摘要
图书馆读者个人信息具有高度的场景依赖性,可分为读者一般信息、注册信息、借阅信息和服务信息四大类。在图书馆信息收集、存储、业务协作等读者信息处理场景,以及使用第三方数据服务、开放档案等信息服务场景存在信息泄露风险,成因主要是图书馆在意识层面缺乏谨慎的保护态度、硬件层面缺乏有力的信息技术、法律层面缺乏完备的规制体系。对读者信息泄露的安全问题应采取场景化动态治理方式,在日常培训管理、信息服务的全流程提高个人信息安全维护意识,在技术研发、合作和反哺的全链条强化产学研合作的双向循环,并在数据全生命周期履行安全评估、泄露通知等个人信息安全保护义务。
The personal information of library readers is highly context-dependent and can be divided into four categories:general reader information,registration information,borrowing information,and service information.There is a risk of information breach in information service scenarios such as tripartite data services and open archives,mainly due to the lack of a prudent protection attitude at the awareness level,the lack of powerful information technology at the hardware level,and the lack of a complete regulatory system at the legal level.A scenario-based dynamic governance approach should be adopted for the security of readers’information breaches,and the awareness of personal information security maintenance should be improved in the entire process of daily training management and information services.The whole chain strengthens the two-way cycle of industry-university-research cooperation and fulfills the obligations of personal information security protection such as security assessment and breach notification throughout the data life cycle.
出处
《图书馆学研究》
CSSCI
北大核心
2022年第6期18-26,63,共10页
Research on Library Science
基金
国家社科基金重大项目“大数据主权安全保障体系建设研究”(项目编号:21&ZD169)
国家社科基金一般项目“个人数据流通隐私保护的机制设计研究”(项目编号:21BJL038)的研究成果之一。
关键词
读者信息
数据泄露
数据安全
场景化治理
reader information
data breach
data security
scenario-based governance
