CAUL Procurement has released a Guidance Statement to Vendors on Privacy and Unauthorised Access Processes which provides a framework for vendors outlining CAUL Procurement’s privacy expectations in consortium agreements in line with Australian Privacy Principles and the Privacy Act 1988. Additionally, the statement details expectations placed on vendors and Institutions for processes related to cases of unauthorised access and data breaches.
“Recent events have placed greater emphasis on Institutions and the vendors they work with having robust privacy controls and policies”, said Angus Cook, Director, Content Procurement. “Libraries have a long-standing tradition of providing services and content in safe, secure, and private spaces. That tradition needs to continue in online spaces and it’s important that Institutions and vendors work cooperatively to achieve this. We hope the statement will make it more apparent as to what the privacy requirements are, and the shared expectations to achieve those requirements.” The statement was developed as a project initiated by the CAUL Licence Review Working Group, comprised of CAUL member library acquisition and copyright staff, and with further consultation across the CAUL membership.
The statement is released under a CC-BY licence should institutions or consortia choose to re-use the document for their own purposes.