Chapter 15 – Freedom of Information

CHAPTER 15

ARTICLE I – FREEDOM OF INFORMATION PROCEDURE

(adopted September 8, 2011 by the Village of Louisville, IL)

15-1-1 DEFINITIONS. For the purposes of this Chapter the following definitions shall apply unless the context clearly indicates or requires a different meaning.

(a) “Public body” means all legislative, executive, administrative, or advisory bodies of the State, state universities and colleges, counties, townships, cities, villages, incorporated towns, school districts and all other municipal corporations, boards, bureaus, committees, or commissions of this State, any subsidiary bodies of any of the foregoing including but not limited to committees and subcommittees thereof, and a School Finance Authority created under Article 1E of the School Code. “Public body” does not include a child death review team or the Illinois Child Death Review Teams Executive Council established under the Child Death Review Team Act. The term public body or Village as used herein specifically refers to the Village of Louisville, Illinois.

(b) “Person” or Requester means any individual, corporation, partnership, firm, organization or association, acting individually or as a group.

(c) “Public records” means all records, reports, forms, writings, letters, memoranda, books, papers, maps, photographs, microfilms, cards, tapes, recordings, electronic data processing records, electronic communications, including e-mails, recorded information and all other documentary materials pertaining to the transaction of public business, regardless of physical form or characteristics, having been prepared by or for, or having been or being used by, received by, in the possession of, or under the control of any public body. A public record that is not in the possession of a public body but is in the possession of a party with whom the agency has contracted to perform a governmental function on behalf of the public body, and that directly relates to the governmental function and is not otherwise exempt under this Act, shall be considered a public record of the public body, for purposes of this Chapter.

(d) “Private information” means unique identifiers, including a person’s social security number, driver’s license number, employee identification number, biometric identifiers, personal financial information, passwords or other access codes, medical records, home or personal telephone numbers, and personal email addresses. Private information also includes home address and personal license plates, except as otherwise provided by law or when compiled without possibility of attribution to any person.

(e) “Commercial purpose” means the use of any part of a public record or records, or information derived from public records, in any form for sale, resale, or solicitation or advertisement for sales or services. For purposes of this definition, requests made by news media and nonprofit, scientific, or academic organizations shall not be considered to be made for a “commercial purpose” when the principal purpose of the request is (i) to access and disseminate information concerning news and current or passing events, (ii) for articles of opinion or features of interest to the public, or (iii) for the purpose of academic, scientific, or public research or education.

(f) “Copying” means the reproduction of any public record by means of any photographic, electronic, mechanical or other process, device or means now known or hereafter developed and available to the public body.

(g) “Head of the public body” means the president, mayor, chairman, presiding officer, director, superintendent, manager, supervisor or individual otherwise holding primary executive and administrative authority for the public body, or such person’s duly authorized designee.

(h) “News media” means a newspaper or other periodical issued at regular intervals whether in print or electronic format, a news service whether in print or electronic format, a radio station, a television station, a television network, a community antenna television service, or a person or corporation engaged in making news reels or other motion picture news for public showing.

(i) Business day or working day is a regular day of the week (Monday through Friday)

when public offices and most businesses are open. Saturdays, Sundays and legal holidays are not business days and shall not be counted in the 5 business day time period for responding to a Freedom of Information request.

(j) Freedom of Information Act or Act or FOIA refers to the Illinois Freedom of Information Act as now codified or hereafter amended at 5 ILCS 140/1 et seq.

(k) Recurrent requester, as used in Section 15-1-16 of this Code, means a person that, in the 12 months immediately preceding the request, has submitted to the same public body (i) a minimum of 50 requests for records, (ii) a minimum of 15 requests for records within a 30-day period, or (iii) a minimum of 7 requests for records within a 7-day period. For purposes of this definition, requests made by news media and non-profit, scientific, or academic organizations shall not be considered in calculating the number of requests made in the time periods in this definition when the principal purpose of the requests is (i) to access and disseminate information concerning news and current or passing events, (ii) for articles of opinion or features of interest to the public, or (iii) for the purpose of academic, scientific, or public research or education.For the purposes of this subsection (k), “request” means a written document (or oral request, if the public body chooses to honor oral requests) that is submitted to a public body via personal delivery, mail, telefax, electronic mail, or other means available to the public body and that identifies the particular public record the requester seeks. One request may identify multiple records to be inspected or copied.

15-1-2 POLICY. It is declared to be the public policy of the Village that all persons are entitled to full and complete information regarding the affairs of the Village pursuant to the Freedom of Information Act. The official acts and policies of the public officials and public employees of the Village shall be consistent with the terms of this Chapter and that Act. If any provision of this Chapter should conflict with the Act, the terms of the Act shall prevail. All provisions of the Act shall be deemed incorporated into this Chapter by reference.

15-1-3 FREEDOM OF INFORMATION OFFICER(S); OPEN MEETINGS ACT OFFICER(S). The Village Clerk and the Village Treasurer are hereby designated the Freedom of Information Act Officers of the Village. The Village may also designate such other persons as Freedom of Information Act Officers as the Village deems appropriate. All such designated Freedom of Information Act Officers shall be trained in accordance with the Act. (All designated Freedom of Information Act Officers shall also be designated as the Open Meetings Acct Officers of the Village and shall be trained in accordance with the Open Meetings Act.) The Office of the Public Access Counselor shall be informed of the names of those persons so designated as Freedom of Information Act Officers and as Open Meetings Act Officers. Except in instances when records are furnished immediately, Freedom of Information Officers, or their designees, shall receive requests submitted to the public body under this Act, ensure that the Village responds to requests in a timely fashion, and issue responses under this Act. Freedom of Information Officers shall develop a list of documents or categories of records that the public body shall immediately disclose upon request.

Upon receiving a request for a public record, the Freedom of Information Officer shall:

(1) note the date the public body receives the written request;

(2) compute the day on which the period for response will expire and make a notation of that date on the written request;

(3) maintain an electronic or paper copy of a written request, including all documents submitted with the request until the request has been complied with or denied; and

(4) create a file for the retention of the original request, a copy of the response, a record of written communications with the requester, and a copy of other communications.

15-1-4 PUBLIC RECORDS AVAILABLE; PREVAILING WAGE PAYROLLS; PUBLIC FUNDS RECORDS. The Village shall make available to any person for inspection or copying all public records, as provided in the Freedom of Information Act, except as to those public records considered exempt under the Act, and shall certify the same if so requested. Such records specifically include the following:

(A) All records relating to the obligation, receipt, and use of public funds of the Village.

(B) All certified payroll records submitted to the Village pursuant to the Prevailing Wage Act, except that contractors employees addresses, telephone numbers, and social security numbers must be redacted by the Village prior to disclosure.

