Vendors and Privacy

Vendors help libraries serve users by providing critical infrastructure products and electronic resources. Libraries increasingly depend on vendors for these products and resources, but at what cost to user privacy? This guide will introduce you to methods to protect users’ privacy while evaluating and acquiring products and resources from vendors. The guide will cover key strategies that libraries can employ to protect user privacy: contract language and negotiations, Requests for Proposal (RFPs), and vendor audits.

However, not all libraries have control over the vendor acquisition process. If the decision making is out of your hands, this guide can still help in identifying strategies to convince the decision makers to keep user privacy in mind during the acquisition process. 

Who Controls the Decision to Buy?

Understanding your library's purchasing process to know who you need as a privacy ally.

View Chapter
Selection

The first and best place to protect user privacy is during the vendor selection process.

View Chapter
Evaluation Questions and Standards

Standards to be aware of and questions to look for when researching vendors and products.

View Chapter
Contracts and Licensing

See how privacy is mentioned in various contracts and licenses.

View Chapter
Contract Red Flags

Common contract red flags.

View Chapter
Making the Contracting Process Consistent

A use for contract addendums.

View Chapter
Vendor Audits

The importance of data privacy and security audits.

View Chapter
Pushing for Privacy in Your Organization

Finding privacy allies and advocates within your organization.

View Chapter