shared user accounts in koha

Shared user accounts in Koha

We're  often asked in one way or another why libraries shouldn't use shared accounts for staff members, for example using a Circulation account rather than individual accounts in Koha for each member who performs circulation tasks. While it may be faster in the beginning to create a handful of accounts instead of one account per staff member, there are very good reasons to spend the time up front making individual users: 

  1. Koha's permissions are very granular (and getting more granular each version); ensuring that each staff member has appropriate permissions assigned to them per their role is the best way to ensure that staff can perform their assigned duties while also not having more access than is required. Not only does this protect patron data and privacy, but also helps to avoid confusion and unintentional access/changes made by staff with more access than their role requires. 
  2. With any staff turnover (either staff leaving or transferring to new positions), shared accounts are easily missed and old passwords that were known by former staff may persist, posing risk to patron data and privacy. Individual accounts are easy to decommission and are less likely to be overlooked during the offboarding process.
    1. This is especially important to consider in the case where staff may pose an insider threat- that is, a staff member or other employee who either accidentally or purposefully poses a risk to the library. 
  3. Internal audits of actions taken by staff are unclear and hard to parse with shared accounts, making correction of incorrect processes, providing additional training, or addressing potential misuse of the system very hard or impossible to undertake by management. 
  4. If there is ever a need for an external audit, individual accounts provide accountability for your staff and their actions within the system. 

    • Related Articles

    • Managing Patron Accounts

      Koha has many options and tools for managing patron accounts. Customize the Patron Registration Form Libraries can customize which patron fields display on the form, which fields are mandatory and which fields are collapsed within the patron detail ...

    • Global and Local Settings in Koha

      This is a guide to Koha settings that apply to all libraries sharing one Koha instance and those settings that can be configured by library. This is not exhaustive. Instead, the focus is on those settings that are most relevant to consortia and large ...

    • Koha 25.11: Managers' Overview

      Overview This document is intended for managers who want to evaluate how select new features may impact day-to-day operations, and whether staff training may be needed to take advantage of enhancements in this upgrade. It is not intended to replace ...

    • Credits and Debits in Koha

      Koha has the ability to define credits and debits in system administration. Credits and debits appear as options in patron accounts when charging fees and the Point of Sale module. The Koha Manual has instructions for setting up Credits and Debits. ...

    • Koha Glossary of Terms

      Find the basics of Koha's vocabulary here. This glossary is in alphabetical order. Use control+F to quickly search this page for specific terms. Adding Items: the method for adding item records to a bibliographic record. This action may be called ...