07.12.01 – Systems Access and Usage

Effective Date: 09/1/2019

Policy Statement:

Employees of contracted CCR&R and Site Providers shall be permitted access to the State of Illinois systems, software, and data necessary to administer the CCAP, consistent with their role.


  1. General. It is the responsibility of the contracted entity to ensure that employees only access the State of Illinois systems necessary for the employee to complete their job duties. This includes requesting the removal or update of an employee's systems access in a timely manner. The sharing of user IDs and passwords for State of Illinois systems is strictly prohibited.
  2. Annual Training. Prior to the granting of systems access and annually thereafter, employees with access to State of Illinois systems shall complete the HIPAA Privacy Policy and Computer Security Awareness trainings. CCR&Rs and Sites shall submit copies of the training attestation with the IL 444-2022 Community Provider/External User I.D. and System Access Request forms for all staff requesting system access for the first time. CCR&Rs and Sites shall also maintain a copy of each employee's annual completion of training attestations and make the attestations available to DHS upon request. Agencies needing a copy of the HIPAA Privacy Policy or Computer Security Awareness training should email the Zendesk Helpdesk (support@illinois3520.zendesk.com).
  3. Requesting New User Access. It is recommended that agencies submit New User Access Requests to DHS within the first few days of a new employee's hire, as it takes time for new users to be granted access to State systems.
    1. Step 1: Create an External.Illinois.Gov user ID for the user through the DoIT Identity Management (DIM) system (id.illinois.gov).
      1. Under "Identity Management Options," click on "Create Illinois.gov Account."
      2. The next page will instruct you to provide your email address to complete the self-registration process. An email will be sent to the work email provided for verification. Follow the link in the email from IdentityManagement@illinois.gov within 24 hours to continue the self-registration process.
      3. Complete the Registration page. You must have your driver's license to complete this step. Enter the required information EXACTLY as it appears on your driver's license. Failure to do so may prevent completion of the registration process.
      4. When you have successfully completed the registration process, you will be directed to a confirmation page that will list your new External.Illinois.Gov user ID. It is recommended you print a copy of this confirmation page for your records.
      5. It is recommended that you navigate back to id.illinois.gov and click on the link for "Account Recovery Options" to set-up your password reset options.
      6. If the user does not have an Illinois driver's license, email Zendesk, the online helpdesk for CCAP, (support@illinois3520.zendesk.com) for assistance.
    2. Step 2: Create a Digital ID/PKI ID for users who need access to Web3270 by visiting: enroll.pki.illinois.gov.
      1. To register, click on "Get a Digital ID."
      2. You must accept the terms of the subscriber agreement on the next page - select the appropriate "Accept" button based on whether you are an Illinois resident or a non-Illinois resident.
      3. Complete the registration page as instructed - be sure to enter your information EXACTLY as it appears on your government issued ID (this must be an Illinois driver's license for Illinois residents).
    3. Step 3: Complete the DHS Form IL 444-2022 (Community Provider/External User ID System Access Request). Please note: both the new user AND the agency's Executive Director must sign this form.
    4. Step 4: Complete the User System Access Request Form (CCR&R or Site). This form tells DHS Staff which systems the user is requesting access to and what security role is to be assigned to the user, as applicable.
      1. CCR&Rs may request access to CCMS, IES, and Web3270 (IPACS/AWVS, SAMS, and/or HSCCMS).
      2. Sites may request access to CCMS, IES, and Web3270 (IPACS/AWVS only).
    5. Step 5: Complete the required Data Sharing Agreement forms.
      1. Shared Data Agreement (Illinois Department of Employment Security);
      2. DHS Certificate of Understanding and Confidentiality Agreement;
      3. IES Certificate of Understanding; and,
      4. HIPAA Privacy Policy Training Attestation.
    6. Step 6: Email the New User Access Request to the Zendesk online Helpdesk (support@illinois3520.zendesk.com). Please include the following attachments: 1) the DHS Form IL 444-2022 Community Provider/External User I.D. System Access Request, 2) the User System Access Form; 3) a copy of the Computer Security Awareness training attestation; 4) all four (4) of the Data Sharing Agreement forms; and 5) a copy of the user's Illinois driver's license.
  4. Updating User Access. Requests to update a user's systems access (e.g. request a new system, update user roles) require the completion of a new IL 444-2022 Form and User System Access Request Form. This will indicate the update/changes being requested for the user. Requests to update a user's systems access must be submitted via email to the Zendesk online Helpdesk (support@illinois3520.zendesk.com). Indicate clearly in the email what change is being requested to the user's existing systems access.
  5. Deleting User Access. Contracted agencies must notify DHS as soon as possible when a user leaves the agency, or transitions into a role in which access to a State of Illinois data system is no longer required so that systems access may be deleted. To request a user's systems access be deleted, complete and submit the DHS IL 444-2022 Form to the Zendesk online Helpdesk (support@illinois3520.zendesk.com) no later than three (3) business days after the user's effective last day.
  6. User Access Audits. DHS staff will periodically audit the level of systems access granted to users to ensure it is still appropriate. This will include requesting verification of any staff no longer employed with the CCR&R or Site once every quarter for the deletion of systems access.
  7. DoIT Identity Management (DIM) Self-Service System. It is STRONGLY recommended that each user setup account recovery options within the DIM system after the user's external Illinois.gov account has been established. This can be setup by visiting id.illinois.gov and clicking on the link for "Account Recovery Options." The online DIM system will allow users to reset their Active Directory or Mainframe RACF account passwords , as well as unlock accounts. The Active Directory account is the log-in used for CCMS and IES (the user's external.illinois.gov account). The Mainframe RACF account is the log-in user for Web3270 (e.g. HSCCMS, AWVS, IPACS, SAMS). It is preferred that users utilize the DIM system to reset their password and unlock their account as a way of expediting the user regaining access to their account.
  8. Zendesk Online Helpdesk. The Bureau of Subsidy Management at DHS manages an online helpdesk portal, known as Zendesk, for users in need of systems assistance. The Zendesk Helpdesk processes requests related to the following: 1) Systems access requests (e.g. new users, deleting users); 2) IVR pin requests; 3) CCMS and HSCCMS issues and troubleshooting; 4) Web3270 password resets (see item VI above); and 5) requests for copies of monthly child care certificates.

