A Librarian S Guide To Iso Standards For Information Governance Privacy And Security

This book was written to demystify critical standards related to information security, records management privacy information management for the modern librarian and archival professional. In the digital age, librarians and archival professionals play a crucial role in safeguarding the world's knowledge. A Librarian's Guide to ISO Standards for Information Governance, Privacy, and Security is a curated resource for librarians, presenting core ISO standards related to information governance, data privacy, and security. The book provides detailed summaries of these standards, along with case studies and advice on applying them in the modern digital age. It empowers library staff and patrons to prioritize data security and privacy, ensuring trust and confidentiality in their services. The purpose is to demystify critical standards related to information security, records management privacy information management for the modern librarian and archival professional. Inside, you will find detailed summaries of the core ISO standards, descriptions, and case studies illustrating how these standards can apply to librarians in the modern digital age, advice on how to cultivate a culture of data security, and privacy awareness among library staff and patrons.

This book provides a concise and usable overview of the practical implications of important public sector United States federal, state, and municipal laws and standards related to information governance, as they pertain to librarians, research staff, universities, corporate regulatory managers, and public-sector information governance professionals. It is the first in a series of two volumes addressing public sector information governance compliance matters from the perspective of our target audience. Topics addressed in the book include: the evolving role of librarians and the need for librarians and legal researchers to understand the principles of information governance, the importance of broad-based regulatory IG principles such as the Federal Records Act, the Paperwork Reduction Act of 1980 and 36 CFR Chapter XII, Subchapter B – Records Management, that have been promulgated by various federal government agencies in framing public-sector IG principles, a survey of interpretive surveys from the Office of Management and Budget (OMB) that further elucidate the core IG principles applicable to public sector stakeholders, case studies detailing the application of important IG principles by federal agencies and bodies, and a survey of important IG issues facing state and local governments.

In a world of users that routinely click “I Agree” buttons, librarians may be the lone voice raising an alert to the privacy, use, and ownership issues arising in connection with the design and implementation of digital rights management (DRM) technologies. DRM reflects the efforts of copyright owners to prevent the illegal distribution of copyrighted material – an admirable goal on its face. A common misunderstanding is that DRM is copyright law. It is not. Rather it is a method of preventing copyright infringement; however, if unchecked, DRM has the potential to violate privacy, limit ownership rights, and undermine the delicate balance of rights and policies established by our current system of copyright. All three of these arenas are critical for both librarians and their users. Reflecting the shift from ownership to access, libraries are increasingly providing access to rights-protected digital content. Libraries strive to provide access to rights-protected content in a manner that protects both the content creator and the privacy of the user. DRM encompasses a variety of technologies and strategies utilized by content owners and managers to limit access to and the use of rights-protected content. Librarians need to understand DRM to effectively enable users to access and use rights-protected digital content while at the same time protecting the privacy of the user. Designed to address the practical operational and planning issues related to DRM, this guide explores the critical issues and challenges faced by librarians. After reading it, librarians will better understand: the digital content rights protection scheme; the various DRM technologies and how they are used; how to use authentication and authorization standards, strategies, and technologies; and, the privacy and security issues related to DRM. Edited by two librarians who also hold law degrees, this is a best practices guide for front-line librarians on how to best respond to the impact of DRM schemes on collection development, staffing, budget, service, and other library concerns.

This book constitutes the refereed proceedings of the 4th International Symposium on Information Management in a Changing World, IMCW 2013, held in Limerick, Ireland, in September 2013. The 12 revised full papers presented together with three keynotes were carefully reviewed and selected from 31 submissions. The papers deal with the following topics: Cloud Architectures and Cultural Memory; Cloud Computing Beyond the Obvious: An Approach for Innovation; Cloud Computing: A New Generation of Technology Enables Deeper Collaboration; Evaluation of Conditions Regarding Cloud Computing Applications in Turkey, EU and the USA; Trustworthy Digital Images and the Cloud: Early Findings of the Records in the Cloud Project; Cloud Computing and Copyright: New Challenges in Legal Protection? Clouding Big Data: Information Privacy Considerations; The Influence of Recent Court Cases Relating to Copyright Changes in Cloud Computing Services in Japan; Government Participation in Digital Copyright Licensing in the Cloud Computing Environment; Evaluation of Information Security Approaches: A Defense Industry Organization Case; Information-Seeking Behavior of Undergraduate, Graduate, and Doctoral Students: A Survey of Istanbul University, Turkey; Students Readiness for E-Learning: An Assessment on Hacettepe University Department of Information Management; Evaluation of Scientific Disciplines in Turkey: A Citation Analysis Study.

