Q: What are the HIPAA implications of the Results database?

A: The database is maintained by you at your facility using your standard database protection measures. Patient Health Information (PHI) in the database is encrypted, meaning it is not accessible except via the PLATOCODE system. The PLATOCODE system decrypts and presents the information to the coder when she starts coding a case, at which time the patient's records are already available to the coder in your other systems. Clearly the Results Database is not a designated dataset. These characteristics minimize your HIPAA documentation requirements.