Hartford Public Library (the Library) is committed to protecting the confidentiality of its customers.  We believe that privacy is essential to the exercise of free speech, free thought, and free access to information.  To that end, the Library minimizes the amount of personally identifiable information that it gathers, and retains information about transactions only as long as it is needed for the efficient operation of the library.  Information on customer use of the library is only disclosed under the conditions set forth by Connecticut State Statute Sec. 11-25 and the Library’s Privacy, Confidentiality and Law Enforcement Request Policy:

Connecticut State Statute Sec. 11-25 Reports by libraries: Confidentiality of records.

(a) The libraries established under the provisions of this chapter, and any free public library receiving a state appropriation, shall annually make a report to the State Library Board.

(b) (1) Notwithstanding section 1-210, records maintained by libraries that can be used to identify any library user, or link any user to a library transaction, regardless of format, shall be kept confidential, except that the records may be disclosed to officers, employees and agents of the library, as necessary for operation of the library.

      (2) Information contained in such records shall not be released to any third party, except (A) pursuant to a court order, or (B) with the written permission of the library user whose personal information is contained in the records.

      (3) For purposes of this subsection, “library” includes any library regularly open to the public, whether public or private, maintained by any industrial, commercial or other group or association, or by any governmental agency, but does not include libraries maintained by schools and institutions of higher education.

      (4) No provision of this subsection shall be construed to prevent a library from publishing or making available to the public statistical reports regarding library registration and use of library materials, if such reports do not contain personally identifying information.

Confidential Information Retention

The Library shall endeavor to create and maintain only necessary records. The Library shall create and follow a schedule for the deletion of personally identifiable information when such information is no longer necessary for the efficient operation of the Library. The Chief Executive Officer shall have sole discretion with respect to determining the appropriate retention of records.

Law Enforcement Requests

Any Library records containing personally identifiable information are confidential and shall not be made available to any agency of state, federal, or local government without the individual’s authorization, except pursuant to such proper process, order or subpoena, as may be authorized under the authority of, and pursuant to, federal, state, or local law relating to civil, criminal, or administrative discovery procedures or legislative power. Library records that may be subject to discovery may include: card registration with personally identifying information, current materials circulation, outstanding fines, computer sign-up, Internet searches, and program registration.

The Chief Executive Officer, and/or any person duly appointed in writing by the Chief Executive Officer, shall be responsible for handling all law enforcement or similar requests to obtain the Library’s confidential information.

If there is a request for confidential information:

• the Library staff shall immediately refer all law enforcement inquiries to the Chief Executive Officer, or in his or her absence, to his or her duly appointed designee;
• the Library staff shall not release any Library confidential information until authorized by the Chief Executive Officer, or in his or her absence, by his or her duly appointed designee; and
• the Chief Executive Officer, or in his or her absence, his or her duly appointed designee, shall immediately consult with appropriate legal counsel to determine if such request is in proper form and to formulate an appropriate response.

If the law enforcement agent or officer does not have a subpoena or court order compelling the production of records, the Chief Executive Officer shall explain the Library’s privacy and confidentiality policy and the state’s confidentiality law and inform the agent or officer that the Library’s confidential information is not available without the production of a valid subpoena or court order. If the agent or officer produces a subpoena or court order, the Chief Executive Officer shall immediately refer it to legal counsel for review. Based upon advice of legal counsel, the Chief Executive Officer, or his or her duly appointed designee, shall determine whether to release the requested confidential information.

Subject to the provisions of applicable law, the Chief Executive Officer will report in writing to the Board of Directors, at least monthly, describing each instance, if any, in which the Library has received a request for information from state or federal law enforcement agents, whether informally or by subpoena or court order, including the Library’s response to such request and the current status of each request.

Enforcement

The provisions of this Privacy, Confidentiality and Law Enforcement Request Policy will be construed and enforced by the Chief Executive Officer at his or her sole discretion.
All decisions, determinations and actions taken by the Chief Executive Officer or any other
Library staff person with respect to this Privacy, Confidentiality and Law Enforcement
Request Policy is subject to review only by the Board of Directors.

Amendment

The Library Board of Directors reserves the right to amend this Privacy, Confidentiality and Law Enforcement Request Policy at any time.

Originally Adopted by the Board of Directors May 1981
Amended November 2001
Revised February 2010