All posts by Kev

HIPAA, News and Blog, OSHA

OSHA, HIPAA, COVID – HOW PREPARED IS YOUR DENTAL OFFICE?

Leave a comment

You’ve opened your doors to patients, implemented a few new COVID Protocols, it feels awesome to be back to work!  But are you fully prepared for an unexpected OSHA or Health Department Inspection?  Impromptu audits, these days, can cost thousands of dollars!  To avoid the expense, stress & disruption of an insidious inspection, read these easy-to-implement, valuable tips about how to best insulate your dental office.  We have entered a new age of OSHA & HIPAA Compliance.   COVID Compliance Requirements can be simple — if you connect a few more imperative dots…

Like most USA dental offices, you probably have used the  ADA Tool Kit that provided the step-by-step instructions for which PPE to wear, how to set up social distancing, patients/employee screening, and the new Covid Infection Control Practices. 

But did you also know you had to record all of these new COVID changes in written format?  Yes, the first touch-point,  that OSHA or Health Department Inspectors will request, these days, will be your required back-to-work written COVID Preparedness Plan.  You can self-design this document,  by using the government-issued reference guide OSHA 3990.  This will provide you with the framework for creating your document.  Be prepared to invest 100 to 125 hours to ensure you have all of the required OSHA 3990 requirements, customized to reflect your COVID compliance within your dental setting.  Yikes! 

If you’re not much of an investment of time, try a more reasonable-to-navigate, templated Pandemic Preparedness Plan that will allow you to “check-off-boxes” or “fill-in-the-blanks” to design your own written COVID Preparedness Plan.

Be Mindful: these COVID-Management Protocols & Requirements will evolve.  No doubt, as time progresses, protocols for PPE, employee & patient screening processes, vaccination & infection control practices will evolve.  As OSHA Compliance Trainers, we receive common questions, from dental offices throughout the USA.  Most current, are questions about Employee Vaccinations.  Your patients may have already been calling your office, to inquire: 

“Are all of your employees vaccinated?”

“I only want to see your vaccinated hygienists!”  

And vaccinated employees may be under the misconception that they can stop wearing COVID-inspired PPE.  While many mandate updates will emerge with clarity, others remain murky and need to be researched or logically readapted into your office policies. 

What Should Dental Practice Owners  Do?  The most prudent and practical answer is to stay current and up-to-date on the evolution of COVID-Compliance laws.  While that may be easier-said-than-done, these days, aligning with a trusted, Compliance Expert may be the safest & healthiest conduit to ensure that your dental facility stays committed to changing all compliance liabilities into practice assets!

Use this COVID-Compliance Checklist:  To ensure that your team has comprehensively set your COVID-Compliance Protocols, use the checklist below.  Make sure that you can answer “yes”  to all of these components that Compliance Officers will require to see in writing: 

  • Proof of COVID-Management Employee Training
  • Proof of Annual OSHA Training
  • Written Pandemic Preparedness Plan
  • Employee Occupational Hazard Forms— written to the new COVID Standards
  • Respirator Voluntary Disclaimer Form (clinical employees only)

COVID has brought massive changes to dental office OSHA & HIPAA Practices! Are your facilities’ written protocols in order?  Don’t stay stuck!  Knowledge is power!  

First steps?   Consider a private Discovery Meeting to review your current OSHA & HIPAA status.  If you’d like a private, confidential evaluation, from our Compliance Coaches at Dental Enhancements, Inc.,  we are happy to help you get “in the know”!  Discovery is usually the best “first step”  to understanding your obligations so that you can prepare your team to be safe, confident & ready —for any OSHA, Health Department, or HIPAA Inspection.

FOR A PRIVATE DISCOVERY MEETING OF YOUR OSHA & HIPAA STATUS,

CALL DENTAL ENHANCEMENTS, INC.: 941-587-2864

HIPAA, News and Blog

EVERYTHING’S BIGGER IN TEXAS! WHY TEXAS DENTISTS NEED TO TAKE THE “HIPAA BULL” BY THE HORNS… NOW!

