Protected Health Information (HIPAA)
Protected Health Information (PHI) is any health information that can be linked to an identifiable individual, such as a patient receiving treatment at the U-M Health System. PHI is regulated by the Health Insurance Portability and Accountability Act (HIPAA). Researchers should be aware that health and medical information about research subjects may also be regulated by HIPAA. Researchers can contact the UMHS Compliance Office with questions.
Frequently Used by:
Category:
Examples:
The following individually identifiable data elements, when combined with health information about that person, make such information protected health information (PHI):
- Names
- Telephone numbers
- Fax numbers
- Email addresses
- Social Security Numbers
- Medical record numbers
- Health plan beneficiary numbers
- License plate numbers
- URLs
- Full-face photographic images
-
Any other unique identifying number, characteristic, code, or combination that allows identification of an individual
Laws/Regulations/Policies:
M+Box Core Apps:
M+Google Mail and Calendar:
M+Google Drive (Docs):
M+Google Sites, Talk, Groups, Tasks:
M+Google Additional Services (Non-Core):
M+Box Additional Apps (Non-Core):
Personal Device (phone, tablet, laptop, etc.):
Personal Account (Dropbox, Evernote, etc.):
UMHS Exchange Email and Calendar:
CTools:
Wolverine Access:
MiDatabase:
MiServer:
Desktop Virtualization (VDI):
TSM Backup:
MiWorkspace:
Sitemaker:
Virtualization as a Service (VaaS):
Value Storage:
Mainstream Storage:
Data Warehouse:
ITS Exchange Email and Calendar:
Desktop Backup (Powered by CrashPlan):
Flux:
Key: Storage Permission Levels
Permitted
Permitted with IIA Consultation
Not Permitted
For IIA consultation, please contact the ITS Service Center
Using Protected Health Information (HIPAA) Data
This list shows which services can and cannot be used to store and share Protected Health Information (HIPAA) Data. Click any service for more details.
- Desktop Backup (Powered by CrashPlan)
- Desktop Virtualization (VDI)
- Mainstream Storage
- MiDatabase
- MiServer
- MiWorkspace
- TSM Backup
- UMHS Exchange Email and Calendar
- Virtualization as a Service (VaaS)
- Wolverine Access
- CTools
- Data Warehouse
- Flux
- ITS Exchange Email and Calendar
- M+Box Additional Apps (Non-Core)
- M+Box Core Apps
- M+Google Additional Services (Non-Core)
- M+Google Drive (Docs)
- M+Google Mail and Calendar
- M+Google Sites, Talk, Groups, Tasks
- Personal Account (Dropbox, Evernote, etc.)
- Personal Device (phone, tablet, laptop, etc.)
- Sitemaker
- Value Storage
Don't see the service you need? Contact the ITS Service Center.
