Citing the need to protect "both patient privacy and the security of medical records" the ACLU of Illinois has called on Illinois Governor Pat Quinn to ensure that at least one member of a proposed Illinois Health Information Exchange Authority be an individual with a proven record of advocating for patient privacy and medical record security. In a letter dated June 10, 2010, ACLU of Illinois Executive Director Colleen K. Connell argued to the Governor that "identifying privacy and security issues from the outset, allowing the Exchange not only to assist in assuring quality health outcomes but also protect the basic privacy of millions of persons in Illinois."

The nation is moving headlong toward digitizing patients' medical records. Many argue that this conversion will streamline healthy care costs and eliminate redundancies and, hopefully, produce better health care outcome for patients. Lost in much of this discussion is the need to ensure patient privacy and the security of their medical records. The Illinois Health Information Exchange Authority will oversee the development of regulations and policies surrounding digitized medical records in our state (the same process is moving forward in other states as well).

The ACLU's letter to Governor Quinn notes that concerns for security and privacy need to be built in from the start, noting that "it will be incredibly costly to fix flaws" once the regulations are in place.

The ACLU of Illinois also noted a number of areas that the Authority ought to consider early on, including: the need for affirmative consent from a patient before records are shared: the ability to segregate sensitive health records; allowing minors to segregate sensitive records for care to which they have consented without a parent's permission in accordance with current state law; and, specific procedures regarding data security.

The ACLU of Illinois will continue to monitor this process as it moves forward in order to ensure patient privacy and security.