Leave a comment

Sometimes old adages just fit!  It this case Texas dental practice owners need to put on their 10-gallon to pay attention to this massively important, but often overlooked Texas Mandate.  Federal HIPAA protocols should be reviewed and updated in your office annually.  All Dentists in the USA need to abide by that law.  But did you know in Texas, all Healthcare Practitioner’s are required to train & certify all of their employees to the HIPAA TEXAS HB 300 Standard?

It’s true, in  “Texas HB 300 or “Texas HIPAA House Bill 300“.  This bill was implemented by Gov. Rick Perry in 2012. 

He  mandated that all Texas Healthcare Professionals implement & renew this Texas HIPAA obligation with their employees, every 2 years. 

Texas HB300, has the strictest HIPAA Protocols, in the country, created to protect Electronic Patient Information (or ePHI)

Be aware cowboy, that non-compliance with this Texas HIPAA Requirement, can wrangle big fines ranging from $10K – $1.5 M.

And Texas has a Governing Entity who enforces these Texas HIPAA laws with impromptu audits! Talk about feeling hog-tied!!??

It’s just not worth the risk because getting into compliance can cost as little as $125 per office per year!

So, where do you start to find out how to implement all of the Employee Training, Required Documents and Facility Protocols for Texas HB 300?

And how do you remember to stay on-pace every 2 years?  Do some research.  Google search and dig around for the “most comprehensive Texas HB300 Program”  out there!

Make sure you choose a coaching company that will offer automatic reminders or re-enrolment your team in Texas HB 300 Updates, every 2 years, so you don’t fall off this horse!

Texas HB 300:  Its bigger, its bolder—But you’ve got this!

 

Written by Jill Obrochta RDH BS

Founder of Dental Enhancements, Inc

Contact:  jill@dentalenhancements.com  941-587-2864

Click Here to find out more about our HIPAA TEXAS STATE HB 300 DO-IT-YOURSELF Training Package on CD-ROM Video Training & Forms

News and Blog, OSHA, Uncategorized

Rise in OSHA Inspections Nationwide, Causes Major Concern for Dentists! How Should YOU Prepare

Leave a comment

Over the past 60 days, there has been a 200% rise in OSHA Inspections nationwide!  It is the biggest rise in OSHA Inspections, when compared cumulatively, to the past 20 years!  Why the sudden jump?  What are OSHA Inspectors looking for in “dental offices”  as opposed to medical or general healthcare settings?  

The culprit could be this new document:  The CDCs Summary on Infection Prevention for the Dental Setting.  This 44-page document is a revision to just about all of the Infection Control Practices that have been practised for the past 50 years.  This new summary has been adopted by OSHA as the “new industry standard”, by which all dentists must practice.  It is a required document to have in the dental office (or a written revision that includes all required practices).  But why the big change?

OSHA enforces safety standards and issues fines for non-compliance.  But OSHA does not always create the laws.  In 2008, OSHA said, “Since the Centers for Disease Control does all of the research and understands disease transmission, we will look to them to set the standards and establish the bare minimum standards in any healthcare profession.”  So, don’t subscribe to that old wives’ tale, that “A dentist does not have to follow a CDC Guideline or Recommendation”, these are always the bare minimum industry standards by which OSHA, CDC and the ADA enforce.  OSHA considers them to be OSHA law!

The CDC had been studying dental office infection control & disease transmission for 13 years.  They finally compiled this new summary in 2016, by which all dental offices in the USA will be held accountable.  The long-and-short-of-it:  Regardless of the dental specialty, all dental offices will need to practice to this standard!  The new guidelines require dental practice owners to set-up & execute “Hospital-Grade Level Sterilization & Disinfection Protocols”.  Written documentation that these protocols are being followed is also  a requirement. 