15-1-5 REQUESTS TO BE IN WRITING. All requests for inspection or copying of public records must be in writing and should be addressed to the Freedom of Information Officer, but can be delivered to any employee or officer of the Village, who shall immediately forward the same to the Freedom of Information Officer. The Village shall accept any written request make by mail, personal delivery, fax, email or other means available. Oral requests for records shall not be accepted. The requester should, but is not required to, include the following information in any request for public records:

(A) The requesters full name, mailing address and telephone number at which the requester can be reached during normal business hours (requests may be made anonymously, but adequate information must be provided to allow the Village to fulfill the request);

(B) A description of the records sought, being as specific as possible, and the format desired for any copies requested (i.e. paper copy, electronic copy, type of electronic format, etc.), and whether such copies should be certified;

(C) A statement as to whether the request is for inspection, copying, or both, and as to whether the request is for commercial benefit purposes. If a copying fee waiver or reduction is requested, the statement should so indicate that request and also provide information sufficient for the public body to determine that a fee waiver or reduction is in the public interest. The requester is not required to provide a purpose for the request unless he is requesting a fee waiver or reduction.

(D) A statement as to whether the requester desires to pick up the requested copies or have them mailed to the requester. Certain postage costs may be charged to the requester (see below).

The Freedom of Information Officer shall make available a form for use by requesters (see attached sample request form); however, no request shall be denied for failure to use any particular form. The requester shall be provided the times and places where records will be made available and the persons from whom such records may be obtained.

15-1-6 FEES AND COPYING.

(A) When a person requests a copy of a record maintained in an electronic format, the public body shall furnish it in the electronic format specified by the requester, if feasible. If it is not feasible to furnish the public records in the specified electronic format, then the public body shall furnish it in the format in which it is maintained by the public body, or in paper format at the option of the requester. A public body may charge the requester only for the actual cost of purchasing the recording medium, whether disc, diskette, tape, or other medium. (For example, if information is produced on CDs, the Village may only charge the actual cost of purchasing the CDs). A public body may not charge the requester for the costs of any search for and review of the records or other personnel costs associated with reproducing the records, except for commercial requests as provided in subsection (F) of this Section. Except to the extent that the General Assembly expressly provides, statutory fees applicable to copies of public records when furnished in a paper format shall not be applicable to those records when furnished in an electronic format.

 

(B) Except when a fee is otherwise fixed by statute, each public body may charge fees reasonably calculated to reimburse its actual cost for reproducing and certifying public records and for the use, by any person, of the equipment of the public body to copy records. No fees shall be charged for the first 50 pages of black and white, letter or legal sized copies requested by a requester. The fee for black and white, letter or legal sized copies shall not exceed 15 cents per page. If a public body provides copies in color or in a size other than letter or legal, the public body may not charge more than its actual cost for reproducing the records. In calculating its actual cost for reproducing records or for the use of the equipment of the public body to reproduce records, a public body shall not include the costs of any search for and review of the records or other personnel costs associated with reproducing the records, except for commercial requests as provided in subsection (F) of this Section. Such fees shall be imposed according to a standard scale of fees, established and made public by the body imposing them. The cost for certifying a record shall not exceed $1.

(C) The public body may NOT charge postage costs for mailing any amount of copies by regular U.S. Mail to the requester if he requests that the records be mailed to him instead of picking up the records from the location designated for providing records to requesters. However, if the requester asks that the records be sent to him by means other than regular U.S. Mail, then that cost may be charged to the requester. The public body MAY require that all allowed fees and costs be paid by the requester prior to the copying and provision of the requested records.

(D) Documents shall be furnished without charge or at a reduced charge, as determined by the public body, if the person requesting the documents states:

(1) the specific purpose for the request and indicates that a waiver or reduction of the fee is in the public interest.

(2) a waiver or reduction of the fee is in the public interest if the principal purpose of the request is:

[A] to access and disseminate information regarding the health, safety and welfare or the legal rights of the general public, and

[B] is not for the principal purpose of personal or commercial benefit.

(3) for purposes of this subsection, “commercial benefit” shall not apply to requests made by news media when the principal purpose of the request is to access and disseminate information regarding the health, safety, and welfare or the legal rights of the general public.

(4) in setting the amount of the waiver or reduction, the public body may take into consideration the amount of materials requested and the cost of copying them.

(E) The imposition of a fee not consistent with the above subsections (A) and (B) of this Section constitutes a denial of access to public records for the purposes of judicial review.

(F) A public body may charge up to $10 per each hour spent by personnel in searching for and retrieving a requested record. No fees shall be charged for the first 8 hours spent by personnel in searching for or retrieving a requested record. A public body may charge the actual cost of retrieving and transporting public records from an off-site storage facility when the public records are maintained by a third-party storage company under contract with the public body. If a public body imposes a fee pursuant to this subsection (F), it must provide the requester with an accounting of all fees, costs, and personnel hours in connection with the request for public records. The provisions of this subsection (F) apply only to commercial requests.

15-1-7 TIME LIMIT FOR COMPLIANCE WITH REQUEST (NONCOMMERCIAL).

(A) Except for requests made for commercial purposes, the Village shall promptly either comply with or deny a request for public records within 5 business days after the Villages receipt of the request (not necessarily when the Freedom of Information Act Officer becomes aware of the request), unless the time for response is properly extended as hereafter noted. (The day that the request is received does not count as one of the 5 business days.) Denial shall be in writing as hereafter noted. Failure to comply with a written request, extend the time for response, or deny a request within 5 business days after its receipt shall be considered a denial of the request. A public body that fails to respond to a request within the requisite periods in this Section but thereafter provides the requester with copies of the requested public records may not impose a fee for such copies. A public body that fails to respond to a request received may not treat the request as unduly burdensome as hereafter noted.

(B) The time for response under this Section may be extended by the public body for not more than 5 business days from the original due date for any of the following reasons:

(i) the requested records are stored in whole or in part at other locations than the office having charge of the requested records;

(ii) the request requires the collection of a substantial number of specified records;

(iii) the request is couched in categorical terms and requires an extensive search for the records responsive to it;

(iv) the requested records have not been located in the course of routine search and additional efforts are being made to locate them;

(v) the requested records require examination and evaluation by personnel having the necessary competence and discretion to determine if they are exempt from disclosure under Section 7 of the Act or should be revealed only with appropriate deletions;

(vi) the request for records cannot be complied with by the public body within the time limits prescribed by paragraph (A) of this Section without unduly burdening or interfering with the operations of the public body;

(vii) there is a need for consultation, which shall be conducted with all practicable speed, with another public body or among two or more components of a public body having a substantial interest in the determination or in the subject matter of the request.

The person making a request and the public body may agree in writing to extend the time for compliance for a period to be determined by the parties. If the requester and the public body agree to extend the period for compliance, a failure by the public body to comply with any previous deadlines shall not be treated as a denial of the request for the records.

(C) When additional time is required for any of the above reasons, the public body shall, within 5 business days after receipt of the request, notify the person making the request of the reasons for the extension and the date by which the response will be forthcoming. Failure to respond within the time permitted for extension shall be considered a denial of the request. A public body that fails to respond to a request within the time permitted for extension but thereafter provides the requester with copies of the requested public records may not impose a fee for those copies. A public body that requests an extension and subsequently fails to respond to the request may not treat the request as unduly burdensome as hereafter noted.

