HIPAA or health insurance portability and accountability act of 1996 aims to protect the medical information about individuals in the United States of America. While OSHA or occupational health and safety act of 1971 aims to ensure healthy and hygienic working environment; it gives safety of a sophisticated standard. This is done by trainings, seminars and educational assistance. But these laws are overlapping and confusing.
To clear all the confusion, here are the top 7 questions put forward regarding OSHA and HIPAA training requirements for Dental and Medical Offices:
- Is the training conducted annually?
Yes, OSHA and HIPAA training are conducted annually to update the employers with the new set of guidelines, if any. The procedure and the protocols are well explained in the training and at the end the employers provide an attested document stating that they are well aware of the content of the training.
There are HIPAA online training sessions available with Compliances group.
- Who all should be included in the training?
This answer is different for HIPAA and different for OSHA. In OSHA training, all doctors, nurses and staff of the organization must go through the training which is conducted annually. Same goes for HIPAA but it also includes individuals who come under PHI or Protected Health Information.
- What should be the duration of the meeting?
There is no specific duration; more emphasis should be made on delivering the content to the trainees in a very appropriate manner.
- What all should be covered in the training session?
Employers can access the official website for OSHA and HIPAA for exact details about the same but overall following points must be covered:
- General Office Safety – including injury and illness prevention program (IIPP), fire safety and emergency responses, eyewash stations, and washrooms.
- Hazard Communication
- Ionizing Radiation
- Bloodborne Pathogens – including medical waste management information.
- How to maintain the records of the training conducted?
HIPAA specifically requires the training to be documented. Records of the training session should include:
- Dates of the training
- Content of the training
- Names and qualifications of trainers
- Names and job titles of attendees
- What are the consequences of not conducting the training?
OSHA penalties can range from $0-$70,000, depending upon how serious the violation. HIPAA issues penalties up to 1.5 million depending on the provision of HIPAA violated. If the severity of the situation is serious, then the doctors and nurses might get their license cancelled as well.
- What citations can be given?
5 examples of OSHA citations for physicians’ offices and clinics
- Failure to implement and maintain an exposure control plan
- Failure to train
- Failure to engineer out hazards/ensure hand washing
- Poor housekeeping
- Failure to implement and maintain a written hazard communication program
5 examples of HIPAA violations
- Failure to promptly release information to patients.
- Improper disposal of patient records. Shredding is mandatory before disposing of patient’s record.
- Missing patient signature. HIPAA forms without the patient’s signature is invalid.
- Releasing wrong patient’s information.
- Discussing information to friends or relatives about patients in the hospital.
At compliances group, we offer HIPAA privacy training to for employers apart from the HIPAA basic training.