Kristin A. Briney has published "Data Management Practices in Academic Library Learning Analytics: A Critical Review" in the Journal of Librarianship and Scholarly Communication.
Here's an excerpt:
INTRODUCTION Data handling in library learning analytics plays a pivotal role in protecting patron privacy, yet the landscape of data management by librarians is poorly understood. METHODS This critical review examines data-handling practices from 54 learning analytics studies in academic libraries and compares them against the NISO Consensus Principles on User’s Digital Privacy in Library, Publisher, and Software-Provider Systems and data management best practices. RESULTS A number of the published research projects demonstrate inadequate data protection practices including incomplete anonymization, prolonged data retention, collection of a broad scope of sensitive information, lack of informed consent, and sharing of patron-identified information. DISCUSSION As with researchers more generally, libraries should improve their data management practices. No studies aligned with the NISO Principles in all evaluated areas, but several studies provide specific exemplars of good practice. CONCLUSION Libraries can better protect patron privacy by improving data management practices in learning analytics research.