In general, Tidepool is an extremely open organization. Part of our mission is to transfer as much of our knowledge, intellectual property and work product to the public as we can, because we feel like that's better for the diabetes community. Examples of things that we explicitly make public:
...
And, of course, we keep all of our user's Protected Health Information (PHI) confidential. As part of your onboarding, and then each year thereafter, you will be required to read HIPAA training and to undergo an audit of your computer and mobile devices. Our publicly available HIPAA training materials and audit template documents are here.
In general, unless your job requires you to do so (e.g., for a project, or for debugging a specific issue, or for providing customer support), you should never make copies or publicly reveal any of our user's info, including names, email addresses or anything they store in their Tidepool account (on prd or int - which house our HIPAA-compliant data).
...
In general, other stuff that isn't explicitly made made public should be considered confidential. You should not make personal copies of this stuff or send it to parties outside of Tidepool without checking with the Chief Privacy Officer (currently Howard) first.
What if there's something that isn't currently public that I think should be made public?
If there is something else that you think we should be making public that we currently aren't making public, feel free to talk to the Chief Privacy Officer (currently Howard) about it!
Who owns the intellectual property (IP) of the stuff I've worked on?
...
For other documents and folders, such as Google Drive folders, we've tried to include PUBLIC in the name of public folders and documents. Other folders should be considered private (with permissions to match).
Trello boards say whether or not they are public at the top. In general, unless it's security-related, it's OK for all Trello boards to be public.
What should I do if I find something that we've made public that I think should be private?
Let the Chief Privacy Office (currently Howard) know right away.
...
Back to: Tidepool Employee Handbook
Proceed to: Why Diversity is Important