Libraries have a complicated relationship with data. We believe that patrons must have privacy while using library services and resources, but the systems we use collect patron data that is highly sought after for analytics, marketing, and assessment needs for internal and external audiences. Libraries are then left to figure out how to meet data analytical and assessment needs of the organization without betraying patron trust in the library to protect their privacy. This talk, based on a case study at a large library system, will discuss many of the issues in balancing the need for analytical data while upholding patron privacy and library ethics, including: - De-identification of patron data, including strategies and the risks involved with several de-identification methods - Technical processes and structures for building and maintaining a data warehouse - Data and privacy policies and governance at the organizational level - Auditing what data is being collected by the library, from system logs to paper forms The talk will address how these issues impact libraries with both limited and extensive resources in their efforts to balance data analytical needs and patron privacy.