Securiti Named a 2022 Cool Vendor in Data Security by GartnerDownload Now
The Biometric Information Privacy Act (BIPA), an initiative spearheaded by the ACLU of Illinois, was unanimously approved by the Illinois legislature in 2008. BIPA creates guidelines to protect the privacy and security of Illinois residents.
BIPA prohibits any private entity from selling or leasing, trading, or otherwise profiting from an individual’s or customer’s biometric information or identifiers, in addition to its notice and consent requirements. Retina or iris scans, fingerprints, voice prints, hand scans, facial geometry, DNA, and other biological information are examples of biometric identifiers.
The consumer or his/her legally authorized representative must consent to the collection, storage, and usage of the biometric information or identifier through a written release which must be collected and documented by the private entity.
The consumers should also be informed in writing through a notice stating the purpose for which the biometric information or identifier is being collected and for what length of time it shall be retained. The BIPA remains the most stringent biometric privacy law in the US and also provides consumers with protection by enabling them to sue businesses that violate it in court.
Securiti enables organizations to comply with Biometric Information Privacy Act (BIPA) through AI-driven PI data discovery, DSR automation, access Intelligence, documented accountability, data security, enhanced visibility into data processing activities, and AI-driven process automation.
Securiti supports enterprises in their journey toward compliance with Biometric Information Privacy Act (BIPA) through automation, enhanced data visibility, and identity linking.
See how our comprehensive platform helps you comply with various Biometric Information Privacy Act (BIPA) sections.
Request a demo today to learn how Securiti can aid you and your organization's compliance efforts.
With the help of our multi-regulation, collaborative, readiness, and privacy impact assessment system, you can measure your organization's posture against BIPA requirements, identify the gaps and address the risks. Expand assessment capabilities across your vendor ecosystem to maintain compliance against BIPA requirements.
Keep track of risks involved by continuously monitoring and scanning data against non-compliance to subject rights, security controls, or data residency.
BIPA §15(b), BIPA §20
Automate data breach response mechanism, including breach notifications to concerned stakeholders regarding data breach incidents, by leveraging a knowledge database on security incident diagnosis and response.
Securiti's Privacy Notice Creation and Management Solution allows organizations to transparently inform their users about any access or use of their personal data.
BIPA §15(b), BIPA §15(d)
Securiti's Consent Management Platform enables organizations to obtain individuals’ consent for data access, retrieval, and advertising purposes. It allows consent management as per the requirements of BIPA. Moreover, accurate consent status is recorded to demonstrate compliance.
Securiti’s Data Intelligence modules enable you to identify gaps and risks in your data processing and implement appropriate security controls.
BIPA is the only statute in the United States that grants a private right of action to anyone wronged by a violation.
BIPA only applies to private entities (individuals, partnerships, corporations, limited liability companies, organizations, or other groups).
BIPA does not apply to financial institutions or affiliates of financial institutions.
BIPA does not apply to contractors, subcontractors, or agents when they are engaged by a State agency or local government unit.
The negligent violation penalty is $1,000 or actual damages, whichever is greater.
Intentional or Reckless Violation penalty is $5,000 or actual damages, whichever is greater.
PO Box 13039,
Coyote CA 95013