Biblionix sets a high bar for security and privacy of your data. And your patron data is private. We do nothing with it but save it for you. No harvesting, no marketing. Our data protection is all encompassing, including:
We challenge any system to do more to protect your data and patron privacy.
“I commend Biblionix for its early move to delivering all transactions for its Apollo ILS via pages encrypted with HTTPS.”
Marshall Breeding, Smart Libraries Newsletter, January 2015
We will not connect your data with any 3rd party that does not use encrypted SIP2. SIP2 is typically used by e-book services, PC time/print management software and the like. Without encrypted SIP2, every log-in by a patron results in much of their personal information being sent over the Internet in clear text; adult data and child data alike.
As a defense, your vendor may say that they don’t do anything with such patron data. Well, that doesn’t matter; the horse is already out of the barn. The SIP2 standard requires that the ILS reply to SIP2 login requests with the patron’s personal information whether or not the requesting software uses that data. And if the connection is not encrypted, all that patron data is exposed on the Internet, unprotected. Our CTO is a member of the NISO Working Group for SIP3 where he is working to get encryption included.
Here are some questions to ask your vendors about security:
For more information, refer to these articles by Alison Macrina and April Glaser with whom we have been in touch:
– “Librarians Are Dedicated to User Privacy. The Tech They Have to Use Is Not”
– “Radical Librarianship: how ninja librarians are ensuring patrons’ electronic privacy”
Securing your data is frankly not hard; your vendors just have to take it seriously. Demand it of your ILS vendor, or allow us to protect you!