All posts by Lucy Ford BAD EXAMPLE

Dental Office OSHA- Do We Really Have to Train Annually?

OSHA Training never brings a smile to your face. Thinking about this arduous task makes most of us cringe.  Seeing an OSHA Training Session, scheduled during your workday’s lunch hour is about as exciting as looking forward to doing your taxes.  Nonetheless, a necessary evil.

Not only is OSHA Employee Training required for your dental office to do annually, but every dental office employee is required to complete it.  This includes Receptionists, part-time employees, and even the Doctor!   If you pull a paycheck from the practice, you have to be there.  If you work at all within the office dwelling, you have to be there.

But let’s face it, not every employee may be able to attend the training in one set, given time.  What are you to do? Thanks to modern technology and more creative means of accomplishing training, select OSHA Training Companies can offer you the convenience of replicating or repeating your training session for absentee employees.  Even better, you should be able to obtain the training in a format that allows new-hires to train for free.

To accomplish this end, make sure to choose an Annual OSHA Employee Training Company that will provide the following:  Proof-of-Training Certificate, Handout for your Employees to Follow, Test of the Materials Presented, Live Instruction— either in person or better yet, via webinar and access to an OSHA Expert for future reference regarding questions, clarifications and access to important updates.

A 5-Star, Industry Rated program comes from Dental Enhancements. The Initial Annual OSHA Employee Training Package comes also with a 72-Point OSHA Safety Facility Report.  It is completed via the phone post-training session with one of your employees.  Recommendations for rectifying any Non-OSHA Compliant areas within your office are reflected in your customized report, making this program a superior OSHA training solution that most dental offices value.  It provides peace-of-mind for when an OSHA Inspector may “come-a-knockin” at your door.  Unlimited OSHA support—in the form of telephone or email access is also provided for one full year with this program.

Feeling inspired?  Much better huh?  So when you see that OSHA Training Session scheduled during your precious lunch hour now, you can smile not cringe.  It’s all about choosing the right OSHA Training coaches.  So, choose…Don’t snooze.  Don’t lose!

 

Written by Jill Obrochta & Heather Whitt of Dental Enhancements.

 

HIPAA Audits: Fact or Fiction?

Is Mr. HIPAA Auditor really out there enforcing compliance? The fact is, he may be closer than you think. With the sweeping changes regarding HIPAA Omnibus Rule, tolerance for non-compliance is next to zero. If you have not completed your training to Omnibus Rule Standard, you may be in the dark, but ignorance in this case is NOT bliss! There are numerous forms, extensive protocols that were due in place in your dental office by September 23, 2013. There is no grace period, and there is no “I’ll get to later” attitude tolerated. This is a pressing issue and should be a priority- NOW! The key to a smooth transition into HIPAA Omnibus Rule compliance is a comprehensive, economical, and easily implemented HIPAA Omnibus Rule Training Program. Seeking this training from a reputable,  knowledgeable company is a must.

Still not convinced this should be priority one in your dental office? Not sure if compliance to HIPAA Omnibus Rule is actually enforced? Allow us to present to you some recent actions as a result of non-compliance according to HHS.gov:

 

1.   “The Hospice of Northern Idaho (HONI) has agreed to pay the U.S. Department of Health and Human Services (HHS) $50,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  This is the first settlement involving a breach of unsecured electronic protected health information (ePHI) affecting fewer than 500 individuals.”

2.   Alaska Department of Health and Human Services (DHHS) has agreed to pay the U.S. Department of Health and Human Services’ (HHS) $1.7 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  Alaska also agreed to take corrective action to improve policies and procedures to safeguard the privacy and security of its patients’ protected health information. OCR’s investigation followed a breach report submitted by Alaska DHHS as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act.  The report indicated that a portable electronic storage device (USB hard drive) possibly containing ePHI was stolen from the vehicle of a DHHS employee.  Over the course of the investigation, OCR found that DHHS did not have adequate policies and procedures in place to safeguard ePHI.  Further, DHHS had not completed a risk analysis, implemented sufficient risk management measures, completed security training for its workforce members, implemented device and media controls, or addressed device and media encryption as required by the HIPAA Security Rule.”

3.   Idaho State University (ISU) has agreed to pay $400,000 to the U.S. Department of Health Human Services (HHS) for violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.  This settlement involves the breach of unsecured electronic protected health information (ePHI) of 17,500 individuals who were patients at an ISU clinic.”

 

If you think your practice is under the radar, think again! HIPAA audits can be kicked-off by disgruntled employees, HIPAA-savvy patients, or perhaps another healthcare provider who may make a complaint. The government is obligated to investigate every complaint, even if suspected untrue.

