Details
Description
Purpose: To share the high-level requirements for this feature with the tech team so we can begin a conversation around best path forward.
Background: Due to privacy concerns (both legal and voluntary), many institutions anonymize loan data. In other words, they remove identifying information about the patron (e.g. name and identifiers) from historic loans. Other patron metadata (e.g. patron group) is retained for statistical reporting purposes.
Institutions may anonymize data either as policy (scrubbing patron information from all closed loans), or at the request of a specific patron. This story only covers one-time, manual anonymization of closed loans, breaking the link between the closed loan & the patron and removing the anonymized loans from the patron's list of closed loans.
Anonymization of closed loans elsewhere:
- Loan scrubbing
- Tenants should be able to determine a time period (specified in days) after which loan data will be anonymized (it should also be possible to not ever anonymize)
- Ultimately, each library within a tenant/institution should be able to set their own time period (not v1)
- For institutions that don't anonymize for all users by default, we should offer the ability for users to indicate whether they want their data scrubbed (not v1)
- For a loan to qualify for scrubbing/anonymizing, it must:
- Be closed
- Not have any open fees/fines
- Be old enough to trigger scrubbing
- "Old enough" varies depending on if it has no closed fines/fees or not
- When a loan record is scrubbed:
- Any patron identifying information should be scrubbed from the loan record in the database.
- The only patron information that should be retained includes:
- Patron group
- Status
- Division/department (as of 5/14 RA SIG meeting)
Branch/location (when implemented)Probably not, as of 5/14 RA SIG meeting - not patron info- Custom fields or tags (when implemented)
Date enrolled?No, as of 5/14 RA SIG meetingExpiration date?No, as of 5/14 RA SIG meeting
- The scrubbed loan should no longer display on the patron's Loans page
- But what about the Check in page? Institutions that have opted not to save ANY loan history, still need to be able to see the items they just checked in (see
UICHKIN-10for details on what should display on the check in page). We need to make sure this is considered in our implementation.
- But what about the Check in page? Institutions that have opted not to save ANY loan history, still need to be able to see the items they just checked in (see
- Anywhere else closed loans may display, the scrubbed loan data should display without any patron identifying information
- IMPLEMENTATION NOTE: Many systems log anonymized loan data in a reporting table as soon as the transaction occurs
TestRail: Results
Attachments
Issue Links
- is cloned by
-
UXPROD-447 Retain loan and item information for closed loans with fees/fines
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- relates to
-
UIU-463
Anonymize closed loans on demand
-
- Closed
-
-
UIU-609
Anonymize closed loans on demand (self-service)
-
- Draft
-
-
UXPROD-373
User endpoint to remove aliases tied to loans
-
- Open
-
-
UXPROD-374
Cron job to call endpoint to remove aliases tied to loans
-
- Open
-
-
UXPROD-375
Configuration settings from auto loan anonymization
-
- Closed
-
-
UXPROD-285
GDPR
-
- Analysis Complete
-
