How the state of Illinois is ramping up security for the information you enter online

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

MOLINE, Illinois — Illinois will join a growing number of states that are strengthening data breach notification requirements as well as expanding the definition of what's considered protected information.

Beginning in January 1, 2017, Illinois is adding three new categories of information to its list of what is protected online through the Personal Information Protection Act (PIPA).

Medical information, health insurance information, and unique biometric data are the three new categories added to the list, which currently includes social security number, driver's license number or state I.D. number, as well as credit and debit card information.

"Some of our non-profit clients have a significant amount of personal information that is requested and stored through the site and so we take a lot of safeguards," said Tom Terronez, owner of Davenport-based Terrostar Interactive Media.

The company develops several hundred websites per year, which vary from small businesses all the way up through multi-branded financial institutions.

When developing websites, Terrostar already takes a lot of safeguards to protect consumer's information so the PIPA changes have little impact on Terrostar. However, Terronez says ramping up the online security is a respectable thing for the state of Illinois to do, though enforcing those laws is equally important in order to truly enforce people's online security.

"Illinois PIPA is a good example. They've broadened the scope of what is considered protected," said Terronez.

The PIPA legislation requires companies to notify people if there is a security breach to your personal information.

"PIPA does effect us. We have employees in Illinois; we have roughly 1,000 employees in Illinois," said Dan Turner, Chief Information Officer of Per Mar Security.

The home-security company does not take personal information from its customers, but it does store the personal information of its employees. Turner says it is his job to make sure that information is safe along with all of the company's data.

"If something does happen, we have to report and that could effect peoples credit, peoples identity," said Turner.

Per Mar Security has a room at its home office in Davenport that Turner describes as the nerves of the company; servers are in a fire, wind, and water-proof room.

Lawmakers can create tougher online security legislation, website developers can take proper safeguards, and companies can maintain safe databases, but experts agree - it can come down to one wrong click to potentially invite a cyber attack.

People should look for the little green lock in the browser of your computer before entering any personal information, use a credit card when shopping online and be wary of emails from an obscure sender.