Illinois - Breach Notification
This playbook helps an analyst determine if the breached data meets the criteria for breach notification according to Illinois law, and, if necessary, follows through with the notification procedures. DISCLAIMER: Please consult with your legal team before implementing this playbook. **Source:** http://www.ilga.gov/legislation/ilcs/ilcs3.asp?ActID=2702&ChapAct=815%C2%A0ILCS%C2%A0530/&ChapterID=67&ChapterName=BUSINESS+TRANSACTIONS&ActName=Personal+Information+Protection+Act. https://www.mintz.com/newsletter/2007/PrivSec-DataBreachLaws-02-07/state_data_breach_matrix.pdf
US - Breach Notification · 47 tasks · 7 inputs · 8 outputs
Inputs
ContactName— In case of a breach, the contact details to send to the Attorney General and the affected residents.ContactEmailAddress— In case of a breach, the contact details to send to the Attorney General and the affected residents.ContactTelNumber— In case of a breach, the contact details to send to the Attorney General and the affected residents.CompanyName—CompanyAddress— In case of a breach, the company details to display in the breach report.CompanyCity— In case of a breach, the company details to display in the breach report.CompanyCountry— In case of a breach, the company details to display in the breach report.
Outputs
PIICompromised— Set a flag indicating that PII has been compromised.HealthInsuranceBreached— Set a flag indicating that the breach contains PII of health insurance information.MedicalInformationBreached— Set a flag indicating that the breach contains PII of medical information.FinancialInformationBreached— Set a flag indicating that the breach contains PII of financial information.AccountInformationBreached— Set a flag indicating that the breach contains PII of account information.UniqueIdentificationNumberBreached— Set a flag indicating that the breach contains PII of unique identification number.UniqueBiometricDataBreached— Set a flag indicating that the breach contains PII of unique biometric data.Analyst review.Answers.1— Explain, in your words, the incident origin, what you have checked, and any information related to this incident.
Commands used
send-mail
setIncident