|
|
Privacy
Guidelines for
British Columbia Public Libraries
8. Personal Information
Access & Correction
Individuals have a right to request access
to or a correction of their own personal information (Act, ss. 4 & 29).
Routine information access or correction, such as access to borrowing
history or a change of address, may be facilitated by any employee or
volunteer with authority. Non-routine requests for access or correction
should go through the library’s FOI/Privacy Officer (Act, s. 5).
a) Access to routine information
|
Where possible, individuals should be given routine
access to their own personal information, such as their borrowing history
(if applicable) and current address on record. Care is needed to ensure
that it is actually the individual the personal information relates to
that is gaining access.
Access by employees or volunteers to patron information
should be on a need to know basis only (see "Security"). Those employees
or volunteers who are authorized to help individuals access their own
personal information should only do so when individuals are having
difficulties accessing the information on their own.
|
b) Access to non-routine information
| Patrons should be referred to the library’s FOI/Privacy
Officer to apply formally for access and corrections to non-routine
information (e.g. for notes employees or volunteers may have recorded
regarding them) (Act, s. 5). This is particularly important because there
are instances where the library is required to withhold certain
information. The FOI/Privacy Officer is the best person to make
this determination. |
c) Correction of personal information
| Employees or volunteers with authority to do so may make
routine corrections, such as
change an address (Act, s. 77(b)). However, only the individual herself
should be permitted to provide her change of address (unless it is for her
child’s card, debt collection purposes, or another purpose where FOIPPA
allows collection indirectly - see Act, s. 27(1)). Non-routine corrections
should be referred to the library’s FOI/Privacy Officer (Act, s.
29). |
d) Children
|
Children who are "capable" of doing so may exercise their
own rights to access or
correct their personal information
(Reg., s. 3).
Libraries may also have policies allowing parents or
guardians
to access or correct their child’s
personal information where the child is less than 12 years of age.
If a child under 12 objects to her parent accessing or
correcting personal information about her, or if a child is over 12, the
parent’s request should be referred to the library’s FOI/Privacy
Officer. This can be a complex area and the FOI/Privacy Officer
is in the best position to determine what is appropriate.
Box 8.1
|
|
Examples
of when the FOI/Privacy Officer may give a parent access to a
child’s personal information:
-
Where
-
the
parent has custody of the child,
-
the
child is too young to be capable of exercising her own right to access
the information, and
-
the
parent is attempting to exercise that right on behalf of the child
(not in the parent’s own interests) (Reg., s. 3).
-
Where
there are "compelling circumstances affecting anyone’s health or
safety" (See Act, s. 22(4)(b) for more information).
|
e) Others (employees, volunteers, donors)
| Employees, volunteers and donors
also have the right to access and correct their personal
information. Requests should be handled as outlined above.
|
|
