Illinois Biometric Information Privacy Act (BIPA)
Operationalize BIPA compliance with the most comprehensive PrivacyOps platform
Privacy Center
Fully Functional In Minutes
Elegant Consumer Frontend, Fully Automated Backend, Privacy Regulation Intelligent Everywhere.
Email already in use
Looks like this email is already registered with an existing account.
Unexpected error occurred
Looks like there was an error completing your request, Please contact us here for further support.
Please do not close this window while we process your request
The Biometric Information Privacy Act (BIPA), an initiative spearheaded by the ACLU of Illinois, was unanimously approved by the Illinois legislature in 2008. BIPA creates guidelines to protect the privacy and security of Illinois residents.
BIPA prohibits any private entity from selling or leasing, trading, or otherwise profiting from an individual’s or customer’s biometric information or identifiers, in addition to its notice and consent requirements. Retina or iris scans, fingerprints, voice prints, hand scans, facial geometry, DNA, and other biological information are examples of biometric identifiers.
The consumer or his/her legally authorized representative must consent to the collection, storage, and usage of the biometric information or identifier through a written release which must be collected and documented by the private entity.
The consumers should also be informed in writing through a notice stating the purpose for which the biometric information or identifier is being collected and for what length of time it shall be retained. The BIPA remains the most stringent biometric privacy law in the US and also provides consumers with protection by enabling them to sue businesses that violate it in court.
The Solution
Securiti enables organizations to comply with Biometric Information Privacy Act (BIPA) through AI-driven PI data discovery, DSR automation, access Intelligence, documented accountability, data security, enhanced visibility into data processing activities, and AI-driven process automation.
Securiti supports enterprises in their journey toward compliance with Biometric Information Privacy Act (BIPA) through automation, enhanced data visibility, and identity linking.
See how our comprehensive platform helps you comply with various Biometric Information Privacy Act (BIPA) sections.
With its state-of-the-art artificial intelligence and machine-learning-based tools, Securiti is a market leader in providing data governance and compliance solutions.
Request a demo today to learn how Securiti can aid you and your organization's compliance efforts.
Assess BIPA readiness
BIPA §15
With the help of our multi-regulation, collaborative, readiness, and privacy impact assessment system, you can measure your organization's posture against BIPA requirements, identify the gaps and address the risks. Expand assessment capabilities across your vendor ecosystem to maintain compliance against BIPA requirements.
Continuous Monitoring and Tracking
BIPA Governance
Keep track of risks involved by continuously monitoring and scanning data against non-compliance to subject rights, security controls, or data residency.
Breach Response Notification
BIPA §15(b), BIPA §20
Automate data breach response mechanism, including breach notifications to concerned stakeholders regarding data breach incidents, by leveraging a knowledge database on security incident diagnosis and response.
Privacy Policy & Notice Management
BIPA §15(a)
Securiti's Privacy Notice Creation and Management Solution allows organizations to transparently inform their users about any access or use of their personal data.
Monitor and Track Consent
BIPA §15(b), BIPA §15(d)
Securiti's Consent Management Platform enables organizations to obtain individuals’ consent for data access, retrieval, and advertising purposes. It allows consent management as per the requirements of BIPA. Moreover, accurate consent status is recorded to demonstrate compliance.
Assess Data Protection Measures and Enable Appropriate Security Controls
BIPA §15(e)
Securiti’s Data Intelligence modules enable you to identify gaps and risks in your data processing and implement appropriate security controls.
Obligations for Covered Entities Under BIPA
- Covered entities must obtain consent from individuals if the company intends to collect or disclose their personal biometric identifiers.
- Covered entities must destroy biometric identifiers promptly.
- Covered entities must securely store biometric identifiers.
- BIPA prohibits companies from selling or otherwise profiting from consumers’ biometric information.
- Covered entities cannot disclose, redisclose or distribute any biometric information or identifiers that a person or customer provides to a covered entity unless the individual’s consent is obtained, the state requires its disclosure, and the court issues a legitimate warrant or subpoena requiring its disclosure.
Quick Facts About BIPA
BIPA is the only statute in the United States that grants a private right of action to anyone wronged by a violation, subject to a five-year statute of limitation.
BIPA only applies to private entities (individuals, partnerships, corporations, limited liability companies, organizations, or other groups).
BIPA does not apply to financial institutions or affiliates of financial institutions.
BIPA does not apply to contractors, subcontractors, or agents when they are engaged by a State agency or local government unit.
The negligent violation penalty is $1,000 or actual damages, whichever is greater.
Intentional or Reckless Violation penalty is $5,000 or actual damages, whichever is greater.
At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.
Copyright © 2023 Securiti · Sitemap · XML Sitemap
Newsletter
Resources
Get in touch
[email protected]
300 Santana Row Suite 450. San Jose,
CA 95128
