2019-06-21 Reporting Data Privacy Working Group Meeting Notes

Owned by Vandana Shah
Last updated: Aug 03, 2020
2 min read

Date

Attendees


We will use Joyce's webex account for our weekly meetings:

https://dukeuniversity.webex.com/join/jcc81

Goals

Try to precisely formulate our question to the Reporting SIG about asking them for help in analyzing the LDP reports for dependency on personal data. Present this to the Reporting SIG on Monday, June 24th, 2019.

  • Are we asking the Reporting Sig to help us with scanning all LDP reports, identifying which ones contain personal attributes, and determining whether the report can remain functional if these are removed? If not, what personal attributes are absolutely essential for the report?

Discussion items

TimeItemWhoNotes

Look at list of personal data attributes, make sure we have covered them allallPotential personal data: List of FOLIO attributes

Meeting Notes

As Ingolf was sick and unable to join us, we decided to wait until we heard from him before presenting the list of potential personal attributes to the Reporting SIG. Ingolf has detailed notes on each attribute after his conversation with Hbz's assistant data privacy officer, and we thought it was important to include that information before bringing the list to the Reporting SIG.

Nassib suggested that we should also look at any other data privacy requirements that we can find. So far we have focused on the GDPR. Joyce sent us a link to ALA's Library Privacy Guidelines, and we will look through the link to see if we need to add anything from those guidelines.

http://www.ala.org/advocacy/privacy/guidelines

http://www.ala.org/advocacy/privacy/checklists/library-management-systems

Nassib also suggested that we could compile a list of potential replacement attributes (which don't currently exist) in case some personal attributes are crucial for an LDP report. For example, patron age, or patron age range, can be a potential replacement attribute for date of birth. 

Action items

  • Look at ALA's Library Privacy Guidelines in detail, to see if we need to add information to present to the Reporting SIG.
  • Try and find out if there are any other data privacy guidelines/laws (apart from GDPR and ALA's guidelines)
  • Think of potential replacement attributes