IDPH Issues Submission Guidance via the SIREN Notification System on Illinois Health Care Sanctity and Privacy Law Requiring Hospitals to Adopt and Submit Policies Regarding Law Enforcement Interactions

Key Takeaways

• Hospitals Must Develop and Submit Policies Regarding Law Enforcement Interactions: Effective January 1, 2026, for general acute care hospitals, and March 1, 2026, for all other hospitals, the Illinois Department of Public Health (“IDPH”) requires Illinois hospitals to develop and submit policies governing interactions with law enforcement, as required under the Illinois Health Care Sanctity and Privacy Law.
• IDPH Submission Mechanics Have Been Released via SIREN: IDPH has confirmed that hospitals were notified of submission mechanics through the SIREN system. Hospitals received a Smartsheet submission link where the required policies may be submitted. Hospitals should continue to monitor SIREN for any additional guidance, and we recommend signing up for system alerts. 
• Failure to Comply May Result in Civil Penalties of Up to $500 Per Day: Hospitals that fail to submit compliant policies will receive notice of deficiency and will have seven (7) working days to cure. Failure to cure may result in civil penalties of up to $500 per day.

Guidance from IDPH

The recently enacted Illinois Health Care Sanctity and Privacy Law (HB 1312 codified at 210 ILCS 85/6.14h) establishes new requirements for Illinois hospitals to adopt policies governing interactions with law enforcement, including immigration enforcement activities. IDPH has issued formal policy submission guidance via the SIREN system explaining how hospitals should submit their policies through a Smartsheet link. We understand there was a Hospital Licensing Board Emergency Rulemaking Vote Meeting on December 19, 2025, during which implementation of the law was discussed. [1] As of the date of this alert, meeting materials from that session have not yet been published.

IDPH’s released guidance includes reiterating the requirements 210 ILCS 85/6.14h in both English and Spanish. The law enforcement interaction policy submission deadlines for hospitals was January 1, 2026 (for general acute care hospitals) and is March 1, 2026 (all other hospitals).

Policy Content Requirements

Based on statutory language, hospitals should prepare policies that address the following:

• Designation of a hospital contact (e.g., legal counsel or administrator) for all law enforcement requests.
• Procedures for verifying law enforcement identity and legal authority, including heightened requirements applicable to immigration enforcement.
• Procedures designating permissible waiting areas for law enforcement, with access to patient care areas limited only to circumstances involving a valid judicial warrant or exigent safety/security concerns.
• Procedures ensuring patients receive privacy notices and information regarding their rights, including the right to amend records and protections related to immigration-related data, in multiple languages.
• Procedures ensuring compliance with applicable patient privacy laws, including HIPAA and Illinois confidentiality requirements.
• Procedures governing the disclosure of immigration-related information, limiting disclosures to circumstances involving a valid federal subpoena, court order or judicial warrant.
• Requirements for initial and ongoing staff training on the law enforcement interaction policy.
• Non-retaliation protections for patients and staff who raise concerns or file complaints regarding violations of the policy.

Penalties for Non-Compliance

IDPH has confirmed that hospitals deemed non-compliant or failing to submit policies by the applicable deadlines will receive notice of deficiency by January 15 (for general acute care hospitals) or March 15 (for all other hospitals), as applicable and will have seven (7) working days to cure any deficiencies before civil penalties of up to $500 per day may be imposed. Early preparation and timely submission will be critical to mitigating enforcement risk. Benesch Healthcare+ can assist hospitals review policies and address any deficiencies or noncompliant policy submissions flagged during the January 15^th or March 15^th notification deadlines.

Conclusion

Benesch Healthcare+ will continue monitoring IDPH communications and is available to assist hospitals with readiness planning, including policy drafting and review, coordination with IDPH to address compliance-related questions, and risk assessment related to compliance and enforcement under the Illinois Health Care Sanctity and Privacy rules.

[1] Hospital Licensing Board, Hospital Licensing Board Emergency Rulemaking Vote Meeting, IDPH (December 18, 2025), https://dph.illinois.gov/events/2025/december/hospital-licensing-board-emergency-rulemaking-vote-meeting.html.