The privacy of employees’ and customers’ personal information is important to the Detroit Public Library (DPL).
Personal information is any information provided to an entity that identifies you as an individual, including name, address, social security number, credit rating, etc. It is a common practice and often a necessity for organizations to collect personal information to conduct business or offer services. This policy is intended to protect personal information and prohibit unlawful disclosure.
This policy is provided as required by law and represents the way the Detroit Public Library collects and uses personal information. It applies to all individuals and organizations that ask about and/or obtain information, and specifically all employees of the Detroit Public Library.
II. PROTECTION AND SECURITY
The Detroit Public Library has implemented physical security measures, guidelines and technology access restraints to protect employees’ and customers’ personal information from unauthorized access, alteration, destruction, tampering, misuse of information and loss.
The Detroit Public Library makes every effort to ensure appropriate security of data, in addition to complying with applicable federal and state legislation, including but not limited to: the Privacy Act of 1974, the Freedom of Information Act of 1976, the Elliott-Larsen Civil Rights Act of 1976.
The Detroit Public Library web site is protected by software security protocols; however, if an individual leaves DPL’s web site and links to another, the second web site security procedures will be in effect.
E-mail is not necessarily secure against interception (see Electronic Communications Policy). The security protocols of the Internet Service Provider (ISP) and that of the message recipient’s ISP will impact the security of transmission.
III. COLLECTION OF INFORMATION
Generally, the Detroit Public Library only collects that information pertinent to employment practices. This information is provided by the employee and its use is necessary to conduct business as an employer.
If an individual visits DPL’s website or downloads information, DPL collects and stores the name of the domain from which the Internet was accessed, the date and time of the access, and the Internet address of the web site that directly linked the individual to DPL’s site.
In order to collect the web site information, DPL uses “cookies”. Cookies are small pieces of temporary data that facilitate the exchange between an individual and DPL’s website. Cookies assist in letting an individual navigate through DPL’s web site. These cookies are stored on the individual PC only during the active session linking the individual to DPL’s web site. Once the session has ended, the cookies are deleted.
Employees do not have to provide any personal information when accessing DPL’s web site. If an individual chooses to send a message to an e-mail address on this site, DPL will use that information to respond to the individual’s message or to fulfill the stated purpose of that communication.
IV. USE OF COLLECTED INFORMATION
The use of personal information is limited to those instances referring to employment, payment for employment, references, and selected third parties which include:
Financial service providers, such as mortgage bankers/brokers, insurance agents, indirect loan originators, correspondent lenders, and transaction providers
Government reporting entities, as required by employment legislation
Use of information collected from web site access is limited to the creation of summary statistics to track the number of visitors to it’s web site, monitor system performance and to make DPL’s site more useful to our visitors.
Detroit Public Library may share personal information as provided by law, such as:
To enable organizations that provide services for DPL, such as the Michigan Secretary of State, Unemployment Insurance Agency, benefit providers, unions, etc.
To complete employee initiated transactions
To service or process an employment agreement
To protect the rights, property or safety of Detroit Public Library
To comply with a legal requirement or process
To comply with an employee’s request or authorization to share information
V. DISPOSAL & RETENTION OF INFORMATION
Subject to the requirements of the Detroit Public Library Record Destruction Policy, (i) all records containing personal information of employees and customers will be disposed of in accordance with the Michigan Public Libraries’ General Schedule #17; and (ii) working documents that contain personal information will be physically secured while work is not being performed and shredded upon completion of work.
VI. PENALTIES FOR POLICY VIOLATIONS
Employees who violate this policy are subject to discipline, up to and including discharge.
Any person who violates the Social Security Number Privacy Act is guilty of a misdemeanor punishable by imprisonment for not more than 93 days, a fine of not more than $1,000.00 or actual monetary damages including attorney fees, or both, as provided in said act.