Libraries are not exempt from the financial costs of data breaches or leaks, no matter the size. Whether from a library worker unwittingly sharing a patron’s address with a perpetrator of domestic violence to leaving sensitive patron data unprotected, patrons can also pay a hefty price when libraries fail to manage patron data securely and ethically. In this guide, readers will learn concrete action steps for putting the ethical management of data into practice, following two common public and academic library cumulative case studies. The authors explore such key topics as succinct summaries of major U.S. laws and other regulations and standards governing patron data management; information security practices to protect patrons and libraries from common threats; how to navigate barriers in organizational culture when implementing data privacy measures; sources for publicly available, customizable privacy training material for library workers; the data life cycle from planning and collecting to disposal; how to conduct a data inventory; understanding the associated privacy risks of different types of library data; why the current popular model of library assessment can become a huge privacy invasion; addressing key topics while keeping your privacy policy clear and understandable to patrons; and data privacy and security provisions to look for in vendor contracts.

RFID technology presents a great potential for creating competitive advantage. By automating and simplifying data collection, it lets users more accurately track assets and monitor key indicators, which in turn gives greater visibility to the operations. However, the benefits received from this technology will be determined by how well it is integrated with the business processes and overall information flow. Because of the fact that the decision to deploy RFID technology in an enterprise is a business decision instead of a technology decision, cost-benefit analysis is a key component of this decision. If an RFID deployment cannot be justified in terms of its economic value to the company, it is not likely to help the company; and consequently, it is not likely to remain a viable deployment over the long term. The Value of RFID describes the business value of RFID and explains the costs and benefits of this technology comprehensively. Different investment evaluation models are proposed to use in various application areas. Techniques to guide the selection of appropriate implementation levels and to handle uncertainty and risk in RFID are explained. Written for researchers, undergraduate and graduate students, and lecturers working in the field of RFID and supply chain management, readers will learn evaluation practices for RFID investment for different application areas. The book also guides managers in making to accurate decisions on RFID investment to maximize the return.

Information professionals have been paying more attention and putting a greater focus on privacy over cybersecurity. However, the number of both cybersecurity and privacy breach incidents are soaring, which indicates that cybersecurity risks are high and growing. Utilizing cybersecurity awareness training in organizations has been an effective tool to promote a cybersecurity-conscious culture, making individuals more cybersecurity-conscious as well. However, it is unknown if employees’ security behavior at work can be extended to their security behavior at home and personal life. On the one hand, information professionals need to inherit their role as data and information gatekeepers to safeguard data and information assets. On the other hand, information professionals can aid in enabling effective information access and dissemination of cybersecurity knowledge to make users conscious about the cybersecurity and privacy risks that are often hidden in the cyber universe. Cybersecurity for Information Professionals: Concepts and Applications introduces fundamental concepts in cybersecurity and addresses some of the challenges faced by information professionals, librarians, archivists, record managers, students, and professionals in related disciplines. This book is written especially for educators preparing courses in information security, cybersecurity, and the integration of privacy and cybersecurity. The chapters contained in this book present multiple and diverse perspectives from professionals in the field of cybersecurity. They cover such topics as: Information governance and cybersecurity User privacy and security online and the role of information professionals Cybersecurity and social media Healthcare regulations, threats, and their impact on cybersecurity A socio-technical perspective on mobile cybersecurity Cybersecurity in the software development life cycle Data security and privacy Above all, the book addresses the ongoing challenges of cybersecurity. In particular, it explains how information professionals can contribute to long-term workforce development by designing and leading cybersecurity awareness campaigns or cybersecurity hygiene programs to change people’s security behavior.