HIPAA Omnibus Rule is not going to go away, a HIPAA compliance company that will guide you through the twists and turns of compliance will be your greatest asset to protect your practice. Look for a compliance training company that will be your advocate in this cumbersome process. A company that will make compliance easy and stands by you when you need them to. Don’t leave yourself open and ripe for the picking!

 

Written by Jill Obrochta and Heather Whitt of Dental Enhancements

 

Dental Office OSHA: 3 Key Factors to Success

 

Creating an OSHA Compliance Program for your dental office can be a daunting task.  If the thought of implementing or updating your OSHA program makes you cringe, want to pull your hair out or quit your job….Hang-in there, there’s help!

The key is to choose an OSHA Compliance Training Company that is comprehensive, hands-on with the required protocols and easy-to-work-with.  You want an OSHA Company that is “on your side” not policing for osha.gov.  Below are (3) Key Factors to keep in mind when creating or updating your dental office OSHA program:

 

1.    Be Sure your Program is Comprehensive:  In the recent year, there were sweeping changes with regards to OSHA compliance.  In 2013, OSHA mandated that dental offices begin to implement the Global Harmonization System (GHS).  This means that by December 1, 2013 you should have at least had your team trained to the GHS-Standard and be able to show proof of this training.  OSHA manuals will need to be updated to the GHS standard as well as your employee paperwork.  Proof-of-GHS-Training is a requirement, so you will want to have a GHS-Certificate or its equivalent.  Make sure to choose a comprehensive GHS training solution.  It will make your life with this new protocol logical and less stressed!

 

2.   Work with OSHA Experts:  New protocols?!!  Uggh!… that’s enough to realize:   “You don’t know what you don’t know…(but you need to!)  And Mr. OSHA Inspector….doesn’t care!”  Don’t risk being caught-up in an OSHA inspection and being called-out on not having these important and cumbersome new protocols in place.  It’s not worth the time and aggravation a prolonged OSHA Inspection is sure to bring. Choose an OSHA compliance company that will have your back and make it easy. (We love one in particular!)

 

3.   Update, Update, Update!  It never ends!  No, I’m serious.  Just because you get the GHS Standards under-your-belt and in place within your dental office, don’t think the buck stops there!  Compliance will always come with updates.  It’s the name-of-the game.  Again, make sure you choose an OSHA Compliance Training Company that will be your “OSHA dental tooth fairy”.  One that will share updates with you throughout the year and also maintain an interactive relationship with you so you can be comfortable and confident in getting your OSHA groove-on.  (What do you think they will leave under the pillow?)

 

Remember these (3) factors are the key to your OSHA compliance success.  Don’t be fooled, it’s not that easy.  Go search-out your OSHA Tooth Fairy now!

 

Written by Jill Obrochta & Heather Whitt of Dental Enhancements.

Dental Office HIPAA: 3 Key Factors to Success

 

Creating a HIPAA Compliance Program for your dental office can be an arduous task.  Just thinking about implementing the new HIPAA Omnibus Rules can be intimidating to say the least.  And yes, HIPAA all changed as of September 23, 2013.  So if you did not yet update your HIPAA Program to the new Omnibus Rule Standards, take-heed to our key recommendations for implementing a successful present-day HIPAA program.   Reading the information below can make the difference between complete, comprehensive HIPAA Omnibus Rule Compliance and a “heaping HIPAA mess”….

 

1.   Comprehensive is Key:  Last September (2013), Federal HIPAA laws all changed.  Make sure to choose a comprehensive HIPAA training solution.  Implementing this without professional guidance may leave too many loose ends.  These new laws are very precocious!  Be sure your program includes:  Employee Training, An new HIPAA Manual (written to Omnibus Rule Standards), Required Paper work for your Employees & Business Vendors, a Breach Reporting Protocol and new updated paperwork for patients too. Note that the new HIPAA law standards may be referred to as either “the Omnibus Rules” or “the Final Rule”.  Choose a program that reflects such.

 

2.   Work with HIPAA Experts:  Make your life easier by choosing experts in this new area of HIPAA law.   One that has had legal guidance when writing their program.  Be sure that your HIPAA coaches will also offer updates to their program and that they can speak to all of the new Omnibus Rules with finesse.

 

3.   Create a Relationship with your HIPAA Coach Be sure you can relate and interact with your new HIPAA coaches with ease.  This subject matter is convoluted and complicated enough!  You want to be sure you have an ally in the HIPAA Coach that you choose, not a heavy militant approach.  Be sure that your HIPAA Guide can make themselves available via phone or email to answer questions and make clarifications as you implement these new cumbersome protocols.

