Illinois Compiled Statutes
ILCS Listing
Public
Acts Search
Guide
Disclaimer
Information maintained by the Legislative
Reference Bureau
Updating the database of the Illinois Compiled Statutes (ILCS) is an ongoing process.
Recent laws may not yet be included in the ILCS database, but they are found on this site as Public
Acts soon after they become law. For information concerning the relationship between statutes and Public Acts, refer to the
Guide.
Because the statute database is maintained primarily for legislative drafting purposes,
statutory changes are sometimes included in the statute database before they take effect.
If the source note at the end of a Section of the statutes includes a Public Act that has
not yet taken effect, the version of the law that is currently in effect may have already
been removed from the database and you should refer to that Public Act to see the changes
made to the current law.
815 ILCS 530/5 (815 ILCS 530/5) Sec. 5. Definitions. In this Act: "Data collector" may include, but is not limited to,
government agencies, public and private universities,
privately and publicly held corporations, financial
institutions, retail operators, and any other entity that, for any purpose, handles, collects, disseminates, or otherwise
deals with nonpublic personal information.
"Breach of the security of the system data" or "breach" means
unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information maintained by the data collector. "Breach of the security of the system data" does not include good faith
acquisition of personal information by an employee or agent of
the data collector for a legitimate purpose of the data
collector, provided that the personal information is not used
for a purpose unrelated to the data collector's business or
subject to further unauthorized disclosure.
"Health insurance information" means an individual's health insurance policy number or subscriber identification number, any unique identifier used by a health insurer to identify the individual, or any medical information in an individual's health insurance application and claims history, including any appeals records. "Medical information" means any information regarding an individual's medical history, mental or physical condition, or medical treatment or diagnosis by a healthcare professional, including such information provided to a website or mobile application. "Personal information" means either of the following: (1) An individual's first name or first initial and | | last name in combination with any one or more of the following data elements, when either the name or the data elements are not encrypted or redacted or are encrypted or redacted but the keys to unencrypt or unredact or otherwise read the name or data elements have been acquired without authorization through the breach of security:
|
| (A) Social Security number.
(B) Driver's license number or State
| | identification card number.
|
| (C) Account number or credit or debit card
| | number, or an account number or credit card number in combination with any required security code, access code, or password that would permit access to an individual's financial account.
|
| (D) Medical information.
(E) Health insurance information.
(F) Unique biometric data generated from
| | measurements or technical analysis of human body characteristics used by the owner or licensee to authenticate an individual, such as a fingerprint, retina or iris image, or other unique physical representation or digital representation of biometric data.
|
| (2) User name or email address, in combination with a
| | password or security question and answer that would permit access to an online account, when either the user name or email address or password or security question and answer are not encrypted or redacted or are encrypted or redacted but the keys to unencrypt or unredact or otherwise read the data elements have been obtained through the breach of security.
|
| "Personal information" does not include publicly available
information that is lawfully made available to the general
public from federal, State, or local government records.
(Source: P.A. 99-503, eff. 1-1-17 .)
|
|