BIOMETRIC IMPRESSIONS CORPORATION’S
BIOMETRIC INFORMATION RETENTION POLICY
I. LEGAL AUTHORITY
BioMetric Impressions Corporation’s acquisition, preservation and exchange of fingerprints is authorized under 28 U.S.C. 534, et seq. BioMetric Impressions Corporation’s retention policy is further governed in part by 740 ILCS 14/1, et seq. commonly known as the Illinois Biometric Information Privacy Act* (“BIPA”). Additional regulations and supplemental authorities include Federal statutes, State statutes, including Pub. L. 92-544, Presidential Executive Orders, and State and Federal regulations.
Definitions
BIPA provides definitions of certain terms contained within this retention policy (the “Policy”), unless otherwise defined within this Policy:
(1) “Biometric identifier” means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. Biometric identifiers do not include writing samples, written signatures, photographs, human biological samples used for valid scientific testing or screening, demographic data, tattoo descriptions, or physical descriptions such as height, weight, hair color, or eye color. Biometric identifiers do not include donated organs, tissues, or parts as defined in the Illinois Anatomical Gift Act or blood or serum stored on behalf of recipients or potential recipients of living or cadaveric transplants and obtained or stored by a federally designated organ procurement agency. Biometric identifiers do not include biological materials regulated under the Genetic Information Privacy Act. Biometric identifiers do not include information captured from a patient in a health care setting or information collected, used, or stored for health care treatment, payment, or operations under the federal Health Insurance Portability and Accountability Act of 1996. Biometric identifiers do not include an X-ray, roentgen process, computed tomography, MRI, PET scan, mammography, or other image or film of the human anatomy used to diagnose, prognose, or treat an illness or other medical condition or to further validate scientific testing or screening.
(2) “Biometric information” means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual. Biometric information does not include information derived from items or procedures excluded under the definition of biometric identifiers.
II. RETENTION POLICY
For all Biometric Data collected pursuant to Biometric Impressions’ contract with the Illinois Center for Management Services (“CMS”), Biometric Impressions must retain its records for a period of three years from the later of final payment under, or completion of, the CMS contract, at which point Biometric Impressions deletes and/or destroys all such records, including any Biometric Data, in its possession. Otherwise, Biometric Impressions deletes all Biometric Data in its possession within forty-five (45) days of capture, except when the Illinois State Police Requests resubmissions of Biometric Data within that 45 day period. In those circumstances, Biometric Impressions deletes all Biometric Data in its possession within 45 days of resubmission.
III. DESTRUCTION POLICY
Once the 45-day period or described above (“Retention Period”) has been reached, a “delete” process is initiated to destroy all Biometric Data. Such Biometric Data will no longer be accessible and will be permanently destroyed on the applicable computer backup system. All physical copies of materials containing Biometric Data are also destroyed upon the expiration of the Retention Period.
IV. THE TEAM
BioMetric Impressions Corporation is comprised of a team of licensed fingerprinting professionals who are responsible for overseeing and implementing the Policy.
V. MISCELLANEOUS QUESTIONS OR REQUESTS
A physical copy of this Policy is available upon request. Questions related to the Policy should be directed to BioMetric Impressions Corporation:
188 W. Industrial Dr. Suite 214B
Elmhurst, IL 60126
Phone: (833) 424-6467