15-1-8 UNDULY BURDENSOME REQUEST.

(A) Requests calling for all records falling within a category shall be complied with unless compliance with the request would be unduly burdensome for the complying public body and there is no way to narrow the request and the burden on the public body outweighs the public interest in the information. Before invoking this exemption, the public body shall extend to the person making the request an opportunity to confer with it in an attempt to reduce the request to manageable proportions. If any body responds to a categorical request by stating that compliance would unduly burden its operation and the conditions described above regarding time limits for compliance with a request are met, it shall do so in writing, specifying the reasons why it would be unduly burdensome and the extent to which compliance will so burden the operations of the public body. Such a response shall be treated as a denial of the request for information.

(B) Repeated requests from the same person for the same records that are unchanged or identical to records previously provided or properly denied under this Act shall be deemed unduly burdensome under this provision. A request is deemed as repeated when the same identical request has been made three times or more.

15-1-9 TIME LIMITS FOR REQUESTS FOR COMMERCIAL PURPOSES.

(A) A public body shall respond as follows to a request for records to be used for a commercial purpose within 21 working days after receipt. The response shall (i) provide to the requester an estimate of the time required by the public body to provide the records requested and an estimate of the fees to be charged, which the public body may require the person to pay in full before copying the requested documents, (ii) deny the request pursuant to one or more of the exemptions set out in the Act, (iii) notify the requester that the request is unduly burdensome and extend an opportunity to the requester to attempt to reduce the request to manageable proportions, or (iv) provide the records requested.

(B) Unless the records are exempt from disclosure, a public body shall comply with a request within a reasonable period considering the size and complexity of the request, and giving priority to records requested for noncommercial purposes.

(C) It is a violation of the Act for a person to knowingly obtain a public record for a commercial purpose without disclosing that it is for a commercial purpose, if requested to do so by the public body.

15-1-10 CERTAIN INFORMATION EXEMPT FROM INSPECTION AND COPYING. Information exempted by 5 ILCS Sec. 140/7 and 5 ILCS Sec. 140/7.5 of the Freedom of Information Act shall be exempt from inspection and copying. If a record contains both exempt and nonexempt information, the exempt information shall be deleted by redaction and the remainder of the record made available for inspection and copying. Subject to this requirement, the exemptions shall include, but are not limited to, the following:

(A) Information specifically prohibited from disclosure by federal or State law or rules and regulations implementing federal or State law.

(B) Private information, unless disclosure is required by another provision of the Act, a State or federal law or a court order.

(C) Personal information contained within public records, the disclosure of which would constitute a clearly unwarranted invasion of personal privacy, unless the disclosure is consented to in writing by the individual subjects of the information. “Unwarranted invasion of personal privacy” means the disclosure of information that is highly personal or objectionable to a reasonable person and in which the subject’s right to privacy outweighs any legitimate public interest in obtaining the information. The disclosure of information that bears on the public duties of public employees and officials shall not be considered an invasion of personal privacy.

(D) Records in the possession of any public body created in the course of administrative enforcement proceedings, and any law enforcement or correctional agency for law enforcement purposes, but only to the extent that disclosure would:

(i) interfere with pending or actually and reasonably contemplated law enforcement proceedings conducted by any law enforcement or correctional agency that is the recipient of the request;

(ii) interfere with active administrative enforcement proceedings conducted by the public body that is the recipient of the request;

(iii) create a substantial likelihood that a person will be deprived of a fair trial or an impartial hearing;

(iv) unavoidably disclose the identity of a confidential source, confidential information furnished only by the confidential source, or persons who file complaints with or provide information to administrative, investigative, law enforcement, or penal agencies; except that the identities of witnesses to traffic accidents, traffic accident reports, and rescue reports shall be provided by agencies of local government, except when disclosure would interfere with an active criminal investigation conducted by the agency that is the recipient of the request;

(v) disclose unique or specialized investigative techniques other than those generally used and known or disclose internal documents of correctional agencies related to detection, observation or investigation of incidents of crime or misconduct, and disclosure would result in demonstrable harm to the agency or public body that is the recipient of the request;

(vi) endanger the life or physical safety of law enforcement personnel or any other person; or

(vii) obstruct an ongoing criminal investigation by the agency that is the recipient of the request.

(E) Records that relate to or affect the security of correctional institutions and detention facilities.

(F) Preliminary drafts, notes, recommendations, memoranda and other records in which opinions are expressed, or policies or actions are formulated, except that a specific record or relevant portion of a record shall not be exempt when the record is publicly cited and identified by the head of the public body.

(G) Trade secrets and commercial or financial information obtained from a person or business where the trade secrets or commercial or financial information are furnished under a claim that they are proprietary, privileged or confidential, and that disclosure of the trade secrets or commercial or financial information would cause competitive harm to the person or business, and only insofar as the claim directly applies to the records requested.

(i) All trade secrets and commercial or financial information obtained by a public body, including a public pension fund, from a private equity fund or a privately held company within the investment portfolio of a private equity fund as a result of either investing or evaluating a potential investment of public funds in a private equity fund. The exemption contained in this item does not apply to the aggregate financial performance information of a private equity fund, nor to the identity of the fund’s managers or general partners. The exemption contained in this item does not apply to the identity of a privately held company within the investment portfolio of a private equity fund, unless the disclosure of the identity of a privately held company may cause competitive harm.

Nothing contained in this paragraph (G) shall be construed to prevent a person or business from consenting to disclosure.

(H) Proposals and bids for any contract, grant, or agreement, including information which if it were disclosed would frustrate procurement or give an advantage to any person proposing to enter into a contractor agreement with the body, until an award or final selection is made. Information prepared by or for the body in preparation of a bid solicitation shall be exempt until an award or final selection is made.

 

(I) Valuable formulae, computer geographic systems, designs, drawings and research data obtained or produced by any public body when disclosure could reasonably be expected to produce private gain or public loss. The exemption for “computer geographic systems” provided in this paragraph (i) does not extend to requests made by news media as defined in Section 2 of the Act when the requested information is not otherwise exempt and the only purpose of the request is to access and disseminate information regarding the health, safety, welfare, or legal rights of the general public.

(J) The following information pertaining to educational matters:

(i) test questions, scoring keys and other examination data used to administer an academic examination;

(ii) information received by a primary or secondary school, college, or university under its procedures for the evaluation of faculty members by their academic peers;

(iii) information concerning a school or university’s adjudication of student disciplinary cases, but only to the extent that disclosure would unavoidably reveal the identity of the student; and

(iv) course materials or research materials used by faculty members.

(K) Architects’ plans, engineers’ technical submissions, and other construction related technical documents for projects not constructed or developed in whole or in part with public funds and the same for projects constructed or developed with public funds, including but not limited to power generating and distribution stations and other transmission and distribution facilities, water treatment facilities, airport facilities, sport stadiums, convention centers, and all government owned, operated, or occupied buildings, but only to the extent that disclosure would compromise security.

