Gain access to the recording of our recent webinar with a HIPAA expert, and you’ll learn:
A comprehensive compliance tool for your practice that allows you to:
Your practice is at a greater risk for cyber attacks due to the nature of your business, and the large amount of personal data available in a medical office. OfficeSafe helps with personal identity theft, email encryption, and even keeps a physical, encrypted copy of all your records, so you’re ready for anything.
We’re always here to help you, so simply fill out this short form, and we’ll send you a link to the webinar and risk assessment, all for FREE!
Medical and dental offices are required to have extensive training regarding guidelines and requirements for HIPAA, OSHA and dealing with blood borne pathogens. These compliance rules and training processes are for the safety of both the patient and the staff as well as for the protection of patient records. Some of the questions that are typically addressed relate to compliance and while detailed information can be found on the OSHA.gov or HHS.gov websites, some of the data isn’t very clearly defined and also relies heavily on legal interpretation.
Is HIPAA and OSHA training required to be done on an annual basis?
The answer to this is yes for OSHA. It’s mandatory for OSHA training for all employees and within ten days of hiring a new hire. HIPAA requires that organizations provide all employees the training, new hire staff and then periodic refresher training. One can interpret ‘periodic’ in a number of ways, but most organizations implement HIPAA training on an annual basis and this is considered to be a kind of ‘best practice’ action. The reason for this is that HIPAA regulations have an annual update and failure to comply with new regulations can result in consequences, including fines.
Are Physicians and Dentists excluded from the training?
OSHA training is a mandatory requirement for all staff, including doctors, dentists, administrative employees, nurses and even part time employees.
HIPA training is a mandatory requirement for all individuals that come into contact with PHI (protected health information) and this includes physicians, nurses, doctors, receptionists, administrative and part time staff as well as interns. More specialized training may be required for those staff members that have certain positions, such as HIM, network administration, information technology or regulatory compliance.
How long is the average training?
This is another topic that is open for interpretation. HIPAA doesn’t have a particular duration of time for training, however, it must be long enough to cover the requirement information in an effective manner.
Neither OSHA nor HIPAA training can be accomplished in a few minutes, but to put staff’s mind at ease, it also doesn’t require weeks.
What kind of topics should be covered?
Topics list for OSHA are found on the osha.gove website and they include the OSHA standard training requirements. HIPAA training information can be found at the hhs.gov website.
A summary of the HIPAA and OSHA requirements as of 2013 include:
Annual OSHA Employee Training, GHS: Global Harmonization System Proof of Training, HIPAA Omnibus Rule Employee Training & Implement Protocols
New employees or alteration of duties due to a job change include the following procedural training information that involves potential new hazards:
General Office Safety – including injury and illness prevention program (IIPP), fire safety and emergency responses, eyewash stations, and washrooms; Hazard Communication
Ionizing Radiation; Blood borne Pathogens – including medical waste management information.