Confidentiality
From SLNSW
Respect for client privacy and a regard for New South Wales laws are part of the reference process.
Contents |
Respecting the Privacy of Clients
Public libraries in New South Wales are subject to the New South Wales Privacy and Personal Information Protection Act 1998 and the Health Records and Information Privacy Act 2002.
These Acts give people some control over the personal information they provide to an agency and the right to know how it will be used.
Librarians must protect each client's rights to privacy with respect to information sought or received, and materials consulted, borrowed, or acquired.
This means that you should not talk about clients' requests outside the library environment. For example, you shouldn't tell your spouse about who dropped into the library to ask about divorce. You should not discuss any questions with anyone that would violate a client's privacy, including other staff. In discussing questions with your colleagues, when seeking their advice, make sure that other people can't overhear.
There are 12 Information Protection Principles which should be adhered to when collecting and using information.
Collection
- Lawful – when an agency collects your personal information, the information must be collected for a lawful purpose. It must also be directly related to the agency’s activities and necessary for that purpose.
- Direct – your information must be collected directly from you, unless you have given your consent otherwise. Parents and guardians can give consent for minors.
- Open – you must be informed that the information is being collected, why it is being collected and who will be storing and using it. The agency should also tell you how you can see and correct this information.
- Relevant – the agency must ensure that the information is relevant, accurate, up-to-date and not excessive. The collection should not unreasonably intrude into your personal affairs.
Storage
- Secure – your information must be stored securely, not kept any longer than necessary, and disposed of appropriately. It should be protected from unauthorised access, use or disclosure.
Access
- Transparent – the agency must provide you with enough details about what personal information they are storing, why they are storing it and what rights you have to access it.
- Accessible – the agency must allow you to access your personal information without unreasonable delay and expense.
- Correct – the agency must allow you to update, correct or amend your personal information where necessary.
Use
- Accurate – agencies must make sure that your information is accurate before using it.
- Limited – agencies can only use your information for the purpose for which it was collected, for a directly related purpose, or for a purpose to which you have given your consent. It can also be used without your consent in order to deal with a serious and imminent threat to any person’s health or safety.
Disclosure
- Restricted – the agency can only disclose your information with your consent or if you were told at the time they collected it from you that they would do so. The agency can also disclose your information if it is for a related purpose and they don’t think that you would object. Your information can also be used without your consent in order to deal with a serious and imminent threat to any person’s health or safety.
- Safeguarded – the agency cannot disclose your sensitive personal information without your consent, for example information about your ethnic or racial origin, political opinions, religious or philosophical beliefs, health or sexual activities or trade union membership. It can only disclose sensitive information without your consent in order to deal with a serious and imminent threat to any person’s health or safety.
Find out how your library protects its clients privacy.
Censorship
Information about censorship, including internet censorship is available from the State Library of New South Wales.
Major Point: Libraries must protect each client's right to privacy and confidentiality.
Exercise
- Find out what your library is doing in regards to the Privacy and Personal Information Protection Act 1998.
- Do you know what records are kept of reference transactions and the confidentiality policies regarding the records? Look at the following questions about library records situations. What similar situations might arise for records kept for reference transactions, with in-house or remote services?
- A member of Council wants to see the client record for her son. He's 19. May the Council member view these records?
- You have to leave a message on an answering machine for a client that an Interlibrary Loan book is in. Do you include the name of the book in the message?
- A police officer wants to see library records for a client arrested for child molestation. The officer doesn't have a warrant. Are you required to provide the record?
- The library emails newsletters to all clients. The local Chamber of Commerce would like to use the list of client addresses for their own newsletter. Can you do that?
- A father requests the library records of his son aged 9. You know that the parents are divorced and that the mother has sole custody of the child. Do you release the records to the father?
You might want to discuss these questions with your supervisor.
