There are very strict rules when it comes to sharing/using patient data. It is your responsibility to ensure that your use of patient data is compliant with all federal, state, local
and ETSU regulations.
In general, you want to talk about patients and their data in very general terms -- terms that could apply to anyone. You should omit any identifying information, such as name, address, phone number, personal description, voice recordings, etc.
Restrictions can also be based on how you constructed your study's informed consent
forms. For example, if you told your study's human subjects that you would keep their
identifying information locked in a particular location and not used in a public manner,
then you must follow those directives. The protection of the person(s) information
is your responsibility, and you are accountable for any breaches.
Please refer to the US government's HIPAA (Health Insurance Portability and Accountability Act) website at http://www.hhs.gov/hipaa/
If you would like more information or if you are unsure as to whether your use of patient data is HIPAA Compliant, feel free to contact ETSU's HIPAA Compliance Officer.
Lindsay Daniel
423-439-8533
https://www.etsu.edu/universitycounsel/hipaa/