Privacy Policies & Guidelines

Adopted by the American Fork City Council on May 27, 2008*

*This policy (i.e, the American Fork Library Privacy and Confidentiality of Library Records Policy and Guidelines) was approved by the American Fork Library Board of Trustees, in a duly-called, open meeting of the same, on April 9, 2008; and was recommended to the American Fork City Council for adoption, as an official policy of the city, to be effective immediately upon adoption by said Council.

Privacy & Confidentiality of Library Records
This policy protects the privacy of those who borrow materials and request information from the American Fork Library. The Library also protects the privacy of those who use its Web sites and other electronic services.
The American Fork Library will abide by the Utah Code in maintaining privacy and confidentiality of library records.

At the state level, Utah Code, Section 63-2-302 (1) ( c ) provides as follows:

The following records are private:
Records of publicly funded libraries that when examined alone or with other records identify a patron.

All circulation records and other records identifying the names of library users are to be held confidential. Information contained in a patron record may only be released under the following limited circumstances as described in Section 63-2-202 (1) of the Utah Code:
  • Upon request, a governmental entity shall disclose a private record to:
  • The subject of the record;
  • The parent or legal guardian of an unemancipated minor who is the subject of the record;
  • The legal guardian of a legally incapacitated individual who is the subject of the record;
  • Any other individual who:
    • Has a power of attorney from the subject of record;
    • Submits a notarized release from the subject of the record or his legal representative dated no more than 90 days before the date the request is made; or
    • If the record is a medical record described in Subsection 63-2-302 (1) (b), is a health care provider, as defined in Section 26-33a-102, if releasing the record or information in the record is consistent with normal professional practice and medical ethics; or
  • Any person to whom the record must be provided pursuant to court order as provided in Subsection (7) or a legislative subpoena as provided in Title 36, Chapter 14.
  • If there is more than one subject of a private or controlled record, the portion of the record that pertains to another subject shall be segregated from the portion that the requester is entitled to inspect.
  • Before releasing a private, controlled, or protected record, the governmental entity shall obtain evidence of the requestor's identity.
See Utah Code Section 63-2-302. Private records: and Utah Code Section 63-2-202. Access to private, controlled, and protected documents.

As a public institution the Library is legally obligated to comply with the information request requirements of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act, commonly known as the USA Patriot Act, enacted on October 26, 2001, or its successor. Under provisions of the Act, the Federal Bureau of Investigation (FBI) and law enforcement officials may seek court orders for library records for investigations relevant to national security or terrorism. Libraries or librarians served with these search warrants may not disclose, under penalty of law, the existence of the warrants or the fact that records were produced as a result of the warrants. Patrons cannot be told their records were given to law enforcement agencies or that they were the subjects of FBI investigations.

User Rights
User rights outlined here are based in part on what are known in the United States as the five "Fair Information Practice Principles." These 5 principles outline the rights of Notice, Choice, Access, Security, and Enforcement.
This policy describes patron privacy and confidentiality rights, the steps this library takes to respect and protect patron privacy when using library resources, and how the library deals with personally identifiable information that may be collected from library users.

1. Notice & Openness
The library does not create unnecessary records, only retains records required to fulfill the mission of the library, and does not engage in practices that would place information on public view.

While the library must maintain records of information such as overdue and lost items, outstanding fines, and payments to patron accounts, these records are kept secure and are purged from the library's computer system when no longer needed for library business purposes.

Specific Existing Library Records:
Database Search Records
Searches of the collection using Horizon Information Portal, the online catalog, are conducted by using the library's automated circulation system, Horizon. Once a search is conducted, the software does not retain a copy of the search. Records of the search no longer exist. Searches of other databases, such a newspaper, magazine or automobile repair databases, licensed by the State Library system are retained for up to 24 hours in the workstation history.

Circulation Records
Data matching items with patrons is stored on the Horizon system while the material is checked out to the patron. When an item is returned and any fees and fines are paid, it is removed from the borrower's file but a link to the borrower is maintained until the item is loaned to the next borrower.

Copies of the operating system, application software and databases, and transaction records of the Horizon integrated library system are stored on backup media offsite. Nightly backups are stored for one month. The information is retained in the event that a catastrophic hardware or software failure would require restoration of software data files.

Video cameras are used only for the purpose of surveillance of traffic entering and leaving the library. Recording begins with motion and rewrites over prior recording depending upon the number of cameras, the light and activity levels. There is no long term storage unless a specific incident is saved for surveillance purposes and requires authorized access.

Inter-Library Loan Records
Patrons may borrow items not owned by the American Fork Library from other libraries nationwide via Inter-Library Loan (ILL). American Fork tracks items being borrowed and generates a paper record with patron information. The Library keeps records for one year.