What’s a poor unsuspecting Dentist to do?  Print the CDC Summary!  Read it, study it, implement it!  Then, fill out the conveniently provided, written documentation at the back of the CDC summary!  The CDC basically gives the Dentist this entire update for free.  The trouble is, the document itself is difficult to read.  We find on-average, a dental team will need approximately 10 hours to read and digest the protocols and anther 5 hours for implementation and meetings. 

Shortcuts?  Sure.  Dental teams are relying on experts, like industry experts, dental coaching services or learned dental supply reps to help!   

Dental Enhancements can provide an insightful review of The CDCs Summary on Infection Prevention for the Dental Setting.  If you read the document yourself and feeling confused or overwhelmed about any requirement, simply contact us and we can provide clarification.  (Use our email at the bottom of this post).

Keep in mind that this 44-page CDC / OSHA Infection Control Update comprises only 10% of your overall OSHA written requirements!  An there are 200+  OSHA protocols currently required for all dental offices!  If you need a more complete solution for your office, don’t hesitate to ask for help with that as well. 

Written by:  Jill Obrochta   jill@dentalenhancements.com  

Office: 941-587-2864

Text by Cell: 941-302-2110

News and Blog

Dentists Loose $39,000 During (1) OSHA Inspection Visit! How Will Your Practice Stand Up to The Same Measures…?

Leave a comment

It can happen so unsuspectingly:  A quick-to-boil, disgruntled employee; An impulsive, disenchanted patient; And a simple phone call to OSHA.   One overlooked OSHA protocol– that leads to another– and then a third (as in this case).  The loose ends added up quickly when the OSHA Inspector began measuring this tally!

A Compliance Audit, like this one,… can quickly precipitate  disaster for the dental office, unaware of new changes in:  Infection Control , Required Waste & Recycling Containers & Dental Chair Unit Water Quality Regulations.  Oversights may be seemingly innocent: “We didn’t know that rules had changed”, “We are only a few months past-due for our OSHA Training Course” & “We just were not paying attention.”  Comments like these, should never be uttered by dental personnel nor touch an OSHA Inspectors ears.

Yet this incident, unassuming, well-intentioned dental office received (3) costly OSHA violations due to:  admitted negligence and obliviousness.  OSHA takes non-compliance seriously!  A major win for the OSHA Inspector; A $39,780 mistake for the (practice owner), Dentist.  Read on to discover how to avoid this plight and get your office on the road to comprehensive OSHA success!…

Did you know, that every January, www.osha.gov  & the Department of Labor Agencies, publish their new Penalty Increases.  Take a look at the 2019 “price-you’ll-pay” for ignoring to the 100+ Safety Protocols currently required to be operational in your dental office:

Type of Violation Penalty
Serious &
Other-Than-Serious

 $13,260 per violation
Failure to Abate $13,260 per day beyond the abatement date
Willful or Repeated $132,598 per violation
https://www.osha.gov/penalties/

The Penalties Inflation Adjustment Improvement Act of 2015 established an “Allowable Increase Rule” that lets these agencies adjust their assessed penalty levels, upward, every year.  And they do just that!  Since 2015, it seems OSHA & the DOL slap-on an average 10% increase to exceed the prior year’s average penalty rates. 

This year, the OSHA penalties will start at $13,260 per violation.  In addition, the maximum penalty allowed for “failure-to-abate” violations are $13,260 – that’s for every day that an employer fails to abate (1) specific violation!  Finally, the maximum penalty allowed for “willful or repeated” violations is $132,598!   This is 10 times the maximum permitted for “serious” & other-than-serious” violations.  These fees, undeniably, would be astounding and threatening to any dental practice.

What’s the cure?…

Get “in-the-know”!  Stay “in-the-know”, about current & evolving OSHA laws.  Make sure to include (3) components to build a truly comprehensive OSHA Program within your office: Annual Employee Compliance Training, All Required Paperwork & Up-to-Date Facility Protocols

Incorporate Annual OSHA Employee Training for all employees. Be sure to include full-timers & part-timers; clinical as well as non-clinical employees.   Currently there are (45) Required OSHA Learning Point that should be covered in this year’s Annual OSHA Training.

