About the CSI Library: Policy: Privacy

The statement below explains the steps that College of Southern Idaho Library takes to respect and protect your privacy when you use library resources.

CSI Library has a deep-rooted commitment to protecting the privacy and confidentiality of library users. This commitment is in compliance with local, state and federal rules and is consistent with the American Library Association's Code of Ethics.   

Privacy and confidentiality practices
A. Notices and openness: CSI Library posts its privacy and confidentiality practices on the library website and regularly reviews them with library staff, and student workers. The library avoids creating unnecessary records and retains records in conformance with applicable records retention regulations.

B. Gathered and retained information: Information gathered and retained may include the following:

• Students and CSI employees: Information required to have a library account is provided through CSI Student Identification Cards or the CSI Faculty and Staff Directory. That information is not retained when a student or employee leaves CSI once the account is in good standing and the prescribed retention period has been completed.
• Community users: Information is retained as long as the user has an account with CSI Library.
• Records of material checked out, charges owed, payments made.
• Electronic access information.
• Requests for interlibrary loans, or reference service.

C. Choice and consent: If you provide personally identifiable information to CSI Library, it may retain your private and personally identifiable information. If you provide CSI Library with personally identifiable information, the library will keep it confidential and will not sell, license, or disclose personal information to any third party without your consent, except agents working on behalf of the library or unless CSI library is legally required to do so.

D. User access and responsibility: You are entitled to view your personally identifiable information and are responsible for keeping your information accurate and up-to-date. The library will explain the process for accessing or updating your information on its website or in person, upon request.

E. Data integrity and security: CSI Library takes reasonable steps to ensure data integrity and protects personally identifiable information by electronically purging or manually shredding data once the prescribed retention period has been completed. When CSI provides aggregate summary data for which personally identifiable information is not needed, CSI removes personally identifiable information.

F. Third-party security:

• CSI Library ensures that the library’s contracts, licenses, and offsite computer service arrangements reflect library policies and legal obligations concerning user privacy and confidentiality. Library agreements address appropriate restrictions on the use, aggregation, dissemination, and sale of that information.
• When connecting to licensed databases outside the library, the library releases only information that authenticates users as registered CSI Library borrowers. Nevertheless, users must be aware, when accessing remote sites, that there are limits to the privacy protection the library can provide.

G. Cookies: Users accessing the library’s website will need to enable cookies in order to access a number of resources available through the library. Library servers use cookies solely to verify that a person is an authorized user in order to allow access to licensed library resources and to customize web services to that user’s specification. Cookies sent by library servers containing authorization information will disappear soon after the user’s computer browser is closed.

H. Security measures: Library procedures limit access to data and data for unauthorized purposes. CSI Library limits access through use of passwords.

I. Staff access to personal information: Library staff may access personal data stored in the library’s computer system only for the purpose of performing their assigned library duties. Staff are prohibited from disclosing your personal data to any other party, unless required by law or to fulfill your service request. The library does not sell, lease, or give users’ personal information to companies, governmental agencies, or individuals except as required by law or with a user’s authorization.

J. Enforcement and redress: If you have a question, concern, or complaint about CSI Library’s handling of your information, you may file written comments with the Library Director. CSI Library will respond in a timely manner and may conduct a privacy investigation or review of practices and procedures. The Library Director is custodian of library records and is the only party authorized to receive or comply with public-records requests or inquiries from law enforcement officers. The Director may delegate this authority to designated members of the library’s staff. The Director may confer with the Director of Public Safety, or the Executive Vice President before determining the proper response to any request for records. CSI will provide state, federal, or local government authorities with personally identifiable information only when it is legally required.

K. Illegal activity is prohibited and not protected In accordance with CSI Policies, library users may not use CSI resources to commit illegal actions. Nothing in this statement prevents the library from exercising its right to enforce its behavior rules, protect its facilities, network, and equipment from harm, or prevent the use of library facilities and equipment for illegal purposes. The CSI Office of Institutional Information & Effectiveness can electronically monitor public computers and external access to its network and reserves the right to do so. Staff is authorized to take immediate action to protect the security of library users, staff, facilities, computers, and network. This includes contacting law enforcement authorities and providing information that may identify the individual(s) perpetrating a violation.