The European Union’s General Data Protection Regulation, or GDPR, went into enforcement in May 2018. The spring and summer of 2018 saw a flurry of activity as businesses, including library vendors, worked to update their privacy statements and policies to reflect the requirements. Given all that has happened since 2018, including Britain’s exit from the European Union and new worries around data security and the COVID-19 pandemic, it is an important time to revisit what the GDPR means for libraries. This session will cover the basic requirements of the GDPR, how it affects libraries in non-EU countries, and what libraries need to be doing and reviewing to ensure they can work with their legal representation to be compliant.
At the end of the session, participants should be able to:
Define the basic requirements of the GDPR and how these apply to libraries
Inventory the systems and practices likely to be affected by the GDPR
Modify existing GDPR knowledge in light of recent political shifts
Instructor: Margaret Heller
Margaret Heller has been Digital Services Librarian at Loyola University Chicago since 2013, and prior to that was at Dominican University. She received her MLIS from the University of Illinois at Urbana-Champaign. She is the author of Community Technology Projects: Making Them Work, published by ALA Editions in 2019, and numerous blog posts and other web publications, focusing on scholarly communications, privacy, and information technology policy. Active in ALA, she most recently served on the LITA Board of Directors.