Article 25 - State Agency Use Of Electronic Records And Signatures


      (5 ILCS 175/Art. 25 heading)
ARTICLE 25. STATE AGENCY USE OF
ELECTRONIC RECORDS AND SIGNATURES

    (5 ILCS 175/25‑101)
    Sec. 25‑101. State agency use of electronic records.
    (a) Each State agency shall determine if, and the extent to which, it will send and receive electronic records and electronic signatures to and from other persons and otherwise create, use, store, and rely upon electronic records and electronic signatures.
    (b) In any case where a State agency decides to send or receive electronic records, or to accept document filings by electronic records, the State agency may, by appropriate agency rule (or court rule where appropriate), giving due consideration to security, specify:
        (1) the manner and format in which such electronic
     records must be created, sent, received, and stored;
        (2) if such electronic records must be signed, the
     type of electronic signature required, the manner and format in which such signature must be affixed to the electronic record, and the identity of, or criteria that must be met by, any third party used by the person filing the document to facilitate the process;
        (3) control processes and procedures as appropriate
     to ensure adequate integrity, security, confidentiality, and auditability of such electronic records; and
        (4) any other required attributes for such
     electronic records that are currently specified for corresponding paper documents, or reasonably necessary under the circumstances.
    (c) All rules adopted by a State agency shall include the relevant minimum security requirements established by the Department of Central Management Services, if any.
    (d) Whenever any rule of law requires or authorizes the filing of any information, notice, lien, or other document or record with any State agency, a filing made by an electronic record shall have the same force and effect as a filing made on paper in all cases where the State agency has authorized or agreed to such electronic filing and the filing is made in accordance with applicable rules or agreement.
    (e) Nothing in this Act shall be construed to require any State agency to use or to permit the use of electronic records or electronic signatures.
(Source: P.A. 90‑759, eff. 7‑1‑99.)

    (5 ILCS 175/25‑105)
    Sec. 25‑105. Department of Central Management Services to adopt State standards.
    (a) The Department of Central Management Services may adopt rules setting forth minimum security requirements for the use of electronic records and electronic signatures by State agencies.
    (b) The Department of Central Management Services shall specify appropriate minimum security requirements to be implemented and followed by State agencies for (1) the generation, use, and storage of key pairs, (2) the issuance, acceptance, use, suspension, and revocation of certificates, and (3) the use of digital signatures.
    (c) Each State agency shall have the authority to issue, or contract for the issuance of, certificates to (i) its employees and agents and (ii) persons conducting business or other transactions with such State agency and to take other actions consistent therewith, including the establishment of repositories and the suspension or revocation of certificates so issued, provided that the foregoing is conducted in accordance with all the rules, procedures, and policies specified by the Department of Central Management Services. The Department of Central Management Services shall have the authority to specify the rules, procedures, and policies whereby State agencies may issue or contract for the issuance of certificates.
    (d) The Department of Central Management Services may specify appropriate minimum standards and requirements that must be satisfied by a certification authority before:
        (1) its services are used by any State agency for
     the issuance, publication, revocation, and suspension of certificates to such agency, or its employees or agents (for official use); or
        (2) the certificates it issues will be accepted for
     purposes of verifying digitally signed electronic records sent to any State agency by any person.
    (e) Where appropriate, the rules adopted by the Department of Central Management Services pursuant to this Section shall specify differing levels of minimum standards from which implementing State agencies can select the standard most appropriate for a particular application.
    (f) The General Assembly, through the Joint Committee on Legislative Support Services, and the Supreme Court, separately for the respective branches, may adopt rules setting forth the minimum security requirements for the use of electronic records and electronic signatures by the respective branches. The rules shall generally be consistent with the rules adopted by the Department of Central Management Services. The Joint Committee on Legislative Support Services and the Supreme Court may also accept the rules adopted by the Department of Central Management Services for the use of electronic records and electronic signatures by the respective branches.
    (g) Except as provided in subsection (f) and in Section 25‑101, the Department of Central Management Services shall have exclusive authority to adopt rules authorized by this Section.
(Source: P.A. 90‑759, eff. 7‑1‑99.)

    (5 ILCS 175/25‑115)
    Sec. 25‑115. Interoperability. To the extent reasonable under the circumstances, rules adopted by the Department of Central Management Services or a State agency relating to the use of electronic records or electronic signatures shall be drafted in a manner designed to encourage and promote consistency and interoperability with similar requirements adopted by government agencies of other states and the federal government.
(Source: P.A. 90‑759, eff. 7‑1‑99.)