Apply what you learn in your facility!  There are over 100 protocols to set up within your facility. Set your plan into action!  Its best to work with compliance trainers that provide a “recap” of your training in report format.  Then make sure you can reach your Trainers for additional guidance, clarification and support as you set up your protocols.  Getting the assistance during your set-up phase will be a critical key to your success.

Don’t forget the paperwork!  OSHA inspectors will check for required OSHA documents first!  When entering your office, they will want to see required documents, that are up-to-date.  Be sure to include:   Employee Forms & Acknowledgements, OSHA Manual written to GHS & Current CDC Infection Control Standards & new OSHA / GHS SDS Sheets in (2) varying formats.     

What do you do now?:  Get compressively compliant–then stay comprehensively compliant!   How?  Align with a compliance resource that provides “a relationship” along with your training, manuals, forms & protocol checklists.  One that you can reach out to 24/7 for guidance, clarification and updates.  We suggest this ALL IN ONE DXL Program.  It provides everything, plus, 24/7 access to Dental OSHA & HIPAA Coaches that become part of your team’s success.  It the relationship package.  And one of the best rated in the industry.

Need more guidance?  Contact an OSHA / HIPAA Coach for a confidential Discovery Meeting by calling 941-587-2864 or email us, anytime.  We are happy to help!

News and Blog

Annual HIPAA Requirements – What Every Dentist Must Do!

Leave a comment

HIPAA Un-Riddled!

What happened to the day when you unlocked the office, turned on the suction, picked up a handpiece and straight-up—practiced dentistry? 

Electronic Communication (E/C) has taken the innocence of practicing dentistry right out of our hands!  While it provides instant information and keeps us “in-the-know”, the double edge to E/C now obligates us, and healthcare practitioners, to insulate and protect our patient “Protected Health Information” to the Max!  Read on— you’ll be glad you did…

What Does This Mean to Your Dental Office?

By now you know that you must protect your Patient’s “PHI” (Protected Health Information) to very strict HIPAA Privacy & Security Standards.   This applies especially to your facilities paper communication, electronic communication (computers) and internet activities.   Since 2010, The Us Department of Health and Human Service (www.hhs.gov) has required “hi-tech policies” be observed within all healthcare settings in the USA.   But every year, as technology and identity theft evolves, you must keep up with the curve!  

To ensure that your facility standards can stand up to a HIPAA Audit (and yes, they are visiting dental offices in full force) and that you are implementing all of the current  HIPAA Privacy & Security Standards for Conversations, Texts, Copies, Emails & Faxes.  Yes, all of those daily office function has specific HIPAA Privacy & Security Standards.   To understand “how you must behave”, its best to establish a comprehensive HIPAA Program within your office that your review continually and update at least annually.

What-to-Do:

You can take the long road or the short-road to successful HIPAA compliance.  The following are “short-road /best practices” and provide the least time-consuming remedies for implementing compliant HIPAA protocols:

ConversationsHIPAA has protocols for “regulatory language”.  This means you should refrain from using the patients “full name” and avoid using the patients “the last name” in spoken conversation.  If you want to be more respectful to elderly patients or Doctors who may frequent your office, make sure you have permission a permission statement on your HIPAA Patient Acknowledgement Form that allows the patient to give your team permission to call them by their SurName. 

Texts:  Texting is definitely convenient, but under HIPAA Regulations, you cannot text Patient Protected Health Information (PHI).  A “patient name” is considered PHI.  When texting either do not text a patient’s full name— or download a HIPAA compliant text APP to all cell phones. 

Copies:  Copy Machines need to be located in a low traffic area, under Management Control & specific logs even need to be kept for specific types of copying.  Be sure you have written protocols for “filing or shredding” paper documents. Make sure that all employees are aware of these protocols and follow them to current HIPAA law.  Paper documents containing PHI that is not going to be securely filed, need to be shredded  ASAP.  This protocol needs to be I written format within your HIPAA manual.