(L) Minutes of meetings of public bodies closed to the public as provided in the Open Meetings Act until the public body makes the minutes available to the public under Section 2.06. of the Open Meetings Act.

(M) Communications between a public body and an attorney or auditor representing the public body that would not be subject to discovery in litigation, and materials prepared or compiled by or for a public body in anticipation of a criminal, civil or administrative proceeding upon the request of an attorney advising the public body, and materials prepared or compiled with respect to internal audits of public bodies.

(N) Records relating to a public body’s adjudication of employee grievances or disciplinary cases; however, this exemption shall not extend to the final outcome of cases in which discipline is imposed.

(O) Administrative or technical information associated with automated data processing operations, including but not limited to software, operating protocols, computer program abstracts, file layouts, source listings, object modules, load modules, user guides, documentation pertaining to all logical and physical design of computerized systems, employee manuals, and any other information that, if disclosed, would jeopardize the security of the system or its data or the security of materials exempt under this Section.

(P) Records relating to collective negotiating matters between public bodies and their employees or representatives, except that any final contract or agreement shall be subject to inspection and copying.

(Q) Test questions, scoring keys, and other examination data used to determine the qualifications of an applicant for a license or employment.

(R) The records, documents and information relating to real estate purchase negotiations until those negotiations have been completed or otherwise terminated. With regard to a parcel involved in a pending or actually and reasonably contemplated eminent domain proceeding under the Eminent Domain Act, records, documents and information relating to that parcel shall be exempt except as may be allowed under discovery rules adopted by the Illinois Supreme Court. The records, documents and information relating to a real estate sale shall be exempt until a sale is consummated.

(S) Any and all proprietary information and records related to the operation of an intergovernmental risk management association or selfinsurance pool or jointly selfadministered health and accident cooperative or pool. Insurance or self insurance (including any intergovernmental risk management association or self insurance pool) claims, loss or risk management information, records, data, advice or communications.

(T) Information contained in or related to examination, operating, or condition reports prepared by, on behalf of, or for the use of a public body responsible for the regulation or supervision of financial institutions or insurance companies, unless disclosure is otherwise required by State law.

(U) Information that would disclose or might lead to the disclosure of secret or confidential information, codes, algorithms, programs, or private keys intended to be used to create electronic or digital signatures under the Electronic Commerce Security Act.

(V) Vulnerability assessments, security measures, and response policies or plans that are designed to identify, prevent, or respond to potential attacks upon a community’s population or systems, facilities, or installations, the destruction or contamination of which would constitute a clear and present danger to the health or safety of the community, but only to the extent that disclosure could reasonably be expected to jeopardize the effectiveness of the measures or the safety of the personnel who implement them or the public. Information exempt under this item may include such things as details pertaining to the mobilization or deployment of personnel or equipment, to the operation of communication systems or protocols, or to tactical operations.

(W) (This subparagraph deliberately left blank.)

(X) Maps and other records regarding the location or security of generation, transmission, distribution, storage, gathering, treatment, or switching facilities owned by a utility, by a power generator, or by the Illinois Power Agency.

(Y) Information contained in or related to proposals, bids, or negotiations related to electric power procurement under Section 175 of the Illinois Power Agency Act and Section 16111.5 of the Public Utilities Act that is determined to be confidential and proprietary by the Illinois Power Agency or by the Illinois Commerce Commission.

(Z) Information prohibited from being disclosed by the Illinois Personnel Records Review Act. (820 ILCS 40/1 et seq), including but not limited to records of a disciplinary report, letter of reprimand, or other disciplinary action of an employee of the Village when a third party is requesting such records of that employee, until written notice is provided pursuant to said Act prior to the date of disclosure of such records.

(AA) Certified payroll records submitted to the Village pursuant to the Prevailing Wage Act are NOT exempt, except that contractors employees addresses, telephone numbers, and social security numbers MUST be redacted by the Village prior to disclosure.

15-1-11 NOTICE OF DENIAL OF REQUEST; APPEALS.

(A) Each public body denying a request for public records shall notify the requester in writing of the decision to deny the request, the reasons for the denial, including a detailed factual basis for the application of any exemption claimed, and the names and titles or positions of each person responsible for the denial. Each notice of denial by a public body shall also inform such person of the right to review by the Public Access Counselor and provide the address and phone number for the Public Access Counselor. A person whose request to inspect or copy a public record is denied by the Village may file a request for review with the Public Access Counselor established in the Office of the Attorney General not later than 60 days after the date of the final denial. The request for review must be in writing, signed by the requester, and include (i) a copy of the request for access to records and (ii) any responses from the public body. Each notice of denial provided to the requester shall also inform such person of his right to judicial review under Section 11 of the Freedom of Information Act.

(i) The contact information for the Public Access Counselor is:

Public Access Counselor

Public Access Bureau

500 S. 2nd Street

Springfield, IL 62706

217-558-0486

publicaccess@atg.state.il.us

(ii) Information regarding right to judicial review.

(a) Any person denied access to inspect or copy any public record by a public body may file suit for injunctive or declaratory relief.

(b) Where the denial is from a public body of the State, suit may be filed in the circuit court for the county where the public body has its principal office or where the person denied access resides.

(c) Where the denial is from a municipality or other public body, except as provided in subsection (b) of this subsection, suit may be filed in the circuit court for the county where the public body is located.

(d) The circuit court shall have the jurisdiction to enjoin the public body from withholding public records and to order the production of any public records improperly withheld from the person seeking access. If the public body can show that exceptional circumstances exist, and that the body is exercising due diligence in responding to the request, the court may retain jurisdiction and allow the agency additional time to complete its review of the records.

(e) On motion of the plaintiff, prior to or after in camera inspection, the court shall order the public body to provide an index of the records to which access has been denied. The index shall include the following:

(i) A description of the nature or contents of each document withheld, or each deletion from a released document, provided, however, that the public body shall not be required to disclose the information which it asserts is exempt; and

(ii) A statement of the exemption or exemptions claimed for each such deletion or withheld document.

(f) In any action considered by the court, the court shall consider the matter de novo, and shall conduct such in camera examination of the requested records as it finds appropriate to determine if such records or any part thereof may be withheld under any provision of this Act. The burden shall be on the public body to establish that its refusal to permit public inspection or copying is in accordance with the provisions of this Act. Any public body that asserts that a record is exempt from disclosure has the burden of proving that it is exempt by clear and convincing evidence.

(g) In the event of noncompliance with an order of the court to disclose, the court may enforce its order against any public official or employee so ordered or primarily responsible for such noncompliance through the court’s contempt powers.

(h) Except as to causes the court considers to be of greater importance, proceedings arising under this Section shall take precedence on the docket over all other causes and be assigned for hearing and trial at the earliest practicable date and expedited in every way.

