In Accordance with IDHS Incident Procedures, in all cases, the IDHS Chief Privacy Officer (CPO) and the IDHS Chief information Security Officer (CISO), the Bureau of Performance Management (BPM) and the Division Director and/or his or her designee must be contacted immediately upon discovery of an authorized disclosure, use or access of FTI or NDNH data by the person who discovered the data incident or the person's supervisor. The CPO and CISO will direct the investigation into the data incident.
The CPO, the CISO or the BPM must report the data incident within 24 hours to the following agencies:
These agencies will be notified with the information listed below, by an encrypted electronic message with "Incident Response" on the subject line.
The following information must be provide when reporting FTI or NDNH breach:
Illinois Department of Human ServicesJB Pritzker, Governor · Grace B. Hou, Secretary
IDHS Office Locator
IDHS Help Line
© 2020 Illinois Department of Human Services