Emails:  It is not required that you have an Out-Going Email Encryption Service, but it will sure be a lot less complicated!  If you do not sign-up for an  Out-Going Email Encryption Service, you will have to create a written procedure for:  testing emails, logging the test, sending an announcement that you are not sending your emails with encryption, getting permission—only then can you send an email.  (Wow!  That’s exhausting!  Get the Out-Going Email Encryption Service.  It’s only $15 / month in most instances.)

Faxes: Practice owners are now responsible for where facsimiles end up on the other end!  To be HIPAA compliant either: retire your fax machine, do not fax out or convert your faxes to email encryption.

HIPAA Standards are constantly evolving.  Make sure your office completes a comprehensive update in 2019. If you find yourself a bit overwhelmed with all of this, don’t stay confused.  Call our team for guidance should you need clarification on the aforementioned protocols.  It’s our pleasure to help!

Created by Jill Obrochta RDH BS

Call us for a copy of our:  2019 HIPAA FACILITY COMPLIANCE CHECKLIST  or

ASK TO GET COACHED by JILL:   941-587-2864

HIPAA, News and Blog, OSHA

Yankee Dental Meeting in Boston, MA in JAN 2019

Leave a comment

Yankee Dental Meeting in Boston, MA in JAN 2019

Friday, February 1, 2019, 2-4pm.

Speaker Jill Obrochta, RDA

Course description and objectives:
THE NEW ERA OF OSHA & HIPAA INSPECTIONS: ARE YOU PREPARED?
With a Focus on new CDC Infection/Prevention Requirements to establish Hospital-Grade Level of Infection Control in the Dental Office.

You’re a seasoned dental professional; And you must feel like you have a firm understanding of your dental office’s OSHA & HIPAA Protocols, Right? But did you know: That recently, OSHA & HIPAA requirements have massively changed? Currently, OSHA Inspectors & HIPAA Auditors have received government funding, to conduct detailed audits to ensure that all of these new requirements are enforced! Are you prepared?…

Spend an insightful afternoon with a Dental OSHA & HIPAA Expert. You will learn “what the Inspectors are looking for” and “why it is important to set up your compliance programs—comprehensively.” Ask questions or simply listen & learn. Take away expert tips– so that you can have streamlined success with OSHA & HIPAA compliance at your dental office.

COURSE OBJECTIVES:

Upon completion of this course you will be able to :

Distinguish what OSHA & HIPAA Modules are required for your State—and when you have to renew them?
Understand what (3) components are critical for setting up comprehensive compliance programs within your dental facility.
Review the different components and make savvy distinctions about the new: CDC Summary of Infection Prevention Practices in the Dental Setting.
Realize that CDC Guidelines are the “Basic Expectations” & OSHA Inspectors can fine for not having them implemented.
Adopt a “Maximum Efforts” mentality to protect your employees + patients by integrating “on-trend” OSHA & HIPAA Protocols.
Realize that OSHA & HIPAA Inspections are getting more detailed and sophisticated and how to stay ahead of the curve.

BONUS TAKE AWAY:

Attendees will have the opportunity to get a PDF copy of the CDC Summary of Infection Prevention Practices in the Dental Setting & Schedule a 30-Minute Free Phone Consultation on how to navigate and implement these protocols. PLUS a private consultation about your current OSHA & HIPAA status.
Speaker will provide details.

Looking forward to seeing you there.