 

HIPAA…It’s the new OSHA!  But the new HIPAA laws are even more intense and expensive.  Don’t be caught off-guard or out-of-sync. Get hip with a comprehensive HIPAA solution.

 

Written by Jill Obrochta & Heather Whitt of Dental Enhancements.

State vs. Federal OSHA Compliance: What You Need to Know

It’s important to understand that OSHA Compliance is federally mandated.  But State Protocols may apply and these trump the Federal laws.  Pay attention, if you live in these States, you will have to seek out and apply the specific protocols within your State:

Alaska, Arizona, California, Connecticut, Hawaii, Iowa, Michigan, Minnesota, North Carolina, New Jersey, Nevada, New York, Oregon, South Carolina, Tennessee,  Virginia, Washington, Wyoming.

You may also want to take into consideration that where OSHA leaves off local Health Department Protocols & State Dental Practice Acts Rules may hold you more accountable as well. 

How do you keep track of all the many requirements that you may be subject to?  It’s hard to “know what you don’t know”.  Finding out the comprehensive facts can be next to impossible for the average dental practice.

 

Don’t sweat it.  Make sure when you are choosing an OSHA Compliance Solutions Company that you ask the right questions.  A good company will “hold-your-hand” over into “State Protocol and Dental Practice Act land”.   A unique feature that is value-added whenever you purchase any OSHA Training Package from Dental Enhancements is that you receive access to their private State Protocol Webpage for both OSHA & HIPAA specifications.  This takes the guesswork out of what you need and how to get it.  Ahhh— a huge blessing.

So now you know:  All OSHA is not created equal!  Align with an OSHA Training Solutions Company that will extend a hand and take you the full distance with your OSHA & HIPAA compliance obligations. 

 

Written by Jill Obrochta & Heather Whitt of Dental Enhancements

Top 10 HIPAA Compliance Requirements

 

If you need to put some “hip” into your dental offices HIPAA Compliance, listen up!  HIPAA law all changed as of September 23, 2013.  The government took 500 pages of HIPAA that existed in January of 2012— added 80 more pages and combined the two sets to create the new HIPAA Omnibus Rules.  These new HIPAA mandates were due to be functioning within all USA healthcare facilities by September 23, 2013.  Here is what is important:

 

1.   A HIPAA Manual—written to the new Omnibus Rule standard.

2.  Proof-of-Employee Training— a training session with particular components needs to be presented to each employee and all employees need to sign-off that they were trained.

3.  Employee Confidentiality Agreements—these need to be kept on file for each employee too.

4.  Business Vendor Confidentiality Agreements—Business Vendors who “see or use your Patient PHI” need to sign these agreements to protect your patient’s PHI.

5.  New Patient Paperwork

6.  New Business Protocols with regards to handling Patient Protected Health Information (PHI).

7.  New protocols for handling PHI within your computer systems and email—A good HIPAA training company will interface with your IT tech or Dental software company on this one.

8.  New Requirements to Upgrade Microsoft XP to more current HIPAA supported versions.

9.  New Breach Reporting Protocols—you need to know how to handle accidental or misguided mis-use of patient PHI and how to report it promptly.  

10.   New Daily Data Back-Up Requirements—again you will need some interface with your IT Tech or dental software company for this one.  HIPAA Training coaches or your dental supplier can also help explain these requirements.

 

Is your head spinning right about now?  It should be!  The Omnibus Rules are pretty intense.  So are the fines for non-compliance (ranging from $10,000 – $1.5M)

What is an Omnibus anyway?  By definition “omnibus”  means “previous published parts combined to create a new volume”.  Funny enough comic book series are written and republished in this fashion.  But, truly, this is no joke!  The new HIPAA Omnibus Rules (also referred to as “the Final Rule”) are pretty serious.  If you need help wrapping your head around all of this, be sure to choose a compliance company that offers a Complete HIPAA Training Solution.

One that offers: training , paperwork, electronic versions of required forms, new HIPAA manual written to the new Final Rule Standard and guided help if you need it.

 

A great comprehensive training package that will give you everything you need and help you breathe a sigh of relief (as you can speak directly with a HIPAA exert as you implement this stuff) is crucial!

 

Get “hip” to the new HIPAA Omnibus Rules.  The risk for non-compliance is just too costly.

 

Written by Jill Obrochta & Heather Whitt of Dental Enhancements.

