« Outrage: Annotated Constitution updates kept away from the public | Main | Privacy audit - one pager by Karen Coyle »


Patrons of our library actually authenticate using SirsiDynix's RPA server. This server is not hosted by us - rather, it is hosted by our provincial library. All public libraries in the province use this service for authentication.

Although RPA does contact our Horizon server (our ILS) we have no way of tracking such authentication contacts (they look like simple patron lookups that staff would do in Horizon), nor can we track searches. The RPA server itself logs only that a patron made an authentication request from our library, whether they were successful or not and what database they were seeking to access (we have 50). Actual searches are not tracked because RPA stops monitoring when the patron's access attempt is either accepted or rejected - though I am not sure if RPA could be configured to continue monitoring past this point.

The comments to this entry are closed.