Securing the data and guarding the privacy of the university community is a shared responsibility. ITS datacenters are designed to ensure that your database is safe and secure, but the appropriate use of these IT resources and the data is your responsibility. The security and privacy measures extend into back-end systems.
MiDatabase includes the safeguards required by HIPAA. Accordingly, you may use it to maintain Protected Health Information (PHI). However, you should first consult with IIA (via the ITS Service Center) and take any steps required by your unit to comply with HIPAA. Read more about working with HIPAA-regulated data.
See U-M’s Sensitive Data Guide—Protected Health Information (HIPAA) for more information on using U-M IT services with PHI.