(i) If a person seeking the right to inspect or receive a copy of a public record prevails in a proceeding under this subsection, the court shall award such person reasonable attorneys’ fees and costs. In determining what amount of attorney’s fees is reasonable, the court shall consider the degree to which the relief obtained relates to the relief sought.

(j) If the court determines that a public body willfully and intentionally failed to comply with this Act, or otherwise acted in bad faith, the court shall also impose upon the public body a civil penalty of not less than $2,500 nor more than $5,000 for each occurrence. In assessing the civil penalty, the court shall consider in aggravation or mitigation the budget of the public body and whether the public body has previously been assessed penalties for violations of the Act.

(B) When a request for public records is denied on the grounds that the records are exempt under Section 7 of the Freedom of Information Act (or Section 15-1-10 herein), the notice of denial shall specify the exemption claimed to authorize the denial and the specific reasons for the denial, including a detailed factual basis and a citation to supporting legal authority. Copies of all notices of denial shall be retained by each public body in a single central office file that is open to the public and indexed according to the type of exemption asserted and, to the extent feasible, according to the types of records requested.

(C) Any person making a request for public records shall be deemed to have exhausted his or her administrative remedies with respect to that request if the public body fails to act within the time periods provided herein this Chapter.

(D) A person whose request to inspect or copy a public record is made for a commercial purpose as defined in subsection (e) of Section 15-1-1 of this Article may not file a request for review with the Public Access Counselor. A person whose request to inspect or copy a public record was treated by the public body as a request for commercial purpose under Section 15-1-9 of this Article may file a request for review with the Public Access Counselor for the limited purpose of reviewing whether the public body properly determined that the request was made for a commercial purpose.

15-1-12 GRANTING OF REQUEST; PROCEDURE FOR INSPECTION. When a freedom of information request is granted, the documents will be made available for inspection at the Village Hall during regular business hours. Copies shall be made upon request as set forth herein.

15-1-13 WRITTEN REQUEST NOT REQUIRED FOR CERTAIN DOCUMENTS. The following documents shall be made available for inspection and copying without a written request; however, the requester shall contact the Freedom of Information Act Officer in advance to set a mutually convenient time. These documents, if copied, shall be subject to the copying fee set forth herein.

(A) Ordinances and written resolutions.

(B) The journal (i.e. minutes) of the Village Board, not including executive session minutes.

(C) Any personnel code, building code, other technical code, or any other regulation of the Village adopted by the Village, whether by ordinance, resolution or otherwise.

15-1-14 DISSEMINATION OF INFORMATION ABOUT PUBLIC BODIES. The Village shall prominently display at the Village Hall, make available for inspection and copying without charge, and shall send through the mail if requested at no charge, each of the following:

(A) A brief description of itself, which will include, but not be limited to a short summary of its purpose, a block diagram giving its functional subdivisions, the total amount of its operating budget, the number and location of all of its separate offices, the approximate number of full and part-time employees, and the identification and membership of any board, commission, committee, or council which operates in an advisory capacity relative to the operation of the public body, or which exercises control over its policies or procedures, or to which the public body is required to report and be answerable for its operations; and

(B) A brief description of the methods whereby the public may request information and public records, a directory designating the Freedom of Information Act Officer or Officers, the addresses where requests for public records should be directed, and any fees allowable under the Act.

(C) The Village shall post this information on its website if it maintains one.

15-1-15 LIST OF CATEGORIES OF RECORDS. As to public records prepared or received after the effective date of this Chapter, the Freedom of Information Act Officer shall maintain and make available for inspection and copying a reasonably current list of all types or categories of records under its control. The list shall be reasonably detailed in order to aid persons in obtaining access to public records pursuant to the Act. The Freedom of Information Act Officer shall furnish upon request a description of the manner in which public records stored by means of electronic data processing may be obtained in a form comprehensible to persons lacking knowledge of computer language or printout format.

15-1-16 RECURRENT REQUESTERS.

(A) Notwithstanding any provision of this Article to the contrary, a public body shall respond to a request from a recurrent requester, as defined in subsection (k) of Section 15-1-1, within 21 business days after receipt. The response shall (I) provide to the requester an estimate of the time required by the public body to provide the records requested and an estimate of the fees to be charged, which the public body may require the person to pay in full before copying the requested documents, (ii) deny the request pursuant to one or more of the exemptions set out in this Article, (iii) notify the requester that the request is unduly burdensome and extend an opportunity to the requester to attempt to reduce the request to manageable proportions, or (iv) provide the records requested.

(B) Within 5 business days after receiving a request from a recurrent requester, as defined in subsection (k) of Section 15-1-1, the public body shall notify the requester (I) that the public body is treating the request as a request under subsection (k) of Section 15-1-1, (ii) of the reasons why the public body is treating the request as a request under subsection (k) of Section 15-1-1, and (iii) that the public body will send an initial response within 21 business days after receipt in accordance with subsection (A) of this Section.

(C) Unless the records are exempt from disclosure, a public body shall comply with a request within a reasonable period considering the size and complexity of the request.

(See 5 ILCS Sec. 140/1 et seq.)

 

ARTICLE II – IDENTITY PROTECTION POLICY

15-2-1 The following is adopted as the Village’s Identity Protection Policy:

Board of Trustees Approval: June 17, 2010

Effective Date: July 1, 2010

This policy is to comply with Public Act 096-0874 of the State of Illinois, codified at 5 ILCS 140/1 et seq , cited as the Identity Protection Act.

1. Definitions.

“Person” means any official, such as village trustee, mayor, clerk, or treasurer (whether elected or appointed), any officer, such as deputy clerk or superintendent, or any individual in the employ of the Village of Louisville, Illinois.

“Publicly post” or “publicly display” means to intentionally communicate or otherwise intentionally make available to the general public.

2. Prohibited Activities.

(a) Beginning July 1, 2010, no official (whether elected or appointed), officer or employee of the Village of Louisville shall do any of the following:

(1) Publicly post or publicly display in any manner an individual’s social security number.

(2) Print an individual’s social security number on any card required for the individual to access products or services provided by the person or entity.

(3) Require an individual to transmit his or her social security number over the

Internet, unless the connection is secure or the social security number is encrypted.

(4) Print an individual’s social security number on any materials that are mailed to the individual, through the U.S. Postal Service, any private mail service, electronic mail, or any similar method of delivery, unless State or federal law requires the social security number to be on the document to be mailed. Notwithstanding any provision in this Section to the contrary, social security numbers may be included in applications and forms sent by mail, including, but not limited to, any material mailed in connection with the administration of the Unemployment Insurance Act, any material mailed in connection with any tax administered by the Department of Revenue, and documents sent as part of an application or enrollment process or to establish, amend, or terminate an account, contract, or policy or to confirm the accuracy of the social security number. A social security number that may permissibly be mailed under this Section may not be printed, in whole or in part, on a postcard or other mailer that does not require an envelope or be visible on an envelope without the envelope having been opened.