Reference Interviews
A reference interview occurs when a patron looking for information approaches staff and staff interacts with the patron in order to narrow down the specific information needed. No paper record is kept during the interview that has any patron information on it. If a patron name and number is taken by phone, and patron information is written down, as soon as the requested information is delivered, the paper record is destroyed.

The American Fork city Administration Department does handle delinquent fees, including library fees, and there are times basic information needs to be provided to the Administration Department for collection of delinquent library fees. The basic information provided could be any or all of the following: name, address, phone number, date of transaction.

2. Choice & Consent
This policy explains the library's information practices and the choices patrons may make regarding the manner in which personal information is collected and used. The library will not collect or retain any private or personally identifiable information other than that information required to open an account.

If library users wish to receive borrowing and other privileges, the library must obtain certain information about them in order to establish an account (e.g., name, phone number, and address). When visiting the library's Online Catalog, patrons may be required to provide library bar code number in order to access their own account information. Patrons have the option of providing the library with their email address for the purpose of notifying them about their library account. They may request that the library remove the email address from their record at any time.

Personally identifiable information provided will be kept confidential and will not be disclosed to any third party unless the library is compelled to do so under the law.

3. Access by Users
Individuals wishing to update or verify the accuracy of personal information may do so at the library's Circulation Desk. To ensure security of personal data, verification of identity will be required in the form of a photo I.D. (E.g., driver's license, passport, etc.).

The purpose of accessing and updating personally identifiable information is to ensure that library operations function properly. Such functions may include: notification of the availability of reserved or Interlibrary Loan items, reminders of overdue materials, etc.

4. Data Integrity & Security
The data collected and maintained by the library must be accurate and secure. Reasonable steps are taken to assure data integrity and security. Personally identifiable information is protected from unauthorized disclosure.

Tracking Users
Library visitors or website users are not asked to identify themselves or reveal any personal information unless they are: borrowing materials, requesting special services, registering for programs or classes, accessing the Internet in the library, or making remote use from outside of the library of those portions of the library's Web site restricted to registered borrowers under license agreements or other special arrangements.

Links between patron records and materials borrowed are removed when items are returned and records deleted as soon as the original purpose for data collection has been satisfied.

Third Party Security
When connecting to resources outside the library's direct control, the only information released is that which authenticates users as "members of the library community." The library is not responsible for protecting personal information gathered by outside websites.

Staff Access to Personal Data
Only authorized library staff with assigned, confidential passwords shall have access to personal data stored in the library's computer system for the sole purpose of performing library work. Except when required by law or to fulfill an individual user's service request, the library will not disclose any personal data collected from patrons. The library does not sell or lease patrons' personal information to any individual entity.

5. Enforcement & Redress
American Fork Library will maintain the Utah Code in providing privacy and confidentiality. Under supervision privacy audits may be conducted by library personnel to ensure that all library programs and services comply with this Privacy Policy. Patrons who have questions, concerns, or complaints regarding the library's handling of their privacy and confidentiality rights should file written comments with the Library Director.

Only the Library Director or designee is authorized to receive or comply with requests from law enforcement officers. Library records will not be made available to any agency of the state, federal, or local government unless the library is served with a subpoena, warrant, court order, or other authorized request that legally requires compliance. The library staff will seek legal counsel from the city Attorney's Office to determine if such process, order or subpoena is in proper form and if there is a showing of good cause for its issuance. Response to the request will be according to advice of counsel.

Adopted by the American Fork Library Board
May 14, 2008

Third Party & Law Enforcement Requests for Library Records & User Information
The legal custodian of records for the American Fork Library is the Library Director. As the legal custodian of records, the Library Director is the person responsible for responding to any request for library records or information about a library user.

The Library Director may designate one or more library employees to serve as persons responsible for responding to any request for library records or information about a library user when the Library Director is absent or unavailable.

The circulation and registration records of the American Fork Library shall not be made available to any third party nor any law enforcement agency of a local, state, or federal government except when a court order in proper form, issued by a court of competent jurisdiction after a showing of good cause, is presented by the law enforcement agency or person seeking the records.

No library employee or volunteer may release library records or reveal information about a library user to any third party or law enforcement agent unless authorized to do so by the Library Director or the Library Director's designated alternate. In all circumstances, without exception, employees and volunteers shall follow the procedures set forth in American Fork Library Staff Procedures, "Guidelines for Responding to Requests for Library Records and User Information."

The Library Director and the American Fork Library Board of Trustees are jointly responsible for ensuring that every library employee and volunteer is provided with a copy of this policy and the staff directive and ensuring that every employee and volunteer participates in a training program on their implementation.

Adopted by the American Fork Library Board
May 14, 2008