Charlotte,
We at UEA are looking into exactly this issue right now. Since records of cash transactions must legally be kept for 7 years and we could not reliably identify such patrons 'globally', we currently work on a policy, established in 2008/9, of keeping everyone for 7 years after expiry, with a certain amount of 'data minimisation' (removing personal details) before then. We are now re-thinking this, because we need to keep patron records effectively permanently if we are to exploit management information fully - the patron record is the main link with our university's registry data (without it no connection can be made). I am proposing here that we never delete, but go for a much stricter data minimisation (removing all personal details not necessary for reporting). We have so far had *informal* advice from our Information Policy and Compliance people, suggesting that this may well be viable because it is actually common practice, but we will not be getting a formal opinion until we have discussed and agreed internally that this is the way we want to go.
Given that this is what we are thinking about, I'd be interested myself in other libraries' views.
HTH. Best wishes,
Alan
==============================
Mr A.V. Exelby,
Systems/Databases Librarian.
The Library,
University of East Anglia,
Norwich Research Park,
Norwich, NR4 7TJ
Tel.: 01603 592432
E-mail: [log in to unmask]
Information Services
================================
"Man, who'd have thought being a librarian could be so tough"
Seamus Harper, in 'Harper 2.0', "Andromeda".
>-----Original Message-----
>From: A general library and information science list for news and discussion.
>[mailto:[log in to unmask]] On Behalf Of Charlotte Stock
>Sent: Monday, January 25, 2016 2:41 PM
>To: [log in to unmask]
>Subject: Management Policy for Student Records on the LMS
>
>The Data Protection Act does not specify minimum or maximum periods for
>retaining personal data; it simply states that "Personal data processed for any
>purpose or purposes shall not be kept for longer than is necessary for that
>purpose or those purposes."
>
>I am looking to draw up a "Database management policy" and would be
>interested to know what guidelines are observed by other educational
>institutions, in terms of keeping or deleting the records of former students on
>their library management systems.
>
>Thank you in advance for any advice or information you can offer.
>
>Regards
>Charlotte Stock
>Boston University - London
|