(b) Except as otherwise provided in this policy, beginning July 1, 2010, no official (whether elected or appointed), officer or employee of the Village of Louisville shall do any of the following:

(1) Collect, use, or disclose a social security number from an individual, unless (i) required to do so under State or federal law, rules, or regulations, or the collection, use, or disclosure of the social security number is otherwise necessary for the performance

of that agency’s duties and responsibilities; (ii) the need and purpose for the social security number is documented before collection of the social security number; and (iii) the social security number collected is relevant to the documented need and purpose.

(2) Require an individual to use his or her social security number to access an

Internet website.

(3) Use the social security number for any purpose other than the purpose for which it was collected.

(c) The prohibitions noted in the above subsection (b) do not apply in the following circumstances:

(1) The disclosure of social security numbers to agents, employees, contractors, or subcontractors of the Village of Louisville or disclosure to another governmental entity or its agents, employees, contractors, or subcontractors if disclosure is necessary in order for the entity to perform its duties and responsibilities; and, if disclosing to a contractor or subcontractor, prior to such disclosure, the official, officer or employee of the Village of Louisville must first receive from the contractor or subcontractor a copy of the contractor’s or subcontractor’s policy that sets forth how the requirements imposed under this Policy on the Village of Louisville to protect an individual’s social security number will be achieved.

(2) The disclosure of social security numbers pursuant to a court order, warrant, or subpoena.

(3) The collection, use, or disclosure of social security numbers in order to ensure the safety of: Village of Louisville employees; persons committed to correctional facilities, local jails, and other law-enforcement facilities or retention centers; wards of the State; and all persons working in or visiting a Village of Louisville facility.

(4) The collection, use, or disclosure of social security numbers for internal verification or administrative purposes.

(5) The collection or use of social security numbers to investigate or prevent frau

d, to conduct background checks, to collect a debt, to obtain a credit report from a consumer reporting agency under the federal Fair Credit Reporting Act, to undertake any permissible purpose that is enumerated under the federal Gramm Leach Bliley Act, or to locate a missing person, a lost relative, or a person who is due a benefit, such as a pension benefit or an unclaimed property benefit.

(d) If the Village of Louisville has adopted or so adopts in the future any other standards for the collection, use, or disclosure of social security numbers which are stricter than the standards under this policy with respect to the protection of those social security numbers, then, in the event of any conflict with the provisions of this policy, the stricter standards adopted by the Village of Louisville shall control.

3. Public inspection and copying of documents.

Notwithstanding any other provision of this policy to the contrary, all officials, officers and employees of the Village of Louisville must comply with the provisions of any other State law with respect to allowing the public inspection and copying of information or documents containing all or any portion of an individual’s social security number. All officials, officers and employees of the Village of Louisville must redact social security numbers from the information or documents before allowing the public inspection or copying of the information or documents.

4. Applicability.

(a) This policy does not apply to the collection, use, or disclosure of a social security number as required by State or federal law, rule, or regulation.

(b) This policy does not apply to documents that are required to be open to the public under any State or federal law, rule, or regulation, applicable case law, Supreme Court Rule, or the Constitution of the State of Illinois.

5. Compliance with federal law. If a federal law takes effect requiring any federal agency to establish a national unique patient health identifier program, the Village of Louisville shall follow that law.

6. Embedded social security numbers. Beginning December 31, 2009, no official, officer or employee of the Village of Louisville may encode or embed a social security number in or on a card or document, including, but not limited to, using a bar code, chip, magnetic strip, RFID technology, or other technology, in place of removing the social security number as required by this policy.

7. Identity protection policy requirements.

(a) All officials, officers, and employees of the Village of Louisville who are identified as having access to social security numbers in the course of performing their duties shall be trained to protect the confidentiality of social security numbers. Training shall include instructions on the proper handling of information that contains social security numbers from the time of collection through the destruction of the information. The Village Clerk and the Village Treasurer are hereby designated as Village personnel who shall have access to social security numbers. The Village may also designate such other persons to have access as the Village deems appropriate. All such persons so designated shall be trained in accordance with the Act.

(b) Only those officials, officers, and employees who are required to use or handle information or documents which contain social security numbers shall have access to such information or documents.

(c) Social security numbers requested from an individual shall be provided to the Village of Louisville in a manner that makes the social security number easily redacted if required to be released as part of a public records request.

(d) When collecting a social security number or upon request by the individual, a statement of the purpose or purposes for which the Village of Louisville is collecting and using the social security number shall be provided.

(e) A written copy of this privacy policy, and any amendment thereto, shall be filed with the city council within 30 days after approval of this policy or any amendment thereto.

(f) The Village of Louisville shall advise its officials, officers, and employees of the existence of the policy and make a copy of the policy available to each such person, and shall also make this privacy policy available to any member of the public, upon request. If the Village of Louisville amends this privacy policy, then the Village of Louisville shall also advise its officials, officers and employees of the existence of the amended policy and make a copy of the amended policy available to each such person.

8. Violation. Any person who intentionally violates the prohibitions in Section 10 of the Identity Protection Act, which are noted in Paragraph 2 of this policy, is guilty of a Class B misdemeanor.

9. This policy does not supersede any more restrictive law, rule, or regulation regarding the collection, use, or disclosure of social security numbers.

ARTICLE III – IDENTITY THEFT PREVENTION POLICY

15-3-1 The following is adopted as the Village’s Identity Theft Prevention Policy:

Board of Trustees Approval: April 9, 2009

Effective Date: May 1, 2009

Program Administrator: The President of the Village of Louisville, IL, or his designee

This Identity Theft Prevention Program is hereby adopted by the Village of Louisville, Illinois pursuant to and in compliance with the Identity Theft Rules of the Federal Trade Commission (FTC), Part 681 of Title 16 of the Code of Federal Regulations (16CFR Part 681).

Purpose

The purpose of this Identity Theft Prevention Program (Program) is to protect customers of the Municipalitys utility services from identity theft. The Program is intended to establish reasonable policies and procedures to facilitate the detection, prevention and mitigation of identity theft in connection with the opening of new Covered Accounts and activity on existing Covered Accounts.

Scope

This Program applies to the creation, modification and access to Identifying Information of a customer of one or more of the utilities operated by the Municipality (electric, natural gas, water and waste water) by any and all personnel of the Municipality, including management personnel. This Program does not replace or repeal any previously existing policies or programs addressing some or all of the activities that are the subject of this Program, but rather it is intended to supplement any such existing policies and programs.

Definitions

When used in this Program, the following terms have the meanings set forth opposite their name, unless the context clearly requires that the term be given a different meaning:

Covered Account: The term covered account means an account that the Municipality offers or maintains, primarily for personal, family or household purposes, that involves or is designed to permit multiple payments of transactions. (16 CFR 681.2(b)(3)(i)). A utility account is a covered account. The term covered account also includes other accounts offered or maintained by the Municipality for which there is a reasonably foreseeable risk to the customers of the Municipality. (16 CFR 681.2(b)(3)(ii)).

Identity Theft: The term identity theft means a fraud committed or attempted using the identifying information of another person without authority. (16 CFR 681.2(b)(8) and 16 CFR 603.2(a)).

