Skip to end of banner
Go to start of banner

2019-07-19 LDP data privacy working group meeting notes

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Date

Attendees


We will use Joyce's webex account for our weekly meetings:

https://dukeuniversity.webex.com/join/jcc81

Goals

  • Updates and discuss next steps for our group; what do we take to the Reporting SIG, and is there anything further that our group can do at this time?

Discussion items

TimeItemWhoNotes

Updates from Joyce on LDP reports containing personal attributes that she sent to report owners, to determine whether the reports can remain functional if personal data are removed

Updates from Ingolf about staff data privacy (audit trails)




Meeting Notes

  • Joyce went through all the LDP reports and flagged those containing personal data, which she then sent out to report owners. Of the 36 reports that Joyce flagged, report owners identified 24 that need to retain these data in order to be functional. These will now be shared with the Reporting SIG to determine whether all 24 reports can be made in-app, or whether some have to remain LDP reports, and if so, how do we handle the issue of data privacy?
  • Ingolf 's conversation with a data privacy officer makes it clear that there is a marked difference between European and U.S. Universities in the matter of staff data privacy (audit trails). In Germany, staff data can be stored only is there is a valid reason for this. It must be either a legal reason (required by law), or part of a contract that has been made between the workers' council and the employer and that is valid for all employees. Such contracts are always vetted by Employee Councils, which are part of each organization, and Employee Councils would not agree to staff data being stored for reasons such as running reports on, for example, how many items one individual has catalogued. We discussed how in the U.S., library management systems often have 'notes' fields, and staff members may identify themselves when entering specific notes, so that others may contact them for further information. As well, there is no equivalent of an Employee Council that has a say in staff audit trails. Such trails are used in many different ways in the U.S., and it is unlikely that U.S. universities will be able to do without them. Thus, there will have to be a dual system in FOLIO.
  • Both issues now need to be handed over to the larger FOLIO community, as we may have come to an end of our fact-finding mission.

Action items

Present the above discussion to the Reporting SIG on Monday, July 22nd.


  • No labels