The Illinois General Assembly offers the Google Translate™ service for visitor convenience. In no way should it be considered accurate as to the translation of any content herein.
Visitors of the Illinois General Assembly website are encouraged to use other translation services available on the internet.
The English language version is always the official and authoritative version of this website.
NOTE: To return to the original English language version, select the "Show Original" button on the Google Translate™ menu bar at the top of the window.
Deletes everything after the enacting clause. Creates the Personal Information Protection Act. Provides that any data collector that owns or uses personal information in any form, whether computerized, paper, or otherwise, that includes personal information concerning an Illinois resident shall notify the resident that there has been a breach of the security of the system data following discovery or notification of the breach, without regard for whether the data has been accessed by an unauthorized third party for legal or illegal purposes. Provides that the notification required pursuant to the Act may be delayed if a law enforcement agency determines that the notification may impede a criminal investigation. Amends the Consumer Fraud and Deceptive Business Practices Act. Provides that a violation of the Personal Information Protection Act is a violation of the Consumer Fraud and Deceptive Business Practices Act.
House Floor Amendment No. 4 Replaces everything after the enacting clause with provisions substantially similar to those of House Amendment No. 1 to House Bill 1633, except: (i) deletes the definition of "breach of the security of non-computerized data"; (ii) provides that any data collector that owns or licenses personal information concerning an Illinois resident shall notify the resident that there has been a breach of the security of the system data following discovery or notification of the breach (instead of any data collector that owns or uses personal information in any form, whether computerized, paper, or otherwise, that includes personal information concerning an Illinois resident shall notify the resident that there has been a breach of the security of the system data following discovery or notification of the breach, without regard for whether the data has been accessed by an unauthorized third party for legal or illegal purposes); and (iii) deletes language providing that the notification required under the Act may be delayed if a law enforcement agency determines that the notification may impede a criminal investigation. Provides that any data collector that maintains computerized data that includes personal information that the data collector does not own or license shall notify the owner or licensee of the information of any breach of the security of the data immediately following discovery, if the personal information was, or is reasonably believed to have been, acquired by an unauthorized person. Provides that a data collector that maintains its own notification procedures as part of an information security policy for the treatment of personal information and is otherwise consistent with the timing requirements of the Act, shall be deemed in compliance with the notification requirement if the data collector notifies subject persons in the event of a breach.
This site is maintained for the Illinois General Assembly
by the Legislative Information System, 705 Stratton Building, Springfield, Illinois 62706
Contact ILGA Webmaster