Stanford Libraries’ digital collections contain personally identifiable information and other forms of high-risk data, such as student, medical, and otherwise sensitive records. Archives staff must abide by archival ethics, state law, federal law, and data security requirements set by Stanford University, while making as much material available to the public as possible. In implementing workflows for high-risk data review, we’ve encountered challenges of scale and sustainability. Our backlog–4.3 years of full-time review work–reopens work on collections considered “done.” Developing our capacity in this area is an operational concern that sets limits on our preservation storage options and restrictions on researcher access.

Our panel will outline why and how we review collections for high-risk data. We will discuss technical topics such as workstation requirements, using bulk_extractor to conduct our review, and documenting our results. We will also discuss the ongoing evolution of our guidelines for review and the challenges of balancing a level of review that meets institutional and federal guidelines while remaining sustainable in terms of staff time. Finally, we want to surface the gray areas that have emerged in this process. In extending institutional guidance to cover the range of examples we have found in archival collections, staff members contribute a range of perspectives from backgrounds in medicine, law, preservation, archives, and curation.

Links shared in the chat:

• Stanford Libraries values: https://library.stanford.edu/our-values
• Stanford Risk Classifications: https://uit.stanford.edu/guide/riskclassifications
• BulkExtractor: https://github.com/simsong/bulk_extractor
• BitCurator: https://github.com/BitCurator/bitcurator-distro/wiki/Releases
• DLF BDAWG Legal and Ethical Considerations: https://www.diglib.org/introducing-legal-and-ethical-considerations-for-born-digital-access/
• Get in touch: aschweik@stanford.edu, victor77@stanford.edu