Creating and maintaining a successful dental practice is not easy. Attracting and keeping patients, building an efficient staff, and staying aware of the latest trends takes effort. Keeping your dental office compliant with HIPAA and OSHA regulations is one more thing to juggle.

HIPAA and OSHA training for dental offices is an essential part of compliance. Ideally, you’d like to have one solution to manage both. Here are five reminders to help as you work through the compliance conundrum.

  1. Train all employees annually
  2. Give the right training to the right employees
  3. Be able to prove the HIPAA and OSHA training was done
  4. Understand the consequences of not staying OSHA compliant
  5. Know the most common HIPAA and OSHA citations and violations

Train All Employees Annually

One crucial step to achieving OSHA dental office compliance is annual training for all employees. They further specify that new hires must receive the appropriate safety training within ten days of starting their job.

HIPAA requires training for all employees, including new hires, and periodic refresher training. Because regulations may change yearly, annual training is considered a best practice to keep your office up-to-date on what they need to know. 

Schedule a Demo

See the software that makes tracking compliance a breeze!

Healthcare Compliance Software - CG

Give the Right Training to the Right Employees

OSHA mandates that every practice employee be trained, including full- and part-time. Whether you’re a dentist, dental assistant, part of the administrative staff, or custodian, there are no exceptions.

HIPAA training is mandatory for any employee who comes in contact with patient protected health information (PHI). This applies to all employees and includes interns working at the office.

Both HIPAA and OSHA have specific topics that must be covered during training. 

These include:

HIPAA
Privacy and Security Overview
 HIPAA Privacy
 Business Associates
 Identifying and Protecting PHI
 Breach Prevention and Reporting
 Consequences of a Breach
 Security Standards
 Cybersafety
 Cybercrime Prevention

OSHA
Hazard Communication
Bloodborne Pathogens
Preventing Slips, Trips and Falls
Electrical Safety
Hazardous Materials
Industrial Hygiene
Emergency Action Plans
Exit Plans
Safety and Health Programs

New employees are required to be trained on all topics. Some of the topics require annual refresher training, while others should be covered if changes in job procedures or equipment create new hazards.

There is no specification for how long HIPAA and OSHA training for dental offices should last. What matters most is the content of the training and that the information is taught effectively.

Be Able to Prove HIPAA and OSHA Training Was Done

The enforcement arms of HIPAA and OSHA are much like your high school algebra teacher – having the correct answer is meaningless if you can’t show your work. 

HIPAA requires that training is documented. They don’t define how it should be done, but it’s a violation if you can’t retrieve the information during an audit.

OSHA is much more specific about documenting training. OSHA training records should include the training date, training content, trainer names and qualifications, and attendee’s names and job titles.

OSHA also requires:

  • Employee training records to be maintained for three years
  • Employee training records to be available to the employee
  • If a practice is sold, employee records to be transferred to the new owner
  • If a practice closes, employee records to be offered to the National Institute for Occupational Safety and Health

Understand the Consequences of Not Staying OSHA Compliant

Training isn’t the only requirement to stay compliant with HIPAA and OSHA, but training must be a foundational piece of your overall compliance strategy. 

OSHA citations can be issued if only one employee misses required training. Fines can range from $0 – $70,000 per citation depending upon the severity of the violation.

Depending upon the part of the regulation that was violated, HIPAA fines can be as high as $1.5 million. Employees may be subject to civil or criminal penalties. In the event of a breach, inadequate or undocumented training creates a greater risk of lawsuits. Medical professionals could face charges for ethical violations, leading to sanctions or even the loss of a license.

Know the Most Common HIPAA and OSHA Citations and Violations

Citations issued by OSHA can vary widely across industries. Below are five of the most common OSHA citations issued to dentistry offices.

  1. Failure to implement and maintain an exposure control plan
  2. Failure to train and maintain records of training
  3. Failure to supply and use appropriate Personal Protective Equipment (PPE)
  4. Failing to Provide Safety Data Sheets (SDSs)
  5. Failure to adequately implement a Hazard Communication Plan

Listed below are five of the most common HIPAA violations.

  1. Failure to perform a comprehensive risk analysis
  2. Failure to adequately manage security risks
  3. Failure to provide patients access to their health records in a timely manner
  4. Failure to enter into business associate agreements with vendors
  5. Failure to adequately safeguard ePHI on portable devices

Is There an Easy Way to Keep Your Dental Office HIPAA and OSHA Compliant

Because there are so many moving parts involved in both HIPAA and OSHA compliance, it helps to have experienced advisors who will show you the right path to take. Your advisors should help you build a system that streamlines the process, reminds you when things need to be done, and keeps records that can stand up to any audit or inspection. Compliance can be something that makes your office better overall, instead of being a burden.

Dual Endorsed Compliance

Find out why we’re ADA’s preferred software solution!