Identifying Information: The term identifying information means any name or number that may be used, alone or in conjunction with any other information, to identify a specific person, including any name, social security number, date of birth, official State or government issued drivers license or identification number, alien registration number, government passport number, employer or taxpayer identification number. Additional examples of identifying information are set forth in 16 CFR 603.2(a).

Red Flag: The term Red Flag means a pattern, practice or specific activity that indicates the possible existence of identity theft.

Certain terms used but not otherwise defined herein shall have the meanings given to them in the FTCs Identity Theft Rules (16 CFR Part 681) or the Fair Credit Reporting Act of 1970 (15 U.S.C. 1681 et seq.), as amended by the Fair and Accurate Credit Transactions Act of 2003 into law on December 4, 2003. (Public Law 108-159).

Administration of the Program

The initial adoption and approval of the Identity Theft Prevention Program shall be by Resolution of the Board of Trustees. Thereafter, changes to the Program of a day-to-day operational character and decisions relating to the interpretation and implementation of the Program may be made by the Village President of the Village of Louisville, Illinois (or his designee) as Program Administrator. Major changes or shifts of policy positions under the Program shall only be made by the Board of Trustees.

Development, implementation, administration and oversight of the Program will be the responsibility of the Program Administrator. The Program Administrator may, but shall not be required to, appoint a committee to administer the Program. The Program Administrator shall be the head of any such committee. The Program Administrator will report at least annually to the Board of Trustees regarding compliance with this Program.

Issues to be addressed in the annual Identity Theft Prevention Report include:

1. The effectiveness of the policies and procedures in addressing the risk of Identity Theft in connection with the opening of new Covered Accounts and activity with respect

to existing Covered Accounts.

2. Service provider arrangements.

3. Significant incidents involving Identity Theft and managements response.

4. Recommendations for material changes to the Program, if needed for improvement.

Identity Theft Prevention Elements

Identification of Relevant Red Flags

The Municipality has considered the guidelines and the illustrative examples of possible Red Flags from the FTCs Identity Theft Rules and has reviewed the Municipalitys past history with instances of identity theft, if any. The municipality hereby determines that the following are the relevant Red Flags for purposes of this Program given the relative size of the Municipality and the limited nature and scope of the services that the Municipality provides to its citizens:

A. Alerts, notifications, or other warnings received from consumer reporting agencies

or service providers.

1. A fraud or active duty alert is included with a consumer report or an identity

verification response from a credit reporting agency.

2. A consumer reporting agency provides a notice of credit freeze in response to

a request for a consumer report.

3. A consumer reporting agency provides a notice of address discrepancy, as defined in 681.1(b) of the FTCs Identity Theft Rules.

4. A consumer report indicates a pattern of activity that is inconsistent with the history and usual pattern of activity of an applicant or customer, such as;

a) A recent and significant increase in volume of inquiries:

b) An unusual number of recently established credit relationships;

c) A material change in the use of credit, especially with respect to recently

established credit relationships; or

d) An account that was closed for cause or identified for abuse of account

privileges by a financial institution or creditor.

B. The presentation of suspicious documents.

5. Documents provided for identification appear to have been altered or forged.

6. The photograph or physical description on the identification is not consistent with the appearance of the applicant or customer presenting the identification.

7. Other information on the identification is not consistent with information provided by the person opening a new covered account or customer presenting the identification.

8. Other information on the identification is not consistent with readily accessible

information that is on file with the Municipality, such as a signature card or a

recent check.

9. An application appears to have been altered or forged, or gives the appearance of having been destroyed and reassembled.

C. The presentation of suspicious personal identifying information, such as a suspicious

address change.

10. Personal identifying information provided is inconsistent when compared against external information sources used by the Municipality. For example:

a) The address does not match any address in the consumer report or

CRA ID Check response; or

b) The Social Security Number (SSN) has not be issued, or is listed on the Social Security Administrations Death Master File.

11. Personal identifying information provided by the customer is not consistent with the other personal identifying information provided by the customer. For example, there is a lack of correlation between the SSN range and date of birth.

12. Personal identifying information provided is associated with known fraudulent

activity as indicated by internal or third-party sources used by the Municipality.

For example:

a) The address on an application is the same as the address provided on a

fraudulent application; or

b) The phone number on an application is the same as the number

provided on a fraudulent application.

13. Personal identifying information provided is of a type commonly associated with

fraudulent activity as indicated by internal or third-party sources used by the

Municipality. For example:

a) The billing address on an application is fictitious, a mail drop, or

a prison; or

b) The phone number is invalid, or is associated with a pager or

answering service.

14. The SSN provided is the same as that submitted by other persons opening an account or other customers.

15. The address or telephone number provided is the same as or similar to the account

number or telephone number submitted by an unusually large number of other

persons opening accounts or other customers.

16. The person opening the covered account or the customer fails to provide all required

personal identifying information on an application or in response to notification that the application is incomplete.

17. Personal identifying information provided is not consistent with personal identifying

information that is on file with the Municipality.

18. If the Municipality uses challenge questions, the person opening the covered account

or the customer cannot provide authenticating information beyond that which

generally would be available from a wallet or consumer report.

D. The unusual use of, or other suspicious activity related to, a Covered Account.

19. Shortly following the notice of a change of address for a covered account, the

Municipality receives a request for the addition of authorized users on the account.

20. A new utility account is used in a manner commonly associated with known

patterns of fraud patterns. For example: the customer fails to make the first

payment or makes an initial payment but no subsequent payments.

21. A covered account with stable history shows irregularities.

22. A covered account that has been inactive for a reasonably lengthy period of time

is used (taking into consideration the type of account, the expected pattern of usage and other relevant factors).

23. Mail sent to the customer is returned repeatedly as undeliverable although usage of

utility products or services continues in connection with the customers covered

account.

24. The Municipality is notified that the customer is not receiving paper account

statements.

25. The Municipality is notified of unauthorized usage of utility products or services

in connection with a customers covered account.

E. Notice of Possible Identity Theft.

26. The Municipality is notified by a customer, a victim of identity theft, a law

enforcement authority, or any other person that is has opened a fraudulent

account for a person engaged in identity theft.

Detection of Red Flags

The employees of the Municipality that interact directly with customers on a day-to-day basis shall have the initial responsibility for monitoring the information and documentation provided by the customer and any third-party service provider in connection with the opening of new

accounts and the modification of or access to existing accounts and the detection of any Red Flags that might arise. Management shall see to it that all employees who might be called upon to assist a customer with the opening of a new account or with modifying or otherwise accessing an existing account are properly trained such that they have a working familiarity with the relevant Red Flags identified in this Program so as to be able to recognize any Red Flags that might surface in connection with the transaction. An Employee who is not sufficiently trained to recognize the Red Flags identified in this Program shall not open a new account for any customer, modify any existing account or otherwise provide any customer with access to information in an existing account without the direct supervision and specific approval of a management employee. Management employees shall be properly trained such that they can recognize the relevant Red Flags identified in this Program and exercise sound judgment in connection with the response to any unresolved Red Flags that may present themselves in connection with the opening of a new account or with modifying or accessing of an existing account. Management employees shall be responsible for making the final decision on any such unresolved Red Flags.

