying changes in personal information such as name, address or contact information to maintain the accuracy of their information
7.0 Electronic Communication
The library will ensure that all electronic messages clearly identify the subject of communication, the Timmins Public Library is identified as the sender, and that the library’s contact information is available.
Obtaining a library card implies the individual’s consent to authorize the library to send electronic notifications regarding personal borrowing and transaction activities using their preferred method. Individuals may request not to receive notifications although such an action may affect their ability to use the affected library services.
The library may, at times, use electronic means to promote services, share information, or announce special events. The library will seek the individual’s consent before sending promotional electronic messages. The library will provide options to individuals to easily unsubscribe from the services or change their preferences at any time.
8.0 Access
An individual shall be able to address any concerns with the above principles to the CEO.
Upon request, an individual shall be informed of the existence, use, and disclosure of his or her personal information, and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate
To access to your personal information held by the Library, please send your request in writing to:
Carole-Ann Demers, CEO
Timmins Public Library
320 Second Avenue
Timmins, ON P4N 8A4
The Timmins Public Library charges a fee of $5.00 per request, as permitted by the MFIPPA regulations. Additional fees may include search/retrieval time, photocopying charges and time spent preparing records for disclosure.
REFERENCES:
Municipal Freedom of Information and Protection of Privacy Act, R.S.O. 1990, c. M.56 “MFIPPA”
Motion TPL-21-30 June 28, 2021