Onsite OSHA/HIPAA Services
Our onsite OSHA and HIPAA services are by far one of the most popular compliance programs. We bring the program to your team for the most effective and successful launch of your OSHA and/or HIPAA program. We offer both initial services and annual updates, referred to as AAR (annual audit ready).
OSHA Site Audit & Confidential Work Plan:
This program continues to be one of our leading programs. One of our highly trained consultants will schedule a session at your office while you are treating patients. We are careful not to interrupt patient care or intrude on the privacy of patients. However, with patient care in progress, we are able to accurately assess the hazards in place. We will assess all areas of the practice to include how the contaminated instruments flow to the sterilization area and how the treatment room is prepared for the next patient.
We observe how instrument processing takes place and how sterile instruments are stored. We will audit your quality control records such as your biological monitoring (spore testing), water quality monitoring, and other important tasks. We will compare your protocols to the current CDC’s recommendations for infection control and prevention as well as COVID-19 processes. We evaluate the types of PPE you provide and whether it is appropriate for the clinical service or task. Your assigned consultant will provide labels and signage during the session. This audit process requires approximately 4 to 5 hours of observation and an additional 3 hours for compilation of the report. If you are engaging both training and an inspection, we prefer to conduct the inspection first to allow your assigned consultant to carefully address necessary changes and answer questions during the site visit. Please make available any documentation in place including previous policies, quality control records, and employee medical records.
Any noted violations or deviation from best practice is noted in our confidential report to include a photo of the infraction, a work plan to address the safety issue plus a reference to indicate whether it’s OSHA, the Department of Health, or the Dental Board’s requirements. We also provide references for CDC’s recommendations for infection control and prevention.
This information is then compiled into a confidential report for the practice owner(s) and management.
HIPAA Security Risk Assessment:
A HIPAA Risk Assessment is required by the Department of Health and Human Services and enforced by the Office of Civil Rights. You must be prepared to submit a copy of your most recent risk assessment in the even you experience a breach. Not having a risk assessment in place is subject to fines and penalties.
One of our highly trained consultants will go through a series of questions prepared by Olivia Wann. Some of the questions can be addressed by your office manager while others are answered by your IT provider. Based on the responses, we will provide a corrective action work plan in addition to rating the responses. The threats and vulnerabilities to your data including the administrative, technical and physical safeguards in place or missing are rated low, medium and high.
HIPAA Business Associate Agreement Audit and Request:
We help identify your business associates and will audit any agreements in place. If an agreement is missing, we will request the BAA on your behalf. We also assist in vetting your business associates. This is all part of your required HIPAA compliance program.
OSHA & HIPAA Training:
OSHA requires training on bloodborne pathogens for those who have potential exposure at the initial hire date and thereafter every 365 days. CDC recommends infection control training in addition to certain state dental boards require infection control training as part of the CE requirements. Training is also required when there is a change in the safety program, such as introduction of new chemicals/products, a change in task or procedure, etc. You must maintain an OSHA-required roster for 3-years.
The federal government requires HIPAA training and don’t be surprised if you are ask to provide a copy of your HIPAA training records in comparison to the list of workforce members in place.
You can combine the training topics or contract the subject matter individually. We are approved providers for the Academy of General Dentistry to issue CE for completion of the course(s). We use a combination of experimental learning and lecture to best engage your team. We can also customize the program to address specific needs.
OSHA training includes:
- Bloodborne Pathogens Standard
- OSHA Documentation Requirements
- Infection Control and Prevention
- Instrument Management
- Hazard Communication
We also touch on Fire and Emergency Planning and Ergonomics.
HIPAA training includes:
- Privacy Rule
- Security Rule
- Business Associate Agreements
- Best Practices for Cybersecurity
- Phishing Emails
- Breach Notification
Customized OSHA and HIPAA Policies:
OSHA Policies include:
- Exposure Control Plan
- Post Exposure Management Policy
- COVID-19 Plan
- Infection Control & Prevention Plan
- Hazard Assessment and PPE Policy
- Hazard Communication Plan
- TB Assessment
- Fire Prevention Plan
- Emergency Action Plan
- and Other Safety Plans
SDS Management is also available. This includes compilation of your SDS using a cloud-based program, generation of your annual chemical inventory and support in using the program in compliance with OSHA’s requirements.