I. REGISTRATION AND CIRCULATION RECORDS

Cooperative Computer Services respects the right of privacy of all persons regarding the use of its services. With respect to records that are related to the circulation of library materials that contain names or other personally identifying details, Cooperative Computer Services follows the Illinois Library Records Confidentiality Act (75 ILCS 70/1, et seq.). This law mandates the confidentiality of all records containing personally identifiable information related to an individual’s use of a library and its resources, facilities and services. Confidentiality includes, but is not limited to, the circulation of library books, periodicals and other materials, electronic resources searches, interlibrary loan transactions and reference requests. Cooperative Computer Services will not disclose confidential information to outside parties unless required to do so by law. The registration and circulation records that are deemed confidential are covered by Illinois State Law as set forth below:

75 ILCS 70/1 Registration and circulation records; statistical reports

1 (a) The registration and circulation records of a library are confidential information. No person shall publish or make any information contained in such records available to the public unless:

(1) Required to do so under a court order; or

(2) The information is requested by a sworn law enforcement officer who represents that it is impractical to secure a court order as a result of an emergency where the law enforcement officer has probable cause to believe that there is an imminent danger of physical harm. The information requested must be limited to identifying a suspect, witness, or victim of a crime. The information requested without a court order may not include the disclosure of registration or circulation records that would indicate materials borrowed, resources reviewed, or services used at the library. If requested to do so by the library, the requesting law enforcement officer must sign a form acknowledging the receipt of the information. A library providing the information may seek subsequent judicial review to assess compliance with this section.

This subsection shall not alter any right to challenge the use or dissemination of patron information that is otherwise permitted by law.

(b) This section does not prevent a library from publishing or making available to the public reasonable statistical reports regarding library registration and book circulation where those reports are presented so that no individual is identified therein.

(b-5) Nothing in this Section shall be construed as a privacy violation or a breach of confidentiality if a library provides information to a law enforcement officer under item (2) of subsection (a). Approved January 2018

(c) For the purpose of this Section, (i) “library” means any public library or library of an educational, historical or eleemosynary institution, organization or society; (ii) “registration records” includes any information a library requires a person to provide in order for that person to become eligible to borrow books and other materials; and (iii) “circulation records” includes all information identifying the individual borrowing particular books or materials.

All registration and circulation records shall be held confidential and will not be disclosed by Cooperative Computer Services except that such records may be disclosed upon the request or consent of the user or where otherwise required by Illinois State Law.

II. PERSONAL INFORMATION PROTECTION

CCS will take all measures reasonably necessary to protect the security, confidentiality and integrity of “personal information” as defined in the Personal Information Protection Act, 815 ILCS 530/1 et seq.

Any suspected breach or compromise of the security (as defined in 815 ILCS 530/5) of CCS data which contains personal information shall be investigated promptly by the CCS Executive Director. Using personal information for a purpose unrelated to the business of CCS, and making personal information available in order to further disclosures that are unauthorized by 815 ILCS 530/5, also constitute breaches or compromises of the security of CCS data.

The CCS Executive Director may consult with local law enforcement officials and/or CCS’s Attorney before making a determination as to notifying the affected individuals that there has been a breach of CCS data which contains personal information.

If notice to the affected individuals is appropriate, notice shall be given in accordance with the Personal Information Protection Act. “Personal information” means an individual’s first name or first initial and last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted or redacted:

• Social Security number
• Driver’s license number or State identification card number
• Account number or credit or debit card number, or an account number or credit card number in combination with any required security code, access code, or password that would permit access to an individual’s financial account

No CCS employee (other than the CCS Executive Director) shall contact any individual about a suspected breach or compromise of the security of CCS data which contains personal information. Every such security-related incident must be reported immediately to the CCS Executive Director and appropriate procedures followed.

“Personal information” does not include publicly available information that is lawfully made available to the general public from federal, State or local government records. 815 ILCS 530/5

CCS does not collect, maintain or use any library patron’s Social Security numbers or store them in our database.

Approved 2018