Jill Obrochta, RDH BS

DentalEnhancements.com

OSHA made EASY

HIPAA made EASY

941-587-2864 office

941-302-2110 cell

 

 

News and Blog

Top 5 Things Your Dental Office Should Have in Place to get an A+ rating from an OSHA Inspector

Leave a comment

Did you know?   This year, OSHA Inspectors are out in full force and they’re scrutinizing dental offices more than ever!  Why?  Well in recent months it seems the media has targeted several dentists, nationwide, that have had “less than ideal” Infection Control Protocols.    Now let’s focus on the positive:  What should your dental office have in place for Mr. OSHA Inspector:

  1. Employee Paperwork:  Make sure all employees have HEP B Vaccination Records, Proof-of-Annual OSHA Employee Training, Proof-of-Global Harmonization System Training, Occupational Exposures Document and Medical History on file for all employees. 
  2. New Global Harmonization System (GHS) Protocols & Paperwork:  GHS was mandated to be in place in all dental offices since December 1, 2013.  This means you need:  Proof-of-GHS Employee Training, a New OSHA Manual written to GHS Standards, Conversion of your USA–MSDS Sheets to the new International SDS Sheets and a diagram of the new Pictograms posted within your office dwelling.  If you don’t have your act together with regards to GHS, consider a comprehensive GHS Solution.
  3. Required Labels & Stickers: You will need both:  Hazard Rating Labels at the point-of-use to represent all of your dental products, as well a,s Bio Hazard Labels at all biohazardous areas within your office. (i.e.:  at radiation buttons, on soiled laundry bins, at suction traps)
  4. Proper number of Sharps Containers and Red Bags within your office: Now required at the point-of-use are small sharps disposals and red bags for soft soiled waste.  It is not prudent or safe to walk with or re-handle soiled waste.  Make sure you place “point-of-use” disposal containers in all of your operatories.
  5. Sterilization & Disinfection Logs and Receipts: Keep all of these documents together in an organized binder in chronological order. Inspectors will want:  Biomedical Waste Pick-Up Receipts, Spore Test Results and Cold Sterile Changing Logs for the past 3 years.  

So does your office make the grade? Seriously, many dental offices do not know where unsafe behavior starts and where compliance begins!  Don’t be caught unprepared or looking uneducated.  Saying that you are unaware of the OSHA requirements will only infuriate most OSHA Inspectors.  Make sure you choose an OSHA Compliance Training Company that will assist you in getting all requirements in place.  Choose one that will help you with understanding and implementing all of the requirements and that will help direct you when putting your protocols in place.

Written by Jill Obrochta & Heather Whitt of Dental Enhancements.

Got Compliance Questions?  Call us:  941-587-2864

New Hampshire Ortho:

http://www.wmur.com/news/new-hampshire-board-of-dental-examiners-to-decide-if-orthodontists-license-will-be-reinstated/26133408

Oklahoma Oral Surgeon

http://www.dentistryiq.com/articles/2013/03/osap-comments-on-tulsa-oral-surgeons-infection-control-violation.html

 

News and Blog

HIPAA Audits – How To Prepare

Leave a comment

With the new wave of HIPAA PHASE 1 & PHASE 2 Audits, (that began in November 2016 and will be still running strong in 2019), most dental offices don’t know where to start to streamline their efforts.  Turning the other cheek to this big, bold requirement won’t make it go away. And burying your head-in-the-sand will only make the requirements seem uglier when you surface.  The sinister HIPAA Auditor may ominously creep into your office, like a grim reaper, ready to rip your HIPAA protocols to shreds. 

Protecting your practice is an essential step in setting up your HIPAA compliance protocols.  Did you know there are 89 risks you face in private practice every day?  Eighty-nine!  This is based on research released from noted Dental Financial Prosperity Coach, P. Christopher Music.  Christopher elaborates, “Think about it—Did you ever hire the wrong person?  What did it cost you?  The National Average Cost is $30,000!  Let alone the time, effort and headache that it cost to correct that error.  Building a system around everything you do within your dental office saves you time, money and mistakes.  HIPAA & OSHA compliance protocol systems are no exception.  Especially these days with the deep fines and lengthy inspections that come with governmental intervention.”  (Listen to an enlightening podcast on How to Set Up HIPAA Systems within your office by clicking here).  

