Illinois Compiled Statutes
ILCS Listing
Public
Acts Search
Guide
Disclaimer
Information maintained by the Legislative
Reference Bureau
Updating the database of the Illinois Compiled Statutes (ILCS) is an ongoing process.
Recent laws may not yet be included in the ILCS database, but they are found on this site as Public
Acts soon after they become law. For information concerning the relationship between statutes and Public Acts, refer to the
Guide.
Because the statute database is maintained primarily for legislative drafting purposes,
statutory changes are sometimes included in the statute database before they take effect.
If the source note at the end of a Section of the statutes includes a Public Act that has
not yet taken effect, the version of the law that is currently in effect may have already
been removed from the database and you should refer to that Public Act to see the changes
made to the current law.
20 ILCS 1375/5-5 (20 ILCS 1375/5-5)
Sec. 5-5. Definitions. As used in this Act: "Critical information system" means any information system (including any telecommunications system) used or operated by a State agency or by a contractor of a State agency or other organization or entity on behalf of a State agency: that contains health insurance information, medical information, or personal information as defined in the Personal Information Protection Act;
where the unauthorized disclosure, modification, destruction of information in the information system could be expected to have a serious, severe, or catastrophic adverse effect on State agency operations, assets, or individuals; or where the disruption of access to or use of the information or information system could be expected to have a serious, severe, or catastrophic adverse effect on State operations, assets, or individuals. "Department" means the Department of Innovation and Technology. "Information security" means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide:
integrity, which means guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity;
confidentiality, which means preserving authorized restrictions on access and disclosure, including means for protecting personal privacy and proprietary information; and
availability, which means ensuring timely and reliable access to and use of information. "Incident" means an occurrence that:
actually or imminently jeopardizes, without lawful authority, the confidentiality, integrity, or availability of information or an information system; or
constitutes a violation or imminent threat of violation of law, security policies, security procedures, or acceptable use policies or standard security practices. "Information system" means a discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information created or maintained by or for the State of Illinois. "Office" means the Office of the Statewide Chief Information Security Officer. "Secretary" means the Secretary of Innovation and Technology. "Security controls" means the management, operational, and technical controls (including safeguards and countermeasures) for an information system that protect the confidentiality, integrity, and availability of the system and its information. "State agency" means any agency under the jurisdiction of the Governor.
(Source: P.A. 100-611, eff. 7-20-18.) |
|
