MIHC collects and maintains information necessary to operate its programs, including:

• Player and family contact details, team assignments, registration status, and emergency contact information.
• Limited medical or allergy information that families voluntarily provide for emergency or safety planning.
• Background screening status and SafeSport training completion for coaches, volunteers, and Board members.
• Disciplinary and SafeSport‑related records where required for safety, eligibility, or compliance purposes.

Data is used only for legitimate club purposes such as registration, team administration, scheduling, safety planning, SafeSport compliance, billing, and communication about MIHC programs and events.

MIHC uses reputable cloud‑based tools for operations, such as Office 365 for email and documents, QuickBooks for accounting, Canva for design, and Crossbar (or similar) for team management and communications. Multifactor authentication (MFA) is enabled on these systems wherever available to add an extra layer of security for administrative accounts. Access to these tools is role‑based and limited to individuals who need it to perform club responsibilities (e.g., Treasurer for QuickBooks, Registrar and selected Board members for registration reports, communications leads for email tools).

Reasonable safeguards are used to protect data, which may include:

• Password protection and MFA on administrator accounts.
• Role‑based permissions in cloud systems (e.g., team managers see only their team’s information, finance roles see only financial data).
• Avoiding storage of sensitive data on personal, unmanaged devices where possible.
• Regular review and removal of access for former volunteers, coaches, or Board members who no longer require system access.

Because MIHC serves minors, extra care is taken with:

• Medical information: shared only with those who need it for player safety (such as coaches, managers, and medical staff when present).
• Disciplinary and SafeSport‑related information: restricted to appropriate Board officers, the SafeSport/Discipline lead, and others with a need to know, and handled consistently with club disciplinary and document‑retention policies.
• Background screening and eligibility status: treated as confidential and used only to determine role eligibility and compliance with screening and SafeSport requirements.

MIHC does not sell player or family data and does not share information with third parties except as reasonably necessary for operations (e.g., USA Hockey/league registration systems, payment processors, travel providers, or required reporting to governing bodies or authorities).

Electronic communications involving minor athletes must reflect SafeSport/MAAPP principles and USA Hockey guidance, including:

• One‑to‑many: Whenever possible, team information is sent through team‑wide channels (Crossbar posts/emails) or group emails that copy parents or guardians for minor athletes.
• One‑to‑one: Direct messaging with a minor athlete should generally include a parent/guardian or occur in a transparent, team‑approved channel (for example, Crossbar messages to player plus parent), consistent with MAAPP‑style expectations.
• Text messaging: If text is used, coaches and team staff should include a parent or guardian on messages to minors or use group chats that include adults, and should limit messages to team business (schedules, logistics, quick check‑ins).
• Social media: Official team or club social media accounts should be administered only by designated adults. Public posts should not disclose sensitive information (such as medical status, disciplinary matters, or detailed personal contact information).

MIHC discourages late‑night, informal, or personal‑topic messaging between adults and minor athletes and expects all digital communications to be professional, sport‑related, and free of harassment, bullying, or inappropriate content.