The Program Administrator shall establish from time to time a written policy setting forth the manner in which a prospective new customer may apply for service, the information and documentation to be provided by the prospective customer in connection with an application for a new utility service account, the steps to be taken by the employee assisting the customer with the application in verifying the customers identity and the manner in which the information and documentation provided by the customer and any third-party service provider shall be maintained. Such policy shall be generally consistent with the spirit of the Customer Identification Program rules (31 CFR 103.121) implementing Section 326(a) of the USA PATRIOT Act but not need be as detailed. The Program Administrator shall establish from time to time a written policy setting forth the manner in which customers with existing accounts shall establish their identity before being allowed to make modifications to or otherwise gain access to existing accounts.

Response to Detected Red Flags

If the responsible employees of the Municipality as set forth in the previous section are unable, after making a good faith effort, to form a reasonable belief that they know the true identity of a customer attempting to open a new account or modify or otherwise access an existing account

based on the information and documentation provided by the customer and any third-party service provider, the Municipality shall not open the new account or modify or otherwise provide access to the existing account as the case may be. Discrimination in respect to the opening of new accounts or the modification or access to existing accounts will not be tolerated by employees of the Municipality and shall be grounds for immediate dismissal.

The Program Administrator shall establish from time to time a written policy setting forth the steps to be taken in the event of an unresolved Red Flag situation. Consideration should be given

to aggravating factors that may heighten the risk of Identity Theft, such as a data security incident that results in unauthorized access to a customers account, or a notice that a customer has provided account information to a fraudulent individual or website. Appropriate responses to prevent or mitigate Identity Theft when a Red Flag is detected include:

1. Monitoring a Covered Account for evidence of Identity Theft.

2. Contacting the customer.

3. Changing any passwords, security codes, or other security devices that permit

access to a Covered Account.

4. Reopening a Covered Account with a new account number.

5. Not opening a new Covered Account.

6. Closing an existing Covered Account.

7. Not attempting to collect on a Covered Account or not selling a Covered Account

to a debt collector.

8. Notifying law enforcement.

9. Determining that no response is warranted under the particular circumstances.

Program Management and Accountability

Initial Risk Assessment Covered Accounts

Utility accounts for personal, family and household purposes are specifically included within the definition of covered account in the FTCs Identity Theft Rules. Therefore, the Municipality determines that with respect to its residential utility accounts it offers and/or maintains covered accounts. The Municipality also performed an initial risk assessment to determine whether the utility offers or maintains any other accounts for which there are reasonably foreseeable risks to customer or the utility from identity theft. In making this determination the Municipality considered (1) the methods it uses to open its accounts, (2) the methods it uses to access its accounts, and (3) its previous experience with identity theft, and it concluded that it does not offer or maintain any such other covered accounts

Program Updates Risk Assessment

The Program including relevant Red Flags, is to be updated as often as necessary but at least annually to reflect changes in risks to customers from Identity Theft. Factors to consider in the Program update include:

1. An assessment of the risk factors identified above.

2. Any identified Red Flag Weakness in associated account systems or procedures.

3. Changes in methods of Identity Theft.

4. Changes in methods to detect, prevent, and mitigate Identity Theft.

5. Changes in business arrangements, including mergers, acquisitions, alliances, joint

ventures, and service provider arrangements.

Training and Oversight

All staff and third-party service providers performing any activity in connection with one or more Covered Accounts are to be provided appropriate training and receive effective oversight to ensure that the activity is conducted in accordance with policies and procedures designed to detect, prevent, and mitigate the risk of Identity Theft.

Other Legal Requirements

Awareness of the following related legal requirements should be maintained:

31 U.S.C. 5318 (g) Reporting of Suspicious Activities

15 U.S.C. 1681 c-1 (h) Identity Theft Prevention; Fraud Alerts and Active

Duty Alerts Limitations on Use of Information for Credit Extensions

15 U.S.C. 1681 s-2 Responsibilities of Furnishers of Information to Consumer

Reporting Agencies

15 U.S.C. 1681 m Requirements on Use of Consumer Reports

IDENTITY THEFT PREVENTION PROGRAM

Procedure for Opening New Account

I. All new Utility Accounts may be opened in the following manners:

In Person Walk-In

II. Information and Documentation Required for Walk-in (potential customer to open

new account)

The following are minimum requirements:

Drivers License or alternate government issued picture ID (required).

Second form of identification, such as credit card (required)

New service address (required)

New service telephone number (if new)

Most recent previous address (required)

Social Security Number (optional)

Permission signed for Credit Reporting Agency (CRA) Report (optional)

Deed or Lease (optional)

Set up challenge question (for future use)

Signature on application (required)

III. Steps to be Taken by the CSR

a. Check drivers license/alternate govt ID (prior training/detecting fake IDs)

b. Compare signature on application with signature on drivers license and second form of ID

c. Review checklist of Red Flags/determine if any present

d. Computer scan/make a copy of drivers license/alternate govt ID

e. Go online with CRA enter data to computer database/software

i. Validate name, social security number (SSN), last address

ii. Ensure SSN not on Death Master File (http://www.ssdmf.com)

iii. Ensure not on Active Duty List

iv. Ensure there are no Fraud Alerts

IV. Steps for CSR to Follow If Validation of ID fails

a. Tactfully advise potential customer of the issue, if appropriate

b. Do not open account

c. Refer customer to external source that is the source of the Red Flag

(i.e., SSN Master File)

d. Escalation to supervisor if situation with customer unresolved

e. Management employee/Program Administrator to make final decision in

his/her discretion whether to open new account

FREEDOM OF INFORMATION REQUEST

 

Name: ______________________________________________________________________

Address: ____________________________________________________________________

____________________________________________________________________

Telephone number: ___________________________________

Records requested (please be as specific as possible) _________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

I want to examine and/or copy those records (check all that applies).

I understand that I may have to pay for certain copying costs or postage costs, and that I will have to pay such costs upfront before I am provided the records that I am requesting. No fees shall be charged for the first 50 pages of black and white, letter or legal sized copies requested by a requester. The fee for black and white, letter or legal sized copies shall not exceed 15 cents per page. If a public body provides copies in color or in a size other than letter or legal, the public body may not charge more than its actual cost for reproducing the records.

I want to pick up the requested records myself, or have the records mailed to me by

regular U.S. Mail, or certified mail, or other means __________________________. (check all that applies – requester must pay for any mailing costs other than regular U.S. mail)

I want the copies to be certified.

This request is or is not made for commercial benefit purposes (check one).

Other information or requests that I am seeking: ____________________________________

___________________________________________________________________________

___________________________________________________________________________

_________________________ _____________________________________________

Date Signature

Comments are closed