We all know, “Knowledge is power”. Discovering and implanting streamlined HIPAA systems is like adding steroids to that power.   Results-based HIPAA Compliance is what you want. Applying a tried-and-true system to almost anything we do in dentistry saves us time money and the pain of the misstep.       

Results Based HIPAA Compliance is the result of implementing a 3-pronged approach to compliance.  Every dental practice owner must be sure to include: 

Employee Training: Remember, every employee must be trained to these new HIPAA Omnibus Rules Standards of 2013.  This includes full-time and part-time employees, as well as, clinical and non-clinical employees.  Rest assured that “Proof-of-Training” will be requested by the HIPAA Auditor typically within the first 5-minutes of his visit.  All employees must have this HIPAA Omnibus Rule training prior to handling any Patient Protected Health Information (PHI).

Required Paperwork:  Currently, this includes (8) HIPAA forms that should be in-use and functioning within your dental office.  These HIPAA forms include: patient, employee, office and business vendor forms that inform and protect your patient’s rights to privacy vs. access of their Protected Health Information (PHI).  And a HIPAA Manual—written to the new HIPAA Omnibus Rule standard is required as a Federal Document in every USA healthcare facility. 

Facility Protocols: …will be the next stop on “the HIPAA Hitman’s” tour of your dental office.  It is not enough to just implement HIPAA Employee Training and the Required Paperwork.  You must make sure that you connect-the-dots of your training and paperwork by implementing all of the required HIPAA Facility Protocols.  This gets to be challenging because technology is constantly changing and growing.  The best way to get your dental office fully HIPAA compliant is to utilize a checklist.  HIPAA Facility Protocols include everything from your patient check-in procedures to how you text patient info after hours.  To keep current with these changing protocols, align with a trusted HIPAA resource.  One that offers expertise and keeps you informed.      

GET COACHED  JILL & CHRIS

Get informed.  Power Up!  HIPAA AUDITS:  BRING IT!!!  Townies got this!                                                    

Call us for a copy of our:  2017 HIPAA FACILITY COMPLIANCE CHECKLIST  941-587-2864

THE RISK OF NON-COMPLIANCE WITH THE NEW HIPAA RULES

The risk of Non-Compliance with these new HIPAA Rules

Building a system will help protect you.

            2019 HIPAA FACILITY COMPLIANCE CHECKLIST

IS YOUR DENTAL OFFICE PREPARED FOR A HIPAA AUDIT?

Below are (16)  HIPAA Facility Protocols that all HIPAA Auditors will check.

Make sure your facility is HIPAA Compliant in these areas.   If you need additional guidance—feel free to give us a call.  

The HIPAA made EASY Team

941-587-2864

□  Patient Check-in / Check-Out Procedures ensure Privacy: ensure that there is no “overhear” or visual intrusions. (No overhear or visual intrusions)

□  Office Server is Secure:  If on-site, place in a secure well ventilated room or lock down with a “server cage” or “server locker”.

Office Wi-Fi is partitioned or separate so that patients cannot access business Wi-Fi.

□  Copy Machine is Secure:  Placed in a secured location, monitored by management, shredder in use & HIPAA Compliant Copy Policies in Place

□  Our Out Going Emails are HIPAA Compliant:  Either an Email Encryption Software Bridge is in use or  a Written Email Use Program with Testing Protocol (tested on every email) is in place.

□  Use A HIPAA Compliant Text-App is in use on all Cell Phones that share Patient PHI so that patient information is sent securely over text.  (Alternatively, if you do not want to load in a Phone APP then, do not text patient PHI)

□  Fax Machine is operating to current HIPAA Standards.  Convert Facsimile to Fax-to Email to ensure facsimiles are encrypted when sent.  Or, traditional faxing will require that you write a detailed Fax Safeguard Plan and implement it to the current HIPAA standards!  

