The national library of the Republic of Bashkortostan develops the system of personal data protection

The Softline company announced on September 4, 2013 project completion of development of the system of personal data protection for National library of Ahmet-Zacky Validi of the Republic of Bashkortostan.

Project Background

Due to the need of personal data processing of readers and employees, before the management of library there was a problem of creation of an information security system according to requirements of the Federal law "About Personal Data" and methodical documents of state bodies of control and supervision in this sphere. The implemented solutions and organizational actions had to provide compliance of information systems of organization to requirements of the modern legislation.

Project Progress

As the partner in the project the Softline company acted.

The project is executed according to the classical scheme prepared by Softline for implementation of complete solutions on personal data protection. At the initial stage with the assistance of library workers collection of data on information systems PDN, features of their processing in public institution is carried out.

Based on inspection draft documents on classification and establishment of levels of security, the passport of technology processes, technology platforms and information systems are developed.

Bench tests on compatibility of the offered information security tools with used in software library allowed to analyze and exclude possible risks at implementation. Within the project the command of Softline identified and classified personal data information systems for the purpose of establishment of the methods and methods of data protection necessary for security of PDN, developed models of security risks and technical specifications on creation of a system of protection.

Project Results

The management of library received all necessary organizational and administrative documentation including orders, provisions, technical regulations and instructions for quality improvement of information security management regarding personal data protection. The developed documents are a basis for passing of checks from authorized supervisory authorities in the field of personal data. The project became a major step in development of processes of information security support in National library of Ahmet-Zacky Validi of the Republic of Bashkortostan.

"During the project specialists of Softline study structure of the processed personal information, including personal data of special categories. In the service agreement of users the incomplete list of the processed PDN was specified, besides, the purposes and time frames of their processing were not specified. We offered the new agreement revision on service of users of library, – Timur Hannanov, the head on information security of Softline in Ufa noted. - It is also necessary to note that registration of readers in an information library system is connected with processing of biometric personal data. The plastic library card with the identification number and the photo is instantly issued to all new readers at record. After the analysis of all necessary documentation our specialists proposed a number of relevant organizational and technical measures for protection of biometric personal data of users of library".

"Project implementation allowed us to bring processing of personal data into accord to requirements of the Russian legislation and also to implement the information security tools optimum suitable to the existing IT infrastructure", - Zagit Abilev, the head of department of automation and information technologies of National library emphasized with it. And. - Z. Validi RB.