Ill. Admin. Code tit. 23, § 2700.55 - Use, Security and Confidentiality of Information
The personally identifiable information of an ISAC program applicant, participant or anyone named in any materials related to program participation, or personally identifiable information of an individual that ISAC accesses, receives or maintains in relation to its research or other activities, is considered confidential personal information and shall be governed by applicable State and federal privacy laws. All educational institutions, lenders, holders, servicers and other entities participating in ISAC-administered programs or activities shall be expected to know and comply with all applicable federal and State laws that govern the privacy, use, access and security of the confidential information. (See, e.g., the Data Processing Confidentiality Act [30 ILCS 585 ], the Family Educational Rights and Privacy Act of 1974 (20 USC 1232g) , the Identity Protection Act [5 ILCS 179 ] and the Gramm-Leach-Bliley Act (15 USC 6801-6809) .) The confidential information shall not be sold or used, shared or accessed for any purpose other than that which is directly related to the purpose for which the confidential information was provided to the participating entity. Participating entities shall be responsible for implementing appropriate security procedures to protect the integrity of the confidential information when accessed, stored, transmitted or received. This Section shall not apply to the publication of the names of State Scholars pursuant to 23 Ill. Adm. Code 2760.30.
Notes
State regulations are updated quarterly; we currently have two versions available. Below is a comparison between our most recent version and the prior quarterly release. More comparison features will be added as we have more versions to compare.
The personally identifiable information of an ISAC program applicant, participant or anyone named in any materials related to program participation, or personally identifiable information of an individual that ISAC accesses, receives or maintains in relation to its research or other activities, is considered confidential personal information and shall be governed by applicable State and federal privacy laws. All educational institutions, lenders, holders, servicers and other entities participating in ISAC-administered programs or activities shall be expected to know and comply with all applicable federal and State laws that govern the privacy, use, access and security of the confidential information. (See, e.g., the Data Processing Confidentiality Act [30 ILCS 585 ], the Family Educational Rights and Privacy Act of 1974 (20 USC 1232g) , the Identity Protection Act [5 ILCS 179 ] and the Gramm-Leach-Bliley Act (15 USC 6801-6809) .) The confidential information shall not be sold or used, shared or accessed for any purpose other than that which is directly related to the purpose for which the confidential information was provided to the participating entity. Participating entities shall be responsible for implementing appropriate security procedures to protect the integrity of the confidential information when accessed, stored, transmitted or received. This Section shall not apply to the publication of the names of State Scholars pursuant to 23 Ill. Adm. Code 2760.30.