USA - Illinois
data, if the personal information was or reasonably believed to have been acquired by an unauthorized person. This applies regardless of whether the data collector conducts business in Illinois. If notice is issued to more than 500 Illinois residents as a result of a single breach, the data collector must also notify the Attorney General of the breach. PIPA also requires data collectors to maintain reasonable security measures to protect personal information from unauthorized access, acquisition, destruction, use, modification, or disclosure. Additional or ancillary regulation, directives or norms Illinois Biometric Privacy Act The Illinois Biometric Privacy Act 2008 (“BIPA”) (740 ILCS 14/1 to 740 ILCS 14/99) is significant as it was the first state legislation to address the collection and sharing of biometric information. The Act was passed in 2008, and other states began introducing legislation aimed at addressing biometric data thereafter. An overarching theme of BIPA is that an entity must maintain a reasonable standard of care in managing biometric information. BIPA provides a set of rules for businesses to follow when collecting biometric data of state residents: Prior consent is required before the collection or disclosure of biometric data, such as fingerprints, voiceprints, or scans of hand or face geometry;
Biometric be destroyed in a timely manner; and Biometric data must be securely stored. Student Online Personal Protection data must Student Personal Protection Act (“SOPPA”) (105 ILCS 85/1 to 105 ILCS 85/99) is the student data privacy law that regulates students’ covered information by schools, education technology Act The Online vendors, and the Illinois State Board of Education. It was signed into law in 2019 and outlines specific rights and responsibilities as it relates to covered information. SOPPA requires that a school must provide notice to the parents of students within 30 days after determining that a breach of covered information occurred. It further requires that schools must implement and maintain reasonable security procedures to protect covered information from unauthorized access, destruction, use, modification, or disclosure. Additionally, SOPPA outlines requirements as to the deletion of covered information. Upcoming or proposed legislation Illinois Data Protection and Privacy Act The Illinois Data Protection and
https://www.mcdonaldhopkins.com/
Made with FlippingBook - PDF hosting