Data Guide

Protected Health Information (PHI) is any health information that can be linked to an identifiable individual, such as a patient receiving treatment at the U-M Health System. PHI is regulated by the Health Insurance Portability and Accountability Act (HIPAA). Researchers should be aware that health and medical information about research subjects may also be regulated by HIPAA. Researchers can contact the UMHS Compliance Office with questions.

The following individually identifiable data elements, when combined with health information about that person, make such information protected health information (PHI):


    • Names
    • Telephone numbers
    • Fax numbers
    • Email addresses
    • Social Security Numbers
    • Medical record numbers
    • Health plan beneficiary numbers
    • License plate numbers
    • URLs
    • Full-face photographic images
    • Any other unique identifying number, characteristic, code, or combination that allows identification of an individual



    Frequently Used By

    • Researches


    • Sensitive

    Restrictions Key

    • Permitted
    • Not Permitted
    • Permitted with Encryption