Library Privacy Checklist 7: Students in K-12 Schools

Library Privacy Checklist 7: Students in K-12 Schools

This checklist is intended to help libraries of all capacities take practical steps to implement the principles that are laid out in the Library Privacy Guidelines for Students in K-12 Schools.

Priority 1 are actions that hopefully all libraries can take to improve privacy practices. Priority 2 and Priority 3 actions may be more difficult for libraries to implement depending on their technical expertise, available resources, and organizational structure.

Priority 1 Actions

  1. Create internal library procedures to protect student privacy based on:
    1. school policies related to privacy and confidentiality of student data, especially student circulation records and the use of library resources in all formats.
    2. federal laws such as the Family Educational Rights and Privacy Act (FERPA), Children’s Online Privacy Protection Act (COPPA), and state privacy laws regarding library records.
    3. ALA and AASL policy statements, online tool kits and Q & A’s, guidelines, and other resources provided by national and state library associations.
  2. Collect the minimum amount of information necessary about students to conduct library business.
  3. Configure circulation software to delete students’ borrowing history and retain only necessary records.
  4. Ensure any paper records with sensitive information are stored in a secure area and shredded when no longer needed.
  5. Train library staff and volunteers to respect students’ privacy and the confidentiality of their library records.

Priority 2 Actions

  1. Educate administrators, faculty, and support staff about students’ library privacy and the confidentiality of student data using a variety of communication methods.
    1. Initiate conversations with the principal, teachers, students, and parents about the need for an official library privacy policy.
  2. Add privacy-related resources to the library collection including items related to personal privacy, minors’ privacy rights, and privacy as a national and international issue.
    1. Consider creating a privacy information section on the school library web page or a privacy-themed pathfinder (e.g. LibGuide) with privacy resources.
  3. Integrate online privacy into library instruction and programming. For example:
    1. Introduce students to online privacy information such as secure passwords and web tracking during library orientations and other brief presentations.
    2. Celebrate Choose Privacy Week and other privacy-related observances (Data Privacy Day, Teen Tech Week, etc.) with the school community.
    3. Create privacy-related displays and set up videos in the library to educate parents during during parent-teacher conferences and other evening school and community events
    4. Offer presentations to parents about students’ privacy online and other topics of interest to families.
  4. Advocate within the school or district for protecting students’ privacy rights in learning management systems or other technologies that enable educators to monitor student reading and research habits. Assessment should not include monitoring how students use specific library materials and online resources as part of free inquiry and research.
  5. Volunteer to serve on the school’s data governance committee. If one does not exist, advocate for its creation.

Priority 3 Actions

  1. Work with other stakeholders in the school or district to create an official library privacy policy in regards to student circulation records and the use of library resources.
    1. The privacy policy should be approved by the school’s governing body (e.g. school board, school committee, etc.)
    2. Post the policy in the library and on the library’s section of the school website.
    3. Promote the library’s privacy policy within the school community.
  2. Work through school lines of authority to write or adapt a K-12 privacy curriculum and have it formally approved and taught. Collaboratively teach privacy units with teachers using the  iKEEPSAFE and/or other privacy curricula.
  3. Work with school officials to incorporate privacy protections into RFP’s and resulting contracts. Discuss privacy concerns with digital resource and technology vendors, especially in regards to the school’s/library’s contracts with these vendors.
  4. Ensure that all online transactions between client applications and server applications are encrypted.
  5. Ensure that storage of personally identifiable student information is housed using encrypted storage.



ALA/AASL Policy statements


Learning Resources

Teaching Tools