biometric

Subscribe to biometric via RSS

An Illinois state appellate court’s recent ruling will impact how companies consider compliance with Illinois’ Biometric Information Privacy Act (BIPA). That court ruled companies must have a BIPA-compliant written retention-and-destruction policy in place before collecting and possessing biometric data. The decision makes clear that mere possession of biometric data triggers the duty to develop the necessary written BIPA policy. In relevant part, under BIPA’s section 15(a), companies must establish a written, publicly-available policy that governs their retention and destruction of biometric data.Continue Reading Illinois Appellate Court Weighs in on Biometric Data Policies

California recently updated both its data security and breach notice laws to include genetic data. With the passage of AB 825, the data security law now includes in the definition of “personal information” genetic data. The information needs to be “reasonably protected.” While many other states have similar “reasonable protection” requirements in their data security laws, California is one of a handful to specifically list genetic information.
Continue Reading California Broadens Security and Breach Laws, Includes Genetic Data