Please note: DHS staff is only able to assist with technical issues with HSCCMS and CCMS - technical issues with any of the other applications (e.g. PASDX, KIDS, SAMS, AWVS) should be reported to the DoIT Customer Service Center (see VIII below).

To submit a Zendesk Helpdesk ticket, email support@illinois3520.zendesk.com. Include the SDA number or Site name in the subject line of all Helpdesk ticket emails. If the request is for an error or issue within a data system, provide as much detail as possible on what the user was attempting to do. When possible, please also include a screenshot of any error(s) the user received as a result.

  1. DoIT Customer Service Center. The Department of Innovation and Technology (DoIT) maintains a Customer Service Center (CSC) for users of State of Illinois systems to report problems by phone. The DoIT CSC must be contacted anytime the user is experiencing technical issues with one or more of the applications/screens in Web3270 (e.g. PASDX, KIDS, SAMS, AWVS), except for HSCCMS. This includes issues in which the application/screen appears to be down or is kicking the user out repeatedly. It DOES NOT include training related issues (i.e. don't know how to navigate a page/screen).

When calling the DoIT CSC, users should be prepared to provide their RACF ID and to identify any error messages received. If all users within an agency are experiencing the same issue, just one user should report the problem and identify that all users at their location are experiencing the issue to the DoIT Customer Service Representative.

Additionally, the CSC can assist with password resets and account unlocks, although it should be utilized as a last resort.

The DoIT CSC can be contacted by calling either of the numbers below, Monday through Friday between 8:00 a.m. and 5:00 p.m. (excluding State holidays).

  • Springfield: 217-524-DoIT (217-524-3648)
  • Chicago: 312-814-DoIT (312-814-3648)