 

 

TEXAS HB300: Remember to Renew Employee Certificates Every 2 Years

 

In 2012 Texas Governor Rick Perry created and has sanctioned a new HIPAA privacy protocol to more strictly protect patient privacy and identifiable patient Protected Health Information (PHI). House Bill 300 (HB300) holds Texas Healthcare facilities to a much stricter accountability. 

Under the HB300 mandate, all Texas healthcare providers must be compliant with:  employee HB300 training, HB300 Certificates for each Employee and implementation of all HB300 protocols.  Non-compliance puts you at risk for lengthy HIPAA audits and extreme fines!  Mr. Governor also has a special HIPAA Task Force in place to ensure you comply with the HB300 rules!  Do your due diligence, don’t wait for a HIPAA Auditor visit!

Don’t risk being fined and caught without these advanced electronic Patient

The best way to get compliant quickly is to choose a HIPAA Compliance Training Company proficient in HB300 law or even better, a do-it-yourself option to complete your Texas HB 300 obligations

You can also contact the HB 300 Information Alliance,  which is a public awareness task force designed to help healthcare professionals become informed and educated on the new HB300 laws.

What is actually required?   Each employee needs to have a certificate or worksheet proving that they have been trained and are aware of their obligation to protect patient PHI, know the correct protocols when handling this information over the internet and in electronic format or on computers, telephones, etc.  There also needs to be written protocols in place within your office that dictate your handling of patient PHI.  And of course, all involved need to understand the fines & punishments for breaches or violations of the HB 300 guidelines.

Who Must Comply? All Texas healthcare facilities must comply with these guidelines and have written proof that they are doing so!   This includes:   

Healthcare Facilities, Clinics, Employees handling PHI, ePHI & EHR(Protected Health Info, electronic PHI, Electronic Health Records) and even        IT Techs that maintaining healthcare related internet websites.

How often does this have to be done?  Texans have to comply in (3) ways:

·         Validate Employee Training on HB300 for:  Patient PHI,  HER & ePHI

·         Train any New Employees within 60  days of their hire

·         Have written Office Protocols for  the HB300 Policies within your Office

·         Update the HB300 Program— every 2 years and show Proof-of-Employee Training

You know what they say”  “Everything’s Bigger in Texas”!  Apparently HIPAA law is a lot bigger.  Don’t “mess with Texas…. HIPAA Auditors”!   Get compliant with a reliable HIPAA company to assist you. (One that knows their Texas HB 300 law.)

 

Written by Jill Obrochta & Heather Whitt of Dental Enhancements.  

Top (6) HIPAA Finable Offenses

Is your dental office ready for a HIPAA Audit?  Do you know what HIPAA Auditors will be looking for within your dental office?

HIPAA laws all changed as of September 23, 2013.  The new HIPAA Omnibus Rules can be overwhelming, confusing and difficult to implement. 

It’s important to get your entire team trained up on these new HIPAA Omnibus Rules and also be aware of what HIPAA Auditors will be checking for at your dental office.  Finding a HIPAA Compliance Training Company that will provide comprehensive insight on these new HIPAA laws is critical.  Listed below are HIPAA Auditors top (6) favorite finable HIPAA offenses:

1.        Implementing all new HIPAA Omnibus Rules within your office— This means having all new forms and written policies to the new HIPAA Omnibus Rule standard in place and functioning within your dental office.  This will include:  new Patient Forms, New Proof-of-Employee Training and even new Vendor Confidentiality Agreements to protect your patient’s private information.

2.       New HIPAA Manual written to the new Omnibus Rule Standards— With HIPAA laws changing to this new Omnibus Rule Standard all of your HIPAA  required forms and policies within your HIPAA Manual will need to be revised and updated.  Best to update and obtain a new one.  Also, keep in mind that several forms will need to be updated for patients, employees and vendors with regards to HIPAA.

3.       New HIPAA Omnibus Rule Forms— As aforementioned, you will need new forms for all patients to sign, a new notice of these HIPAA Omnibus Rules, and Business Vendors as well as Employees will need proof-of-acknowledgement that they understand how to handle and protect Patient Protected Heath Information (PHI).

4.       Daily Data Back-Up & Contingency Requirements—  This is a grey area that leaves a lot to interpretation.  But it is also one of the first areas that a HIPAA Auditor will look into.  Make sure you understand how to best have your data backed-up to the standard:  “Off-Site & Encrypted”.  Best Practices will have you backing up to a cloud that is either “live-cloud streaming” or “snapshot” of your important business and patient data.  Talk to a HIPAA internet expert to make sure you get this one right!