□  Do away with take-along data back-up drives and go fully cloud-based. Lost or stolen take-along drives prove to be a major risk to healthcare facility owners.   Theft of a device risks a $150K HIPAA fine + 18-month audit! Automatic, encrypted, cloud back-up is Best Practices.  Research & choose a reputable cloud hosting service.

Get a HIPAA Manual written to HIPAA Omnibus Rule Standards:  Make sure your manual is up-to-date, customized per office location with HIPAA Officer and Compliance Committee listed.  Hi-tech Law, physical, technical & administrative aspects of HIPAA protocols are all clearly defined for your office (included in HIPAA Manual).  Areas for updates to written policies with notable periodic reviews are evident.

□ Have detailed HIPAA Reports—Up-to-Date: Risk Assessment Report & Data Back-Up & Contingency Report Up-to-date, detailed, customized per office location.

All Employees are trained to HIPAA Omnibus Rule Standard. All Employees must be trained to current HIPAA standards, prior to handling patient PHI.  Update employees on HIPAA rules to keep up with evolving HIPAA laws and technology updates that concern PHI.

All Employees have signed all HIPAA Required Employee Forms:  Up-to-date, signed and readily available for HIPAA Auditor.   All employees must complete HIPAA Omnibus Rule Training by watching HIPAA Omnibus Rule Video:

  • HIPAA CONFIDENTIALITY & NON-DISCLOSURE AGREEMENT
  • EMPLOYEE DOCUMENTATION OF HIPAA OMNIBUS RULE TRAINING
  • HIPAA RISK ASSESSMENT & MANAGEMENT ANALYSIS+ HI TECH LAW/ HIPAA SECURITY RULE POLICY AGREEMENT

Appropriate Business Vendors have signed Business Associate Agreements with your office.  Have all applicable Business Vendors sign (then retain on-file), a HIPAA Omnibus Rule—Business Associates Agreement (BAA).  This is a Vendor Confidentiality Agreement, that is required for all vendors who “see or use” your patient PHI.

□  Update and use other required in-office HIPAA Forms written to Omnibus Rule Standards.  These would include, but may not be limited to:  Patient Acknowledgement Agreement, Notice of Privacy Practices, Third Party Release Form, etc.

□  Align your office with a reliable HIPAA Resource.  Search out a reliable HIPAA Trainer or join a HIPAA Web-Group that will provide support, updates and tutorials on these ever-evolving HIPAA laws.

□  Have HIPAA Practice Drills with your team:  HIPAA requirements will always be evolving and changing in relation to our advances in technology.  Be sure to practice with your team, how you should handle various scenarios with regards to patient PHI, internet use, etc.  Establish and update your HIPAA office protocols periodically or at least annually.

Call us if you have questions on this checklist.  Many healthcare professionals feel overwhelmed when they have to tackle an update to their current HIPAA program. If you have questions about your current HIPAA Protocol set up, or if you would like information on our HIPAA COMPLETE PKG or ALL-IN-ONE OSHA & HIPAA TRAINING PKG, please feel free to contact us at any time for a confidential, complimentary consultation.  We love this stuff!  And are here to support your success with HIPAA protocols.  

The HIPAA made EASY Team 

941-587-2864

 

 

 

 

 

News and Blog

Video Demonstrates A Common US Dental Office HIPAA PHI Violation

Leave a comment

The above is a common scenario…

One that could creep up on your team innocently.

If you are curious about how to best protect your team against unsuspecting HIPAA violations – plan a staff meeting and update your current HIPAA standards to include:

  • A review of common practices with patient PHI: Pt Check In/Check Out
  • What papers need to be shred When & Why?
  • What I the proper form to use before sharing patient PHI with a 3rd party?
  • What steps should we take to better safeguard our Patient’s PHI from being seen or used?
  • How are we protecting PHI in Texts, Faxes, Copy Machine & Outgoing Emails?

If you need help with updating your HIPAA protocols for 2019, feel free to call one of our HIPAA Coaches on:

941-587-2864

To see what is required.