General Data Protection Regulation effect on libraries in India

General Data Protection Regulation effect on libraries in India

GDPR  It is enforced by the European Union on 25 May 2018. The GDPR is designed to protect the data privacy of European Union citizens by reshaping the way organizations across the region deals with data privacy.

Aims of GDPR:
1. It aims of giving users greater transparency and control of how their personal data is processed.
2. Increased accountability on the part of  organizations using the personal data.
3. Enhanced rights for citizens.

In Libraries:

All Library managers should be familiar with the GDPR. How is it going to impact our libraries? What may be the legal matters related to GDPR? What are the Data protection rules? Some points to be kept in mind while being compliant with GDPR.

Libraries have the personal data of their users for giving them various services. This personal data may include users’ basic information such as Name, address, phone number, email id and IP address. This data is used in various services providing by the library professionals. So, the library will be responsible for any personal data breach while providing the services, either the services are being provided by the third party in your library like vendors, cloud providers, etc.

     For being in compliance with the data protection rules, libraries should analyze:

(i) The sources from which the personal data of users is being collected.

(ii) How much data is needed for the library activities?

(iii) How long that data needs to be kept stored in libraries.

(iv) Librarians must take the consent from the library users for collecting the personal data and using it in various activities.

(v) Librarians must ensure that all the privacy policies are known to the users.

(vi) All technical measures should be taken to be in compliance with Data protection policies.

GDPR effect in Indian libraries

Any organization that is dealing out of India to provide services and collects and process the personal data of European Union citizen needs to comply with GDPR. Although in India GDPR is not applicable but businesses all around the world including India are trying to update their data privacy policies and consequently affecting Indian nationals.

 In libraries of India which are dealing with EU products like Journal subscription, cloud services or Library Management software are more ensured about the safety of their users’ personal data that is being used by EU organizations/ Businesses. And if our libraries are dealing with users outside India for providing services and collecting their personal data then they must be in compliance with GDPR and should revise their data protection policies in order to ensure safety and security of the users’ data.

To know more:

1. https://www.eugdpr.org/

2.http://www.oclc.org/blog/main/gdpr-what-does-it-mean-for-oclc-and-your-library/

3.https://www.ifla.org/files/assets/clm/publications/briefing_general_data_protection_regulation_2018.pdfnow is here.