5.       Encryption on Out-Going Emails from your office— If your office uses outgoing email accounts like:  Gmail, Hotmail, Yahoo or Aol, and you send patient info within these emails, you will need to add an encryption software to your outgoing emails.  Your current dental software provider,  dental supplier or IT tech can help you secure this HIPAA required service.  Good news is that is does not cost much.  Usually just $2-$3 per month.

6.       Updates to your Microsoft XP Software— As of April 8, 2014 dental offices using Microsoft XP will no longer be HIPAA compliant.  Microsoft will stop providing free updates forcing dental offices to comply with the new Federal Standards.   If you are using computers within your dental office, you must have HIPAA compliant software operational within your office.  Upgrading to Windows 7 or 8 will do the trick.  These are written to the new HIPAA compliance standard.  

How do you feel now?  Are you HIPAA Auditor ready?  If not, stop stalling!  Find a HIPAA Expert that can help you scrutinize your HIPAA protocols and provide all of the forms, training and guidance you will need.  Get “hip” to the new HIPAA Omnibus Rules.

Written by Jill Obrochta and Heather Whitt of Dental Enhancements.

Top (5) OSHA Finable Offenses

 

Are you OSHA inspection ready?  Do you know what OSHA inspectors will be looking for within your dental office?

It’s not only important to train your employees annually on OSHA Laws, it’s important to be aware of and prepared of OSHA inspector check-points.  Working with an OSHA Compliance Training Company that will provide insider tips for what OSHA inspectors focus on is critical.  Listed below are the top (5) finable OSHA offenses that are scrutinized most often within the dental office:

1.        Annual OSHA Employee Training—Make sure you sign up with a company that can provide reminders of the date you are due to re-train annually or one that has an OSHA Renewal Program.

2.       New OSHA GHS Proof-of-Training Requirement— GHS (Global Harmonization System) is a new federal mandate that standardizes chemical safety within the workplace.  All United States work facilities that have/ use hazardous chemicals or professional products needed to be trained in GHS with proof of this training by December 1, 2013.  If you are not yet trained in this OSHA /GHS area of compliance make sure to choose a simple yet comprehensive GHS Training solution.

3.       OSHA Manual written to the new GHS Standard— With the change in law to this new GHS Standard all of your OSHA paperwork, required forms and even the written standards  within your current OSHA manual will change.  Best to update and obtain a new one.

4.       OSHA Updated Employee Paperwork— There are (5) required documents for each employee in your dental office to sign and have on file.  Make sure again, that these are written to the new GHS Standard.  Need help?  Work with a knowledgeable and reliable OSHA Compliance Training Company that will supply all of these forms.

5.       Third Party Biological Testing— Most States require weekly testing of your heat sterilizer. (Exceptions are Arkansas & Florida which require proof-of-testing every 40 hours that you run your sterilizer).  The tricky part here is that if you have a failure, you must provide written proof that your sterilizer, and an alternate sterilizer prove the consistency of the failure.  Ugggh…this is enough to make your head spin.  Find and use a Third-Party Biological Monitor Testing company and have them send you official reports.  Save these on file for 3 years for your OSHA inspectors.

Of course there are many other considerations and regulations to follow.  Work with an OSHA Compliance Training Company that will provide an assessment of your facility and supply you with a customized report and recommendations for rectifying any of your non-compliant areas. 

So, what do you think?  Are you OSHA Inspection ready after reading this?  If not, stop procrastinating and find an OSHA coach that can help you scrutinize your OSHA status and let you get back to the art of dentistry.

Written by Jill Obrochta and Heather Whitt of Dental Enhancements.

Is Wearing a Lab Coat Required in the Dental Office?

 

There seems to be some confusion with regards to personal protective garments worn within the dental office.  Who is to wear them, at what times and how are they to be laundered?

This is a bit of a grey area. This law is written obscurely.  A lab coat is part of your Personal Protective Equipment (PPE). PPE is part of your Blood Borne Pathogens Plan.  It is also part of Universal Precautions which dictates that “we treat all patients as if infectious”.  So, Best Practice is to make lab coats available to all employees.   

 

Yes, all employees, even receptionists.  While the law on lab coats can be interpretive or “grey”, it is best to make this armamentarium available to all employees.  While clinical employees also need to be supplied with safety glasses, masks and gloves, receptionists, at a minimum, should be supplied with a lab coat.

Lab coats should either be laundered “on-sight” or sent out for dry cleaning (save the receipts as proof-of-laundering). You may also choose to keep disposable lab coats on hand.  This is a quick and convenient way to ensure that all employees have their garb.  Don’t send your employees home as walking biohazards.

Lab coats for everyone.  That’s haute!

 

Written by Jill Obrochta and Heather Whitt of Dental Enhancements.