(410 ILCS 520/6)
(from Ch. 111 1/2, par. 5606)
The Department shall take appropriate measures to protect the
security of health data including:
(a) Limiting the access to health data to authorized individuals who have
received training in the handling of such data.
(b) Designating a person to be responsible for physical security.
(c) Developing and implementing a system for monitoring security.
(d) Reviewing periodically all health data to evaluate whether it is
appropriate to remove identifying characteristics from the data.
(e) Any data or other information which is to be processed by a
computer or other type of artificial intelligence and which is related to human
immunodeficiency virus (HIV) testing or the results of such testing or to
the testing and test results of any other identified causative agent of
acquired immunodeficiency syndrome (AIDS) or to any list of persons known
to have been exposed to HIV or to have a diagnosed case of AIDS or
AIDS-related complex shall be stored and processed in the most secure
(Source: P.A. 85-935.)